Fix setresuid to 'postgres' error handling

PMG::DBTools::postgres_admin_cmd switches the euid to postgres. The error
handling expected that the setresuid (2) call failed if $! was != 0, without
explicitly setting it to 0 beforehand. This lead to a false positive if errno
was set from a previous library call.

This patch changes the code to explicitly call the setresuid syscall (exposed
via a separate patch to pve-common) and check for an error.

Steps to reproduce:
* install nscd on a system
* try installing pmg-api (the postinst script invokes `pmgdb init`)

The issue was further discussed in [0].

[0] https://pve.proxmox.com/pipermail/pmg-devel/2019-April/000362.html

Reported-By: Patrick Fogarty <patrick.fogarty@patanne.com>
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>

diff --git a/PMG/DBTools.pm b/PMG/DBTools.pm
index 24a692a223d2df38e9bdf8c5c4ac92e0c129effa..464b0136644470fde12394a532a9efd30a417904 100644 (file)
--- a/PMG/DBTools.pm
+++ b/PMG/DBTools.pm
@@ -4,7 +4,7 @@ use strict;
 use warnings;
 
 use POSIX ":sys_wait_h";
-use POSIX ':signal_h';
+use POSIX qw(:signal_h getuid);
 use DBI;
 use Time::Local;
 
@@ -80,12 +80,17 @@ sub postgres_admin_cmd {
     my ($cmd, $options, @params) = @_;
 
     $cmd = ref($cmd) ? $cmd : [ $cmd ];
-    my $uid = getpwnam('postgres') || die "getpwnam postgres failed\n";
 
-    local $> = $uid;
-    $! &&  die "setuid postgres ($uid) failed - $!\n";
+    my $save_uid = POSIX::getuid();
+    my $pg_uid = getpwnam('postgres') || die "getpwnam postgres failed\n";
+
+    PVE::Tools::setresuid(-1, $pg_uid, -1) ||
+       die "setresuid postgres ($pg_uid) failed - $!\n";
 
     PVE::Tools::run_command([@$cmd, '-U', 'postgres', @params], %$options);
+
+    PVE::Tools::setresuid(-1, $save_uid, -1) ||
+       die "setresuid back failed - $!\n";
 }
 
 sub delete_ruledb {