pthbs

Packaging Through Hashed Build Scripts
git clone https://ccx.te2000.cz/git/pthbs
Log | Files | Refs | Submodules | README
commit 67d3f04c9cfb92e39dc585bbc8c84ea54aba3389
parent 4286a49ad4df0c4d1fb5263ba6e90c7f7648f376
Author: Jan Pobříslo <ccx@te2000.cz>
Date:   Thu, 22 Feb 2024 08:53:46 +0100

Write to setgroups to enable setting gid

Diffstat:

Muserns_sandbox.py | 3+++


1 file changed, 3 insertions(+), 0 deletions(-)

diff --git a/userns_sandbox.py b/userns_sandbox.py
@@ -204,6 +204,9 @@ def map_uid_gid(orig_uid, orig_gid):
     with open('/proc/self/uid_map', 'wt') as f:
         f.write(f'{orig_uid} {orig_uid} 1\n')
 
+    with open('/proc/self/setgroups', 'wt') as f:
+        f.write('deny\n')
+
     with open('/proc/self/gid_map', 'wt') as f:
         f.write(f'{orig_gid} {orig_gid} 1\n')