[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <939d53060803191052o2f43b75cu426d51f9f24e2a46@mail.gmail.com>
Date: Wed, 19 Mar 2008 18:52:41 +0100
From: "Benjamin Thery" <ben.thery@...il.com>
To: "Tilman Schmidt" <tilman@...p.cc>
Cc: "Andrew Morton" <akpm@...ux-foundation.org>,
linux-kernel@...r.kernel.org, netdev@...r.kernel.org,
"David Miller" <davem@...emloft.net>, pekkas@...core.fi,
yoshfuji@...ux-ipv6.org, "Daniel Lezcano" <dlezcano@...ibm.com>,
"Pavel Emelyanov" <xemul@...nvz.org>
Subject: Re: [2.6.25-rc5-mm1] regression: cannot run Postfix sendmail command as non-root
Tilman,
I've finally managed to reproduce your problem with Postfix on one of
my victims.
Earlier, in the afternoon, I wrote a piece of code that triggered a
similar behaviour,
but I wasn't sure it was exactly the problem you found. So, I've
rebuilt Postfix, added
some traces and, voila, same issue as yours.
(The version of Postfix originally installed on my machine seems to
have IPv6 disabled)
I bisected the problem to the commit "[NET]: Make /proc/net a symlink
on /proc/self/net (v3)"
Here is what happens:
- Recently /proc/net has been moved to /proc/self/net, and
/proc/self/net is a symlink
on this directory.
- Before that everybody could access /proc/net and read /proc/net/if_inet6:
dr-xr-xr-x 6 root root 0 2008-03-05 15:23 /proc/net
- Now, /proc/self/net has a more restrictive access mode and ony the
owner of the
process can enter the directory:
dr-xr--r-- 5 toto toto 0 Mar 19 17:30 net
This is not a problem in most of the cases, but it becomes annoying
when a process
decides to change its UID or GID. It may loose access to its own
/proc/self/net entries.
- What happens in the Postfix case is the 'sendmail' process executes the
'/usr/sbin/postdrop' binary to enqueue the message, but unfortunately
'/usr/bin/postdrop' has the setgid bit set:
-rwxr-sr-x 1 root postdrop 479475 Mar 19 17:14 /usr/sbin/postdrop
The process egid changes and this seems to be problematic to access
/proc/self/net/if_inet6. :)
I've attached a tiny test program that can be used to reproduce the problem
without Postfix.
- Either execute it as root and give it an unprivileged uid in argument
./test-proc_net_if_inet6 1001
- Or change its ownership and access mode to: -rwxr-sr-x root postdrop
and execute it as a lambda user.
chown root:postdrop test-proc_net_if_inet6; chmod 2755 test-proc_net_if_inet6
./test-proc_net_if_inet6
I've found the cause but not the fix. :)
(Adding Pavel in cc:)
Regards,
Benjamin
On Thu, Mar 13, 2008 at 8:48 PM, Tilman Schmidt <tilman@...p.cc> wrote:
> Am 11.03.2008 09:14 schrieb Andrew Morton:
> > ftp://ftp.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.25-rc5/2.6.25-rc5-mm1/
>
> I'm noticing a strange effect with this:
>
> On my openSUSE 10.3 development machine with SUSEs default MTA
> Postfix installed, I occasionally send a pre-formatted mail by
> feeding it directly into "/usr/sbin/sendmail -t". If I try that
> while running a 2.6.25-rc5-mm1 kernel, I get:
>
> ts@...on:~/kernel> /usr/sbin/sendmail -t < patch-usb-reduce-syslog-clutter-v3
> postdrop: warning: can't open /proc/net/if_inet6 (Permission denied) - skipping IPv6 configuration
> postdrop: fatal: parameter inet_interfaces: no local interface found for ::1
> sendmail: warning: command "/usr/sbin/postdrop -r" exited with status 1
> sendmail: fatal: ts(1000): unable to execute /usr/sbin/postdrop -r: Success
> ts@...on:~/kernel>
>
> and unsurprisingly, the mail is not sent. If I do the same as root,
> everything works as usual, there is no console output from the
> sendmail command, and the mail goes out as it should. All other
> networking applications appear to be running normally.
>
> On a 2.6.25-rc5 (non-mm) kernel I do not need to run the sendmail
> command as root. It works just as well if I run it as myself.
>
> IPv6 is not in use on that machine. The Ethernet interface has
> just the link local IPv6 address. Possibly relevant information:
>
> ts@...on:~> /sbin/ifconfig -a
> eth0 Protokoll:Ethernet Hardware Adresse 00:19:D1:03:D8:FF
> inet Adresse:192.168.59.102 Bcast:192.168.59.255 Maske:255.255.255.0
> inet6 Adresse: fe80::219:d1ff:fe03:d8ff/64 Gültigkeitsbereich:Verbindung
> UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:78 errors:0 dropped:0 overruns:0 frame:0
> TX packets:145 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 Sendewarteschlangenlänge:100
> RX bytes:9547 (9.3 Kb) TX bytes:17952 (17.5 Kb)
> Speicher:92c00000-92c20000
>
> lo Protokoll:Lokale Schleife
> inet Adresse:127.0.0.1 Maske:255.0.0.0
> inet6 Adresse: ::1/128 Gültigkeitsbereich:Maschine
> UP LOOPBACK RUNNING MTU:16436 Metric:1
> RX packets:2 errors:0 dropped:0 overruns:0 frame:0
> TX packets:2 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 Sendewarteschlangenlänge:0
> RX bytes:100 (100.0 b) TX bytes:100 (100.0 b)
>
> ts@...on:~/kernel> ls -l /proc/net/if_inet6
> -r--r--r-- 1 root root 0 13. Mär 19:26 /proc/net/if_inet6
> ts@...on:~> cat /proc/net/if_inet6
> fe800000000000000219d1fffe03d8ff 02 40 20 80 eth0
> 00000000000000000000000000000001 01 80 10 80 lo
> ts@...on:~> uname -a
> Linux xenon 2.6.25-rc5-mm1-testing #1 SMP PREEMPT Tue Mar 11 14:34:49 CET 2008 i686 i686 i386 GNU/Linux
>
> As you see, I can cat /proc/net/if_inet6 as regular (non-root) user
> just fine, even though Postfix complains it cannot access it.
> The content of /proc/net/if_inet6 is identical if I cat it on
> kernel 2.6.25-rc5 mainline.
>
> CCing a selection of IPv6 networking related maintainer addresses.
> If you need more information or want me to test something, let me
> know.
>
> HTH
> T.
>
> --
> Tilman Schmidt E-Mail: tilman@...p.cc
> Bonn, Germany
> Diese Nachricht besteht zu 100% aus wiederverwerteten Bits.
> Ungeöffnet mindestens haltbar bis: (siehe Rückseite)
>
>
View attachment "test-proc_net_if_inet6.c" of type "text/x-csrc" (497 bytes)
Powered by blists - more mailing lists