The setresuid path in set_effective_uid() behaves differently from the other paths: it sets the real user ID as well as the effective one. The other paths do not set the real user ID. Whether or not this is a good thing, it is actually necessary for OpenAFS to work. Otherwise all tokens are created for the root user, overwriting any previous tokens, which makes it impossible for more than one person to log in.
This bug has been around for a long time, but it wasn't really triggered until:
So the trigger has been in place since 3.2.4. I opened it against 3.4.5, because that's the version I was trying to upgrade to from 3.0.33 (RHEL5).
I suggest adding set_re_uid() after setreuid(). We tried 2 fixes: reverting the above by defining USE_SETRESUID in lib/util_sec.c, and set_re_uid(). Either works. Since set_re_uid() doesn't work in the USE_SETEUID case, I suppose there should also be a guard against using that with WITH_FAKE_KASERVER.
Can you attach the patch you need please so I can understand exactly what changes you're proposing ?
Created attachment 5409 [details]
Make setreuid path set real id
I described the change rather than providing a patch because I do not know what the expected semantics are. It's possible that this breaks things in subtle ways, but it works well enough for us.