From: Andrew Morton <akpm@linux-foundation.org>
To: "Benjamin Thery" <ben.thery@gmail.com>
Cc: tilman@imap.cc, linux-kernel@vger.kernel.org,
netdev@vger.kernel.org, davem@davemloft.net, pekkas@netcore.fi,
yoshfuji@linux-ipv6.org, dlezcano@fr.ibm.com, xemul@openvz.org,
"Rafael J. Wysocki" <rjw@sisk.pl>,
"Eric W. Biederman" <ebiederm@xmission.com>
Subject: Re: [2.6.25-rc5-mm1] regression: cannot run Postfix sendmail command as non-root
Date: Wed, 19 Mar 2008 14:16:08 -0700 [thread overview]
Message-ID: <20080319141608.ede86a86.akpm@linux-foundation.org> (raw)
In-Reply-To: <939d53060803191052o2f43b75cu426d51f9f24e2a46@mail.gmail.com>
On Wed, 19 Mar 2008 18:52:41 +0100
"Benjamin Thery" <ben.thery@gmail.com> wrote:
> Tilman,
>
> I've finally managed to reproduce your problem with Postfix on one of
> my victims.
>
> Earlier, in the afternoon, I wrote a piece of code that triggered a
> similar behaviour,
> but I wasn't sure it was exactly the problem you found. So, I've
> rebuilt Postfix, added
> some traces and, voila, same issue as yours.
> (The version of Postfix originally installed on my machine seems to
> have IPv6 disabled)
>
> I bisected the problem to the commit "[NET]: Make /proc/net a symlink
> on /proc/self/net (v3)"
>
> Here is what happens:
>
> - Recently /proc/net has been moved to /proc/self/net, and
> /proc/self/net is a symlink
> on this directory.
> - Before that everybody could access /proc/net and read /proc/net/if_inet6:
> dr-xr-xr-x 6 root root 0 2008-03-05 15:23 /proc/net
>
> - Now, /proc/self/net has a more restrictive access mode and ony the
> owner of the
> process can enter the directory:
> dr-xr--r-- 5 toto toto 0 Mar 19 17:30 net
>
> This is not a problem in most of the cases, but it becomes annoying
> when a process
> decides to change its UID or GID. It may loose access to its own
> /proc/self/net entries.
>
> - What happens in the Postfix case is the 'sendmail' process executes the
> '/usr/sbin/postdrop' binary to enqueue the message, but unfortunately
> '/usr/bin/postdrop' has the setgid bit set:
> -rwxr-sr-x 1 root postdrop 479475 Mar 19 17:14 /usr/sbin/postdrop
>
> The process egid changes and this seems to be problematic to access
> /proc/self/net/if_inet6. :)
>
> I've attached a tiny test program that can be used to reproduce the problem
> without Postfix.
> - Either execute it as root and give it an unprivileged uid in argument
> ./test-proc_net_if_inet6 1001
>
> - Or change its ownership and access mode to: -rwxr-sr-x root postdrop
> and execute it as a lambda user.
> chown root:postdrop test-proc_net_if_inet6; chmod 2755 test-proc_net_if_inet6
> ./test-proc_net_if_inet6
>
> I've found the cause but not the fix. :)
> (Adding Pavel in cc:)
>
Thanks for that - most useful.
Although this is advertised as a 2.6.25-rc5-mm1 problem, I assume the
regression is also in mainline? 2.6.25-rc6?
next prev parent reply other threads:[~2008-03-19 22:47 UTC|newest]
Thread overview: 129+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-03-11 8:14 2.6.25-rc5-mm1 Andrew Morton
2008-03-11 10:16 ` [Build Faliure] 2.6.25-rc5-mm1 build fails Kamalesh Babulal
2008-03-11 10:56 ` Edward Shishkin
2008-03-11 12:55 ` [Build Failure] 2.6.25-rc5-mm1 Build fails with allmodconfig probe_4drives undefined Kamalesh Babulal
2008-03-11 17:41 ` Andrew Morton
2008-03-11 19:35 ` Bartlomiej Zolnierkiewicz
2008-03-11 18:19 ` Andrew Morton
2008-03-11 19:36 ` Bartlomiej Zolnierkiewicz
2008-03-11 17:09 ` 2.6.25-rc5-mm1 (paravirt/vsmp/no PCI) Randy Dunlap
2008-03-11 18:18 ` Jeremy Fitzhardinge
2008-03-12 0:10 ` Ravikiran G Thirumalai
2008-03-12 1:42 ` Randy Dunlap
2008-03-12 1:51 ` Jeremy Fitzhardinge
2008-03-12 7:14 ` Ingo Molnar
2008-03-11 20:23 ` 2.6.25-rc5-mm1 serge
2008-03-11 20:39 ` 2.6.25-rc5-mm1 Andrew Morton
2008-03-12 19:33 ` 2.6.25-rc5-mm1 Torsten Kaiser
2008-03-12 19:44 ` 2.6.25-rc5-mm1 Andrew Morton
2008-03-12 20:01 ` 2.6.25-rc5-mm1 Torsten Kaiser
2008-03-13 22:05 ` 2.6.25-rc5-mm1 Torsten Kaiser
2008-03-13 22:35 ` 2.6.25-rc5-mm1 Andrew Morton
2008-03-13 23:10 ` 2.6.25-rc5-mm1 Badari Pulavarty
2008-03-21 12:12 ` 2.6.25-rc5-mm1 Ingo Molnar
2008-03-12 1:14 ` 2.6.25-rc5-mm1 Dave Young
2008-03-12 7:21 ` 2.6.25-rc5-mm1: NO_HZ=Y && PREEMPT_RCU=Y fails to build Laurent Riffard
2008-03-12 7:44 ` Andrew Morton
2008-03-12 21:32 ` Laurent Riffard
2008-03-12 23:43 ` Tilman Schmidt
2008-03-12 9:17 ` [BUILD_FAILURE] 2.6.25-rc5-mm1 build fails at startup_ipi_hook() with randconfig Kamalesh Babulal
2008-03-12 12:55 ` [BUG] 2.6.25-rc5-mm1 kernel panic with "Exception: 501 " on powerpc Kamalesh Babulal
2008-03-12 12:55 ` Kamalesh Babulal
2008-03-12 17:46 ` Andrew Morton
2008-03-12 17:46 ` Andrew Morton
2008-03-12 17:51 ` Matthew Wilcox
2008-03-12 17:51 ` Matthew Wilcox
2008-03-12 22:26 ` Michael Ellerman
2008-03-12 22:26 ` Michael Ellerman
2008-03-12 22:33 ` Matthew Wilcox
2008-03-12 22:33 ` Matthew Wilcox
2008-03-13 13:02 ` Kamalesh Babulal
2008-03-13 13:02 ` Kamalesh Babulal
2008-03-12 20:40 ` Benjamin Herrenschmidt
2008-03-12 20:40 ` Benjamin Herrenschmidt
2008-03-12 18:14 ` Badari Pulavarty
2008-03-12 18:14 ` Badari Pulavarty
2008-03-12 18:10 ` 2.6.25-rc5-mm1 - x86_64 boot problem ? Badari Pulavarty
2008-03-12 18:15 ` Andrew Morton
2008-03-13 17:09 ` 2.6.25-rc5-mm1 - x86_64 boot problem with git-sched.patch Badari Pulavarty
2008-03-13 17:40 ` Badari Pulavarty
2008-03-13 17:55 ` Guillaume Chazarain
2008-03-13 18:20 ` Badari Pulavarty
2008-03-12 23:54 ` [2.6.25-rc5-mm1] BUG: spinlock bad magic early during boot Tilman Schmidt
2008-03-13 0:04 ` Andrew Morton
2008-03-13 21:48 ` Dave Hansen
2008-03-13 20:46 ` Dave Hansen
2008-03-14 0:35 ` Tilman Schmidt
2008-03-14 18:03 ` Dave Hansen
2008-03-14 20:06 ` Dave Hansen
2008-03-14 20:20 ` Linus Torvalds
2008-03-14 20:51 ` Eric Piel
2008-03-14 21:35 ` Dave Hansen
2008-03-14 22:50 ` Eric Piel
2008-03-14 23:29 ` Dave Hansen
2008-03-15 12:47 ` Tilman Schmidt
2008-03-15 19:21 ` Linus Torvalds
2008-03-15 19:42 ` Éric Piel
2008-03-15 20:19 ` Linus Torvalds
2008-03-16 0:15 ` Éric Piel
2008-03-16 0:15 ` Éric Piel
2008-03-17 17:27 ` Len Brown
[not found] ` <1205858252.21619.233.camel@queen.suse.de>
2008-03-18 20:32 ` Len Brown
2008-03-20 14:28 ` Thomas Renninger
2008-03-17 17:59 ` Len Brown
2008-03-21 13:17 ` Pavel Machek
2008-03-23 16:00 ` Dave Hansen
2008-03-24 16:03 ` Pavel Machek
2008-03-24 17:05 ` Eric Piel
2008-03-24 17:19 ` Pavel Machek
2008-03-24 17:23 ` Dave Hansen
2008-03-27 9:23 ` Helge Hafting
2008-03-17 18:05 ` Len Brown
2008-03-17 18:05 ` Len Brown
2008-03-16 20:11 ` Dave Hansen
2008-03-17 12:23 ` Peter Zijlstra
2008-03-19 23:50 ` Tilman Schmidt
2008-03-17 17:48 ` Len Brown
2008-03-13 0:15 ` [2.6.25-rc5-mm1] WARNING: at drivers/base/sys.c:173 Tilman Schmidt
2008-03-13 18:34 ` Greg KH
2008-03-13 19:57 ` Dave Jones
2008-03-13 19:56 ` Dave Jones
2008-03-13 20:27 ` Greg KH
2008-03-14 0:01 ` Tilman Schmidt
2008-03-14 0:44 ` Dave Jones
2008-03-14 0:57 ` Zhao Yakui
2008-03-14 9:58 ` Tilman Schmidt
2008-03-15 12:16 ` Tilman Schmidt
2008-03-13 14:03 ` 2.6.25-rc5-mm1 shutdown crash Helge Hafting
2008-03-13 16:12 ` Andrew Morton
2008-03-25 12:23 ` Helge Hafting
2008-03-13 19:48 ` [2.6.25-rc5-mm1] regression: cannot run Postfix sendmail command as non-root Tilman Schmidt
2008-03-13 22:21 ` Daniel Lezcano
2008-03-14 0:08 ` Tilman Schmidt
2008-03-17 10:44 ` Daniel Lezcano
2008-03-17 12:50 ` Benjamin Thery
2008-03-17 13:35 ` Tilman Schmidt
2008-03-17 13:06 ` Tilman Schmidt
2008-03-17 13:17 ` Daniel Lezcano
2008-03-19 17:52 ` Benjamin Thery
2008-03-19 21:16 ` Andrew Morton [this message]
2008-03-19 22:14 ` Benjamin Thery
2008-03-19 22:49 ` David Miller
2008-03-20 8:26 ` Benjamin Thery
2008-03-20 10:21 ` Rafael J. Wysocki
2008-03-20 12:52 ` Pavel Emelyanov
2008-03-20 13:48 ` Benjamin Thery
2008-03-20 14:38 ` Rafael J. Wysocki
2008-03-19 23:31 ` Tilman Schmidt
2008-03-13 22:07 ` 2.6.25-rc5-mm1: "consolechars" hangs on boot Laurent Riffard
2008-03-13 22:38 ` Andrew Morton
2008-03-14 5:26 ` Oleg Nesterov
2008-03-14 21:06 ` Laurent Riffard
2008-03-15 12:03 ` Oleg Nesterov
2008-03-16 21:38 ` 2.6.25-rc5-mm1 build failure of pcsp.c Mariusz Kozlowski
2008-03-28 22:52 ` 2.6.25-rc5-mm1 sparc64 boot problems due to generic pci_enable_resources() Mariusz Kozlowski
2008-03-28 22:52 ` Mariusz Kozlowski
2008-03-28 23:10 ` 2.6.25-rc5-mm1 sparc64 boot problems due to generic David Miller
2008-03-28 23:10 ` 2.6.25-rc5-mm1 sparc64 boot problems due to generic pci_enable_resources() David Miller
2008-03-29 0:44 ` 2.6.25-rc5-mm1 sparc64 boot problems due to generic Benjamin Herrenschmidt
2008-03-29 0:44 ` 2.6.25-rc5-mm1 sparc64 boot problems due to generic pci_enable_resources() Benjamin Herrenschmidt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080319141608.ede86a86.akpm@linux-foundation.org \
--to=akpm@linux-foundation.org \
--cc=ben.thery@gmail.com \
--cc=davem@davemloft.net \
--cc=dlezcano@fr.ibm.com \
--cc=ebiederm@xmission.com \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pekkas@netcore.fi \
--cc=rjw@sisk.pl \
--cc=tilman@imap.cc \
--cc=xemul@openvz.org \
--cc=yoshfuji@linux-ipv6.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.