Skip to content

Commit 8cc80f1

Browse files
bleggettbleggett
committed
Fmt
1 parent 86d264c commit 8cc80f1

File tree

1 file changed

+23
-5
lines changed

1 file changed

+23
-5
lines changed

src/wrap.rs

Lines changed: 23 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -645,7 +645,11 @@ impl Wrappable for CreateRequest {
645645
set_keep_caps()?;
646646
// Set these *first*, before we exec. Otherwise
647647
// we may not be able to switch after dropping caps.
648-
apply_gid_uid(self.exec.gid, self.exec.uid, self.exec.supplemental_gids.as_ref())?;
648+
apply_gid_uid(
649+
self.exec.gid,
650+
self.exec.uid,
651+
self.exec.supplemental_gids.as_ref(),
652+
)?;
649653
// Now, we can synchronize effective/inherited/permitted caps
650654
// as a final step.
651655
apply_capabilities(self.capabilities.as_ref())?;
@@ -840,7 +844,11 @@ impl Wrappable for AttachRequest {
840844
debug!("all namespaces joined -- forking child");
841845
fork_and_wait()?;
842846

843-
apply_gid_uid(self.exec.gid, self.exec.uid, self.exec.supplemental_gids.as_ref())?;
847+
apply_gid_uid(
848+
self.exec.gid,
849+
self.exec.uid,
850+
self.exec.supplemental_gids.as_ref(),
851+
)?;
844852

845853
self.exec.execute()
846854
}
@@ -856,7 +864,11 @@ impl Mutatable for CreateDirMutation {
856864
}
857865
}
858866

859-
fn apply_gid_uid(gid: Option<u32>, uid: Option<u32>, supplemental_gids: Option<&Vec<u32>>) -> Result<()> {
867+
fn apply_gid_uid(
868+
gid: Option<u32>,
869+
uid: Option<u32>,
870+
supplemental_gids: Option<&Vec<u32>>,
871+
) -> Result<()> {
860872
// NOTE - order is important here - must change GID *before* changing UID, to avoid
861873
// locking oneself out of the GID change with an "operation not permitted" error
862874
if let Some(target_gid) = gid {
@@ -872,9 +884,15 @@ fn apply_gid_uid(gid: Option<u32>, uid: Option<u32>, supplemental_gids: Option<&
872884
// Set supplemental gids, if any. As with changing the primary gid, this must happen before the UID shift.
873885
if let Some(target_supplemental_gids) = supplemental_gids {
874886
unsafe {
875-
let gids_libc: Vec<libc::gid_t> = target_supplemental_gids.iter().map(|g| *g as libc::gid_t).collect();
887+
let gids_libc: Vec<libc::gid_t> = target_supplemental_gids
888+
.iter()
889+
.map(|g| *g as libc::gid_t)
890+
.collect();
876891
if libc::setgroups(gids_libc.len(), gids_libc.as_ptr()) < 0 {
877-
warn!("unable to set supplemental GIDs: {:?}", Error::last_os_error());
892+
warn!(
893+
"unable to set supplemental GIDs: {:?}",
894+
Error::last_os_error()
895+
);
878896
}
879897
}
880898
}

0 commit comments

Comments
 (0)