From 26ce47cc3e2003c30bae8206c3085f0814c9a842 Mon Sep 17 00:00:00 2001
From: Pavel Reichl <reichl.pavel@gmail.com>
Date: Apr 17 2014 08:31:14 +0000
Subject: KRB: do not check ccache directory for GID


---

diff --git a/src/providers/krb5/krb5_utils.c b/src/providers/krb5/krb5_utils.c
index f921b06..0734310 100644
--- a/src/providers/krb5/krb5_utils.c
+++ b/src/providers/krb5/krb5_utils.c
@@ -416,15 +416,12 @@ done:
     return res;
 }
 
-static errno_t check_parent_stat(struct stat *parent_stat,
-                                 uid_t uid, gid_t gid)
+static errno_t check_parent_stat(struct stat *parent_stat, uid_t uid)
 {
-    if (!((parent_stat->st_uid == 0 && parent_stat->st_gid == 0) ||
-           parent_stat->st_uid == uid)) {
+    if (parent_stat->st_uid != 0 && parent_stat->st_uid != uid) {
         DEBUG(SSSDBG_CRIT_FAILURE,
               "Private directory can only be created below a directory "
-               "belonging to root or to [%"SPRIuid"][%"SPRIgid"].\n",
-               uid, gid);
+              "belonging to root or to [%"SPRIuid"].\n", uid);
         return EINVAL;
     }
 
@@ -589,7 +586,7 @@ create_ccache_dir(const char *ccdirname, pcre *illegal_re,
         goto done;
     }
 
-    ret = check_parent_stat(&parent_stat, uid, gid);
+    ret = check_parent_stat(&parent_stat, uid);
     if (ret != EOK) {
         DEBUG(SSSDBG_FATAL_FAILURE,
               "Check the ownership and permissions of krb5_ccachedir: [%s].\n",