Hi,
i discover a reproducible problem with stat when i was setting
openssh for linux. Since i am not a kernel developer but a net
admin i report this fyi so somebody can fix it.
I found it when the sshd daemon refuse to authenticate my users
via rsa crypto so i launch ltrace to find where it fails and i
found that it fail in the stat libc function which is a front end
to the sys_newstat kernel system call.
The stat function reports permision denied when certain conditions
are met, i try to replicate this problem on other unices (fbsd 3.4
and solaris 7) but they seems to do the right thing.
I compiled this little program to replicate what sshd was doing
when it fail and it clearly shows the problems:
/* chkstat.c begin here */
#include <errno.h>
#include <sys/stat.h>
#include <unistd.h>
#define FILE2STAT "/home/solca/chkstat"
int main (int argc, char ** arv) {
struct stat st_stat;
seteuid(500);
perror (strerror (errno));
stat (FILE2STAT, &st_stat);
perror (strerror (errno));
system ("id");
return 0;
}
/* chkstat.c end here */
Obviously you have to modify the FILE2STAT to your home dir and
assume my user is solca and it has uid of 500.
The program must run as root, then it changes the euid to your
user and then it stat the file, any error is reported by perror.
In my case this program fails to stat the file with the following
conditions:
The /home directory is group owned by any other group where your user
belongs but root doesn't belong.
The /home directory is in 0750 mode.
The file to stat is not a relative path but an absolute one.
The program is run as root but as you can see it changes the euid
to your user.
When this conditions are in place stat fails under linux, so the
temporary fix is to chmod 0755 the /home directory.
Here is how i do it:
$ ls -la /home
total 6
drwxr-x--- 6 root solca 1024 Feb 18 14:15 ./
drwxr-xr-x 16 root root 1024 Feb 12 09:49 ../
drwxr-xr-x 6 root root 1024 Oct 28 04:13 ftp/
drwxr-xr-x 2 root nobody 1024 Nov 10 21:32 samba/
drwx------ 13 solca solca 2048 Mar 9 16:55 solca/
$ cd
$ gcc -o chkstat chkstat.c
$ ./chkstat
Success: Success
Success: Success
uid=500(solca) gid=500(solca) groups=500(solca)
$ sudo bash
# ./chkstat
Success: Success
Success: Success
uid=0(root) gid=0(root) euid=500(solca) groups=500(solca)
# su
# ./chkstat
Success: Success
Permission denied: Permission denied
uid=0(root) gid=0(root) euid=500(solca) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
# chmod 755 /home
# ./chkstat
Success: Success
Success: Success
uid=0(root) gid=0(root) euid=500(solca) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
My kernels are 2.2.[13,14,15pre5] and 2.3.47.
Hope somebody can help me in this one...
-otto
-- answers? $ perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Mar 15 2000 - 21:00:17 EST