Recently after update to latest openrc I saw that pretty much every init script generate a log message about authorize to nobody user. I would like know why does it happen and if it is intend or not. messages: Oct 10 10:38:51 [start-stop-daemon] pam_unix(start-stop-daemon:session): session opened for user nobody by (uid=0) Oct 10 10:38:59 [start-stop-daemon] pam_unix(start-stop-daemon:session): session opened for user nobody by (uid=0) Oct 10 10:39:00 [start-stop-daemon] pam_unix(start-stop-daemon:session): session opened for user nobody by (uid=0) Reproducible: Always
i vaguely recall this being correct behavior
I also see this. Further lots of services are misbehaving / stopping to work, latest being mysql (output given to me by phpmyadmin): #1 - Can't create/write to file '/tmp/.private/nobody/#sql_3a67_0.MYI' (Errcode: 13) Other services show the same problem, see for example bug #390063 comment #4.
(In reply to comment #2) > I also see this. > > Further lots of services are misbehaving / stopping to work, latest being mysql > (output given to me by phpmyadmin): Downgrading to 0.8.3 fixed the issue. Hence proposing to increase importance. Portage 2.2.0_alpha84 (hardened/linux/ia64/server, gcc-4.5.3, glibc-2.13-r4, 2.6.32-hardened-r78 ia64) ================================================================= System Settings ================================================================= System uname: Linux-2.6.32-hardened-r78-ia64-31-with-gentoo-2.0.3 Timestamp of tree: Thu, 29 Dec 2011 23:15:01 +0000 app-shells/bash: 4.1_p9 dev-lang/python: 2.7.2-r3, 3.2.2 dev-util/cmake: 2.8.4-r1 dev-util/pkgconfig: 0.26 sys-apps/baselayout: 2.0.3 sys-apps/openrc: 0.8.3-r1 sys-apps/sandbox: 2.5 sys-devel/autoconf: 2.68 sys-devel/automake: 1.11.1 sys-devel/binutils: 2.21.1-r1 sys-devel/gcc: 4.5.3-r1 sys-devel/gcc-config: 1.4.1-r1 sys-devel/libtool: 2.4-r1 sys-devel/make: 3.82-r1 sys-kernel/linux-headers: 2.6.39 (virtual/os-headers) sys-libs/glibc: 2.13-r4 Repositories: gentoo sunrise local Installed sets: ACCEPT_KEYWORDS="ia64" ACCEPT_LICENSE="* -@EULA" CBUILD="ia64-unknown-linux-gnu" CFLAGS="-pipe -mtune=mckinley -O2" CHOST="ia64-unknown-linux-gnu" CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5.3/ext-active/ /etc/php/cgi-php5.3/ext-active/ /etc/php/cli-php5.3/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-pipe -mtune=mckinley -O2" DISTDIR="/var/cache/portage/distfiles" EMERGE_DEFAULT_OPTS="--usepkg --buildpkg --binpkg-respect-use --with-bdeps y --keep-going" FEATURES="assume-digests binpkg-logs buildpkg distlocks ebuild-locks fixlafiles news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersy nc xattr" FFLAGS="" GENTOO_MIRRORS="http://ftp.spline.inf.fu-berlin.de/mirrors/gentoo/ http://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ http://ftp.spline.inf.fu-berlin.de/mirrors/gentoo/ http://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ http://distfile s.gentoo.org" LANG="en_GB.UTF-8" LDFLAGS="-Wl,-O1 -Wl,--as-needed -Wl,--hash-style=gnu -Wl,--hash-style=gnu" MAKEOPTS="-j3" PKGDIR="/var/cache/portage/packages" PORTAGE_COMPRESS="xz" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_EXTRA_OPTS=" --delete-excluded --include='/sci-libs/' --include='/sci-libs/gsl/' --exclude='/sci-libs/*/' --include='/x11-libs/' --include='/x11-misc/' --include='/x11-proto/' --exclude='/games*/' --exclude='/gnome*/' --exclude='/gnustep*/' --exclude='/gpe*/' --exclude='/kde*/' --exclude='/lxde*/' --exclude='/rox*/' --exclude='/sci*/' --exclude='/x11*/' --exclude='/xfce*/'" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/var/cache/portage/gentoo" PORTDIR_OVERLAY="/var/cache/portage/layman/sunrise /var/cache/portage/local" [...] Unset: CPPFLAGS, CTARGET, INSTALL_MASK, LC_ALL, LINGUAS, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS_FLAGS ================================================================= Package Settings ================================================================= sys-apps/openrc-0.8.3-r1 was built with the following: USE="ncurses pam unicode -debug (-selinux)"
Diego, what do you think?
Has anything been done on this issue? It appears not, as my Apache still thinks it should use nobody's TMPDIR... (Using OpenRC 0.9.8.4)
I thought I told this before, but the point here is that for whatever reasons s-s-d without any --user parameter will ask pam to initialise a session for nobody even though it runs as root. I have suggested an approach before: --user $foo --nochuid that would then initialise the session for that given user but not change the uid of the process (which is required for instance for apache, as it starts as user root, and then drops to a different user after binding the privileged port 80), but it's clumsy. The other alternative is not passing through pam at all unless we're changing uid, which is probably simpler and makes more sense.
(In reply to comment #6) > I thought I told this before, but the point here is that for whatever reasons > s-s-d without any --user parameter will ask pam to initialise a session for > nobody even though it runs as root. Thanks for this explanation! > The other alternative is not passing through pam at all unless we're changing > uid, which is probably simpler and makes more sense. In that case, who would be responsible for setting envvars like TMPDIR?
(In reply to comment #7) > (In reply to comment #6) > > I thought I told this before, but the point here is that for whatever reasons > > s-s-d without any --user parameter will ask pam to initialise a session for > > nobody even though it runs as root. > Thanks for this explanation! Agreed, I did not know what the issue was until I saw this either. > > The other alternative is not passing through pam at all unless we're changing > > uid, which is probably simpler and makes more sense. I have a patch written here to do this which I will attach shortly. > In that case, who would be responsible for setting envvars like TMPDIR? I'm not sure either about this, how do other init systems/distros handle this? It seems like it might be something that the software itself should handle (for example, apache should use pam to set the environment, etc, before it drops privileges)?
Created attachment 303013 [details] 0001-Skip-pam-if-running-as-root.patch This patch skips pam if we did not supply a user to switch to. Diego, would this break anything? If not I will apply it.
Can't break more than it's broken now. So yeah I'd suggest adding this in the first place.
This has been added in commit 3272261.
(In reply to comment #9) > Created attachment 303013 [details] > 0001-Skip-pam-if-running-as-root.patch > > This patch skips pam if we did not supply a user to switch to. Thanks, this patch appears to fix apache.
