From 85b6ed540eed4b5f3752cbfc244d30b2af5e1d2d Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Wed, 2 Mar 2011 00:04:01 +0000
Subject: [PATCH] 3039.   [bug]           Save and restore the gid when
 creating creating                         named.pid at startup. [RT #23290]

---
 CHANGES             | 5 ++++-
 bin/named/unix/os.c | 7 +++++--
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/CHANGES b/CHANGES
index b14e4c6478..45c6bbfc7a 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,4 +1,7 @@
-3048.	[bug]		Fully seperate view key mangement. [RT #23419]
+3039.	[bug]		Save and restore the gid when creating creating
+			named.pid at startup. [RT #23290]
+
+3048.	[bug]		Fully separate view key mangement. [RT #23419]
 
 3047.   [bug]		DNSKEY NODATA responses not cached fixed in
 			validator.c. Tests added to dnssec system test.
diff --git a/bin/named/unix/os.c b/bin/named/unix/os.c
index 33ff783ca3..9637ded473 100644
--- a/bin/named/unix/os.c
+++ b/bin/named/unix/os.c
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: os.c,v 1.104.38.2 2011/02/28 01:19:59 tbox Exp $ */
+/* $Id: os.c,v 1.104.38.3 2011/03/02 00:04:01 marka Exp $ */
 
 /*! \file */
 
@@ -790,6 +790,9 @@ ns_os_openfile(const char *filename, mode_t mode, isc_boolean_t switch_user) {
 	free(f);
 
 	if (switch_user && runas_pw != NULL) {
+#ifndef HAVE_LINUXTHREADS
+		gid_t oldgid = getgid();
+#endif
 		/* Set UID/GID to the one we'll be running with eventually */
 		setperms(runas_pw->pw_uid, runas_pw->pw_gid);
 
@@ -797,7 +800,7 @@ ns_os_openfile(const char *filename, mode_t mode, isc_boolean_t switch_user) {
 
 #ifndef HAVE_LINUXTHREADS
 		/* Restore UID/GID to root */
-		setperms(0, 0);
+		setperms(0, oldgid);
 #endif /* HAVE_LINUXTHREADS */
 
 		if (fd == -1) {