Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 307983 - app-shells/mksh likes to try to write to /dev/urandom
Summary: app-shells/mksh likes to try to write to /dev/urandom
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Hanno Böck
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-03-06 09:11 UTC by Patrick Lauer
Modified: 2010-07-11 12:03 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
Patch for arc4random.c.1.14 (mksh-39c-urandom-write.patch,479 bytes, patch)
2010-07-01 09:30 UTC, Fabian Köster
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Patrick Lauer gentoo-dev 2010-03-06 09:11:02 UTC
>>> Compiling source in /var/tmp/portage/sys-devel/m4-1.4.14/work/m4-1.4.14 ...
 * econf: updating m4-1.4.14/build-aux/config.sub with /usr/share/gnuconfig/config.sub
 * econf: updating m4-1.4.14/build-aux/config.guess with /usr/share/gnuconfig/config.guess
./configure --prefix=/usr --build=x86_64-pc-linux-gnu --host=x86_64-pc-linux-gnu --mandir=/usr/share/man --infodir=/usr/share/info --datadir=/usr/share --sysconf
dir=/etc --localstatedir=/var/lib --libdir=/usr/lib64 --enable-changeword
ACCESS DENIED  open_wr:      /dev/urandom
ACCESS DENIED  open_wr:      /dev/urandom

[snip]


F: open_wr
S: deny
P: /dev/urandom
A: /dev/urandom
R: /dev/urandom
C: /bin/sh -c fail= failcom='exit 1'; \
for f in x $MAKEFLAGS; do \
  case $f in \
    *=* | --[!k]*);; \
    *k*) failcom='fail=yes';; \
  esac; \
done; \
dot_seen=no; \
target=`echo all-recursive | sed s/-recursive//`; \
list='. examples lib src doc checks tests'; for subdir in $list; do \
  echo "Making $target in $subdir"; \
  if test "$subdir" = "."; then \
    dot_seen=yes; \
    local_target="$target-am"; \
  else \
    local_target="$target"; \
  fi; \
  (CDPATH="${ZSH_VERSION+.}:" && cd $subdir && make  $local_target) \
  || eval $failcom; \
done; \
if test "$dot_seen" = "no"; then \
  make  "$target-am" || exit 1; \
fi; test -z "$fail" 
--------------------------------------------------------------------------------

>>> Failed to emerge sys-devel/m4-1.4.14

Portage 2.2_rc65 (default/linux/amd64/10.0/desktop, gcc-4.4.3, glibc-2.11-r1, 2.6.32-gentoo-r6 x86_64)
=================================================================
System uname: Linux-2.6.32-gentoo-r6-x86_64-AMD_Phenom-tm-_9950_Quad-Core_Processor-with-gentoo-2.0.1
Timestamp of tree: Unknown
ccache version 2.4 [disabled]
app-shells/bash:     4.1_p2
dev-java/java-config: 2.1.10
dev-lang/python:     2.6.4-r1, 3.1.1-r1
dev-python/pycrypto: 2.1.0
dev-util/ccache:     2.4-r8
dev-util/cmake:      2.8.0-r2
sys-apps/baselayout: 2.0.1
sys-apps/openrc:     0.6.0-r1
sys-apps/sandbox:    2.2
sys-devel/autoconf:  2.13, 2.65
sys-devel/automake:  1.8.5-r4, 1.9.6-r3, 1.10.3, 1.11.1
sys-devel/binutils:  2.20-r1
sys-devel/gcc:       4.4.3
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.6b
virtual/os-headers:  2.6.32
ACCEPT_KEYWORDS="amd64 ~amd64"
ACCEPT_LICENSE="*"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -march=k8 -pipe -ggdb"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/X11/xkb /usr/share/config"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/eselect/postgresql /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c"
CXXFLAGS="-O2 -march=k8 -pipe -ggdb"
DISTDIR="/usr/portage/distfiles"
FEATURES="assume-digests buildpkg collision-protect distlocks fixpackages news parallel-fetch preserve-libs protect-owned sandbox sfperms splitdebug strict unmerge-logs unmerge-orphans userfetch"
GENTOO_MIRRORS="http://distfiles.gentoo.org"
LDFLAGS="-Wl,-O1"
MAKEOPTS="-j3"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/home/pal/code/gentoo-x86/"
PORTDIR_OVERLAY="/usr/local/portage/layman/x11 /usr/local/portage/layman/qting-edge /usr/local/portage/layman/Spring /home/pal/code/kde"
SYNC="rsync://rsync.de.gentoo.org/gentoo-portage"
USE="3dnow 3dnowext X a52 aac aalib acl acpi alsa amd64 berkdb bluetooth branding bzip2 cairo cdio cdparanoia cdr cli consolekit cracklib crypt cups curl cxx dbus dga directfb dri dts dv dvd dvdr eds emboss encode evo extras fam firefox flac fortran ftp fts3 gdbm ggi gif gpm iconv ipv6 ithreads jack jpeg jpeg2k kde kpathsea ladspa lcms libnotify lzo mad md5sum mikmod mmx mmxext mng modules mp2 mp3 mp4 mpeg mudflap multilib musepack nas ncurses networkmanager nls nptl nptlonly objc ogg openal opengl openmp pam pcre pdf perl png pnm policykit ppds pppd python qt3support qt4 quicktime rar readline reflection rtc sasl sdl secure-delete semantic-desktop session slang speex spell spl sqlite sse sse2 ssl startup-notification svg sysfs tcpd tga theora thunar tiff truetype unicode usb v4l2 vorbis webkit x264 xml xorg xulrunner xv xvid xvmc zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="vga radeon" 
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Comment 1 Patrick Lauer gentoo-dev 2010-03-06 09:18:57 UTC
Ok, I tracked this one down to a change I made yesterday, which makes pretty much all packages fail to emerge.

I changed the /bin/sh symlink to /bin/mksh, which is app-shells/mksh

Setting it back to /bin/bash "fixes" the build issues
Comment 2 Zac Medico gentoo-dev 2010-03-06 10:02:22 UTC
We used to have a SANDBOX_PREDICT for /dev/random (not urandom) in portage, but it's been removed since bug 258684. I don't see a corresponding entry in /etc/sandbox.conf from sandbox-2.2 though. Maybe we should do both random and urandom?
Comment 3 SpanKY gentoo-dev 2010-03-06 21:46:58 UTC
dont write to /dev/urandom
Comment 4 Thorsten Glaser 2010-06-30 07:33:56 UTC
This is actually the arc4random.c.1.14 source file. Writes to /dev/urandom
are harmless, they’re denied if not root (sadly, except on Win32 and MirBSD,
there is no defined way to add entropy to the pool as non-root) anyway, and
if root, added into the pool in a way that doesn’t do harm. (I actually read
the implementation of /dev/*random.)

However, if you must prevent this by policy, remove the following lines from
the arc4random.c.1.14 file:

    370         int fd;
    371 
    372         if ((fd = open(__randomdev, O_WRONLY)) != -1) {
    373                 if (write(fd, buf, len) < 4)
    374                         do_rd = 1;
    375                 close(fd);
    376         }
    377         return (do_rd || fd == -1 ? 0 : 1);

Replace with:

return (0);


You should consider upgrading to arc4random.c.1.27 anyway (which
would need the same patch).
Comment 5 Fabian Köster 2010-07-01 09:30:54 UTC
Created attachment 237117 [details, diff]
Patch for arc4random.c.1.14

Adding a patch for version 1.14 oof arc4random.c
Comment 6 Fabian Köster 2010-07-01 09:46:02 UTC
I can verify that the attached patch works. What I did:

1.) emerge mksh-39c (from portage)
2.) Link /bin/sh to mksh
3.) emerge sys-devel/m4 => FAILS with messages "ACCESS DENIED open_wr: /dev/urandom"
4.) emerge mksh-39c-r1 (with patch)
5.) emerge sys-devel/m4 => WORKS without errors.

Hanno, can you please include this patch into main tree?

Thorsten, which improvements were made in arc4random.c.1.27 compared to 1.14?

Comment 8 Fabian Köster 2010-07-08 21:45:19 UTC
Hanno is not responding...

Patrick, are you able to upload the attached patch to partage?
Comment 9 Thorsten Glaser 2010-07-09 13:01:33 UTC
mksh R40 will not use arc4random at all any more (at least not on systems
other than OpenBSD-derived ones), since it’s sometimes too expensive, e.g.
on Debian/m68k, as a speed-up. These OSes do ASLR anyway, which we can use
to seed $RANDOM, it was never intended for crypto anyway and is only 15 bit
output and 32 bit internal wide as well.

There’s no plan when R40 will come out though, don’t hold your breath for it.
Comment 10 Patrick Lauer gentoo-dev 2010-07-11 12:03:03 UTC
+  11 Jul 2010; Patrick Lauer <patrick@gentoo.org> mksh-39c.ebuild,
+  +files/mksh-39c-urandom-write.patch:
+  Fix for #307983, thanks to Fabian Koester


Danke!