return True;
}
+/****************************************************************************
+ Change UNIX security context. Calls panic if not successful so no return value.
+****************************************************************************/
+
+static void set_unix_security_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups)
+{
+ /* Start context switch */
+ gain_root();
+#ifdef HAVE_SETGROUPS
+ sys_setgroups(ngroups, groups);
+#endif
+ become_id(uid, gid);
+ /* end context switch */
+}
+
/****************************************************************************
Set the current security context to a given user.
****************************************************************************/
debug_nt_user_token(DBGC_CLASS, 5, token);
debug_unix_user_token(DBGC_CLASS, 5, uid, gid, ngroups, groups);
- /* Start context switch */
- gain_root();
-#ifdef HAVE_SETGROUPS
- sys_setgroups(ngroups, groups);
-#endif
- become_id(uid, gid);
- /* end context switch */
+ /* Change uid, gid and supplementary group list. */
+ set_unix_security_ctx(uid, gid, ngroups, groups);
ctx_p->ut.ngroups = ngroups;
prev_ctx_p = &sec_ctx_stack[sec_ctx_stack_ndx];
- /* Start context switch */
- gain_root();
-#ifdef HAVE_SETGROUPS
- sys_setgroups(prev_ctx_p->ut.ngroups, prev_ctx_p->ut.groups);
-#endif
- become_id(prev_ctx_p->ut.uid, prev_ctx_p->ut.gid);
- /* end context switch */
+ /* Change uid, gid and supplementary group list. */
+ set_unix_security_ctx(prev_ctx_p->ut.uid,
+ prev_ctx_p->ut.gid,
+ prev_ctx_p->ut.ngroups,
+ prev_ctx_p->ut.groups);
/* Update current_user stuff */