Continuation of e5c05549.

Get rid of any race conditions and call anything that was in
_pre_task_privileged from the parent instead of the child.

NOTE: This should be safe as we don't execute the task until after
_exec_wait_child_wait_for_parent is signaled which happens after all this is
long over.

src/slurmd/slurmstepd/mgr.c

@@ -1403,19 +1403,6 @@ fail1:
 	return(rc);
 }
 
-static int
-_pre_task_privileged(stepd_step_rec_t *job, int taskid, struct priv_state *sp)
-{
-	if (_reclaim_privileges(sp) < 0)
-		return SLURM_ERROR;
-
-	if (spank_task_privileged (job, taskid) < 0)
-		return error("spank_task_init_privileged failed");
-
-	/* sp->gid_list should already be initialized */
-	return(_drop_privileges (job, true, sp, false));
-}
-
 struct exec_wait_info {
 	int id;
 	pid_t pid;
@@ -1725,15 +1712,6 @@ _fork_all_tasks(stepd_step_rec_t *job, bool *io_initialized)
 			if (conf->propagate_prio)
 				_set_prio_process(job);
 
-			/*
-			 *  Reclaim privileges and call any plugin hooks
-			 *  that may require elevated privs
-			 *  sprivs.gid_list is already set from the
-			 *  _drop_privileges call above, no not reinitialize.
-			 */
-			if (_pre_task_privileged(job, i, &sprivs) < 0)
-				exit(1);
-
  			if (_become_user(job, &sprivs) < 0) {
  				error("_become_user failed: %m");
 				/* child process, should not return */
@@ -1819,6 +1797,12 @@ _fork_all_tasks(stepd_step_rec_t *job, bool *io_initialized)
 			      i, job->task[i]->pid, job->pgid);
 		}
 
+		if (spank_task_privileged(job, i) < 0) {
+			error("spank_task_privileged: %m");
+			rc = SLURM_ERROR;
+			goto fail2;
+		}
+
 		if (task_g_pre_launch_priv(job, job->task[i]->pid) < 0) {
 			error("task_g_pre_launch_priv: %m");
 			rc = SLURM_ERROR;