X-Git-Url: https://git.gag.com/?a=blobdiff_plain;ds=sidebyside;f=set_perms.c;h=81e2e76057f618317350111ed5922e67bbe38211;hb=db40f7b6672ba244a51aef07459e038232f9442f;hp=4e7dc9cf821533492c68fa3cf40d48f4b667c9a3;hpb=d7751e8b58b26f298b57d31ae87386e685eb8c14;p=debian%2Fsudo

diff --git a/set_perms.c b/set_perms.c
index 4e7dc9c..81e2e76 100644
--- a/set_perms.c
+++ b/set_perms.c
@@ -488,7 +488,8 @@ runas_setgroups()
 # ifdef HAVE_GETGROUPS
     static GETGROUPS_T *groups;
 # endif
-    struct passwd *pw;
+    static struct passwd *pw;
+    struct passwd *opw = pw;
 
     if (def_preserve_groups)
 	return;
@@ -496,14 +497,18 @@ runas_setgroups()
     /*
      * Use stashed copy of runas groups if available, else initgroups and stash.
      */
-    if (ngroups == -1) {
-	pw = runas_pw ? runas_pw : sudo_user.pw;
+    pw = runas_pw ? runas_pw : sudo_user.pw;
+    if (pw != opw) {
 # ifdef HAVE_SETAUTHDB
 	aix_setauthdb(pw->pw_name);
 # endif
 	if (initgroups(pw->pw_name, pw->pw_gid) < 0)
 	    log_error(USE_ERRNO|MSG_ONLY, "can't set runas group vector");
 # ifdef HAVE_GETGROUPS
+	if (groups) {
+	    efree(groups);
+	    groups = NULL;
+	}
 	if ((ngroups = getgroups(0, NULL)) > 0) {
 	    groups = emalloc2(ngroups, sizeof(GETGROUPS_T));
 	    if (getgroups(ngroups, groups) < 0)