[PATCH] LSM: SafeSetID: fix UID printed instead of GID
Alexander Mikhalitsyn
aleksandr.mikhalitsyn at canonical.com
Tue May 2 14:18:32 UTC 2023
pr_warn message clearly says that GID should be printed,
but we have UID there. Let's fix that.
Found accidentaly during the work on isolated user namespaces.
Signed-off-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn at canonical.com>
---
security/safesetid/lsm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/safesetid/lsm.c b/security/safesetid/lsm.c
index e806739f7868..6191e5ba0f70 100644
--- a/security/safesetid/lsm.c
+++ b/security/safesetid/lsm.c
@@ -131,7 +131,7 @@ static int safesetid_security_capable(const struct cred *cred,
* set*gid() (e.g. setting up userns gid mappings).
*/
pr_warn("Operation requires CAP_SETGID, which is not available to GID %u for operations besides approved set*gid transitions\n",
- __kuid_val(cred->uid));
+ __kuid_val(cred->gid));
return -EPERM;
default:
/* Error, the only capabilities were checking for is CAP_SETUID/GID */
--
2.34.1
More information about the Linux-security-module-archive
mailing list