Summary: | sys-apps/shadow-4.1.4.2-r6: su: dropping privileges before calling pam_close_session causes problems with systemd | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Cesar Garcia <cesarg9> |
Component: | [OLD] Core system | Assignee: | PAM Gentoo Team (OBSOLETE) <pam-bugs+disabled> |
Status: | RESOLVED UPSTREAM | ||
Severity: | normal | CC: | alecm_88, arne.flagge, base-system, maggu2810, systemd |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=580434 | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: | sys-apps/shadow-4.1.4.2-r6 patch to drop privileges in a more appropiate place |
Description
Cesar Garcia
2010-11-26 03:01:31 UTC
Created attachment 255455 [details, diff]
sys-apps/shadow-4.1.4.2-r6 patch to drop privileges in a more appropiate place
This patch moves the privilege change code ater the fork in the child code following the same logic of the coreutils and Mac OS implementations of su.
Given we don't actively support systemd, please report this to the shadow project, we'll pick it up after a bump. Seriously, we have enough at hour hands to fix other problems with packages that we _do_ have in tree, I don't want to start messing with patches for packages we don't support. It seems that su is also causing problems for programs in the portage tree, like pam_mount. Using pam_mount with su, you will get the same error messages because pam_mount can not unmount sessions running with user privileges, only with root privileges. Here is the log: Apr 13 15:59:17 su[28611]: command: 'umount' '/home/test' Apr 13 15:59:17 su[29731]: pam_mount(misc.c:38): set_myuid<pre>: (ruid/rgid=1096/53, e=1096/53) Apr 13 15:59:17 su[29731]: pam_mount(spawn.c:128): error setting uid to 0 Apr 13 15:59:17 su[28611]: pam_mount(mount.c:64): umount messages: Apr 13 15:59:17 su[28611]: pam_mount(mount.c:68): umount: /home/test is not in the fstab (and you are not root) Apr 13 15:59:17 su[28611]: pam_mount(mount.c:720): unmount of homes failed Other distributions reported the exact same problem with su and pam_mount (e.g. Debian Bug #580434). Please apply the attached patch, it works perfect! Can the status of this bug be changed to something more appropriate since it wasn't really "RESOLVED"? Also, systemd is now in portage, and will be unmasked once openrc is bumped. not until there is movement upstream Fixed in shadow-4.1.5. |