Opened 9 years ago

Closed 8 years ago

#577 closed defect (fixed)

b10-auth -u and message socket permission

Reported by: jreed Owned by: shane
Priority: low Milestone:
Component: ~Boss of BIND (obsolete) Version:
Keywords: Cc:
CVSS Scoring: Parent Tickets:
Sensitive: no Defect Severity: N/A
Sub-Project: Core Feature Depending on Ticket:
Estimated Difficulty: 0.0 Add Hours to Ticket: 0
Total Hours: 0 Internal?: no


Using -u for b10-auth does the setuid before connecting to msgq socket so:

[b10-auth] Server failed: Unable to connect to message queue: Permission denied

This is in the odd case that the socket was not readable by the -u user.

Maybe this is okay behaviour and just the problem with wrong permission socket should be fixed.


Change History (4)

comment:1 Changed 9 years ago by vorner

I guess the socket should be readable by the user for these reasons:

  • There are processes started as the user (xfrout, xfrin, zonemgr, stats…), they couldn't read it.
  • In the long term, we don't want to start -auth as root either. We want the socket creator to be started as root and others just request for sockets.

How did you get the socket that is unreadable? If it is created automatically, then it would be a bug.

comment:2 Changed 8 years ago by shane

  • Component changed from Unclassified to Boss of BIND
  • Defect Severity set to N/A
  • Owner set to vorner
  • Status changed from new to assigned
  • Sub-Project set to Core

We don't seem to currently support setuid.

If that is correct, then we can resolve this ticket, but need to create another ticket for setuid support, if it does not already exist.

Michal, am I correct?

comment:3 Changed 8 years ago by vorner

  • Owner changed from vorner to shane


I'm not entirely sure I understand what you mean with the other ticket, but the status is this, if I look correctly:

  • Boss starts
  • It starts the socket creator
  • If there was a -u parameter, it changes the user
  • The other things, including msgq are started.

So, the auth no longer supports -u (and maybe we don't want it to, if we wanted every component to be running as a different user, we'd add support into boss, not every component) and everything that ever touches the socket file is started by the same user. So the problem should no longer exist.

comment:4 Changed 8 years ago by shane

  • Resolution set to fixed
  • Status changed from assigned to closed

Ah, okay. I didn't see that this is done in isc.special_process. It's a bit counter-intuitive for me that the uid is set this way, but I don't see any special reason to change it.


Note: See TracTickets for help on using tickets.