From 2707f4d15641509ab375494012c19b116e80cc7c Mon Sep 17 00:00:00 2001 From: Pavel Raiskup Date: Sun, 4 Feb 2024 22:21:17 +0100 Subject: [PATCH] Non-privileged actions performed with GID=135 (mock) Hopefully, we do not open a can of worms.., but using GID=135 for non-privileged operations seems like the most expected Mock behavior. This way, we automatically maintain the ownership-bridge between the on-host user and the in-chroot user (both present in the 'mock' group). Mock started to map the unprivGid to the default GID of the on-host user in the commit 5cce73a26e3ce6877c2f429f9a34ce4515442279, which is very old and rather seems like a mistake rather than intention. Fixes: #1257 --- mock/py/mockbuild/uid.py | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/mock/py/mockbuild/uid.py b/mock/py/mockbuild/uid.py index 866a5fd3f..8eaae6262 100644 --- a/mock/py/mockbuild/uid.py +++ b/mock/py/mockbuild/uid.py @@ -22,13 +22,12 @@ def setup_uid_manager(): mockgid = grp.getgrnam('mock').gr_gid unprivUid = os.getuid() - unprivGid = os.getgid() + unprivGid = mockgid # sudo if os.environ.get("SUDO_UID") is not None: unprivUid = int(os.environ['SUDO_UID']) os.setgroups((mockgid,)) - unprivGid = int(os.environ['SUDO_GID']) # consolehelper if os.environ.get("USERHELPER_UID") is not None: @@ -36,7 +35,6 @@ def setup_uid_manager(): unprivName = pwd.getpwuid(unprivUid).pw_name secondary_groups = [g.gr_gid for g in grp.getgrall() if unprivName in g.gr_mem] os.setgroups([mockgid] + secondary_groups) - unprivGid = pwd.getpwuid(unprivUid)[3] uidManager = UidManager(unprivUid, unprivGid) return uidManager