View Bug Details

IDProjectCategoryView StatusLast Update
0002001DCP-o-maticBugspublic2023-09-01 21:50
Reportercarl Assigned Tocarl  
PriorityimmediateSeveritycrashReproducibilityalways
Status closedResolutionfixed 
OSDebianOS Version10 
Target Version2.16.0 
Summary0002001: Disk writer fails on debian 10 with seteuid() call failed with 1(0)
Description

even though _writer is apparently setuid root and running as root.

TagsNo tags attached.
Branchdebug-uid
Estimated weeks required
Estimated work requiredUndecided

Activities

carl

2021-05-22 21:54

administrator   ~0004360

Very odd; a test executable chmod 4755 and chown root:root behaves as I would expect (start it as carl and ps aux shows it running as root). Same thing with dcpomatic2_disk_writer and ps aux shows it running as carl.

carl

2021-05-22 23:53

administrator   ~0004363

Built DoM in the Debian 10 VM and the built copy of dcpomatic2_disk_writer seems to behave as you'd expect.

carl

2021-05-22 23:53

administrator   ~0004364

So /usr/bin/dcpomatic2_disk_writer does not work but /usr/local/bin/dcpomatic2_disk_writer does.

carl

2021-05-25 14:06

administrator   ~0004380

Same thing seems to happen on Mageia 7.

carl

2021-05-25 21:59

administrator   ~0004392

Making a test program which drops privileges gives the same result in the output of ps aux i.e. maybe the setuid is working but something is dropping privileges. Doesn't really explain why it can't get them back again...

carl

2021-05-25 21:59

administrator   ~0004393

Building a test package on debug-uid to give some more debug output.

carl

2021-05-25 22:59

administrator   ~0004394

ruid, euid, suid are all 1000 at the top of main() in the suid-ed dcpomatic2_disk_writer

carl

2021-05-25 23:42

administrator   ~0004395

Looks like we need to do /sbin/setcap cap_setuid+ep /usr/bin/dcpomatic2_disk_writer

carl

2021-05-25 23:52

administrator   ~0004396

debug-uid branch has an attempt at this.

carl

2021-05-25 23:53

administrator   ~0004397

Doesn't explain why the self-built version works correctly with setuid...

carl

2021-05-26 00:10

administrator   ~0004398

That fix works so needs applying to Mageia also.

carl

2021-05-26 00:14

administrator   ~0004399

Tried it for RPM; Mageia 8 build needs testing, then see if that breaks any other RPM builds.

carl

2021-05-26 07:04

administrator   ~0004400

Maybe can use finer-grained capability?

  • CAP_DAC_OVERRIDE
  • CAP_FOWNER
  • CAP_SYS_ADMIN
  • CAP_SYS_RAWIO

carl

2021-05-26 07:05

administrator   ~0004401

i.e. don't setuid to root unless we're actually setuid, otherwise just do the operation.

carl

2021-05-26 10:22

administrator   ~0004402

CAP_DAC_OVERRIDE works.

carl

2021-05-26 10:23

administrator   ~0004403

CAP_FOWNER does not.

carl

2021-05-26 10:24

administrator   ~0004404

CAP_SYS_ADMIN does not

carl

2021-05-26 10:25

administrator   ~0004405

CAP_SYS_RAWIO does not.

carl

2021-05-26 22:09

administrator   ~0004411

12b8695cac964fb57adceb751126c199f8d0fe0f and nearby.

Bug History

Date Modified Username Field Change
2021-05-12 23:38 carl New Bug
2021-05-12 23:38 carl Assigned To => carl
2021-05-12 23:38 carl Status new => confirmed
2021-05-12 23:38 carl Tag Attached: alpha-2-blocker
2021-05-20 13:52 carl Tag Attached: alpha-3-blocker
2021-05-20 13:52 carl Tag Detached: alpha-2-blocker
2021-05-22 21:54 carl Note Added: 0004360
2021-05-22 23:53 carl Note Added: 0004363
2021-05-22 23:53 carl Note Added: 0004364
2021-05-23 08:48 carl Tag Detached: alpha-3-blocker
2021-05-25 14:06 carl Note Added: 0004380
2021-05-25 21:59 carl Note Added: 0004392
2021-05-25 21:59 carl Note Added: 0004393
2021-05-25 22:59 carl Note Added: 0004394
2021-05-25 23:42 carl Note Added: 0004395
2021-05-25 23:52 carl Branch => debug-uid
2021-05-25 23:52 carl Estimated work required => Undecided
2021-05-25 23:52 carl Note Added: 0004396
2021-05-25 23:53 carl Note Added: 0004397
2021-05-26 00:10 carl Note Added: 0004398
2021-05-26 00:14 carl Note Added: 0004399
2021-05-26 07:04 carl Note Added: 0004400
2021-05-26 07:05 carl Note Added: 0004401
2021-05-26 10:22 carl Note Added: 0004402
2021-05-26 10:23 carl Note Added: 0004403
2021-05-26 10:24 carl Note Added: 0004404
2021-05-26 10:25 carl Note Added: 0004405
2021-05-26 22:09 carl Status confirmed => resolved
2021-05-26 22:09 carl Resolution open => fixed
2021-05-26 22:09 carl Note Added: 0004411
2023-09-01 21:50 carl Status resolved => closed