122149 – coreutils-5.2.1-r7 with maketest fails "no-x" test

Bug 122149 - coreutils-5.2.1-r7 with maketest fails "no-x" test

Summary: coreutils-5.2.1-r7 with maketest fails "no-x" test

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	[OLD] Core system (show other bugs)
Hardware:	x86 Linux

Importance:	High normal
Assignee:	The Gentoo Linux Hardened Team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2006-02-08 10:14 UTC by Joshua Pettett
Modified:	2006-02-18 13:32 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Joshua Pettett 2006-02-08 10:14:54 UTC

With FEATURES="maketest" coreutils-5.2.1-r7 emerge with:


Making check in chgrp
make[2]: Entering directory `/var/tmp/portage/coreutils-5.2.1-r7/work/coreutils-5.2.1/tests/chgrp'
make  check-TESTS
make[3]: Entering directory `/var/tmp/portage/coreutils-5.2.1-r7/work/coreutils-5.2.1/tests/chgrp'
setuidgid: cannot run command `./no-x': Permission denied
FAIL: no-x
PASS: posix-H
PASS: basic
PASS: deref
PASS: recurse
======================================
1 of 5 tests failed
Please report to bug-coreutils@gnu.org
======================================
make[3]: *** [check-TESTS] Error 1
make[3]: Leaving directory `/var/tmp/portage/coreutils-5.2.1-r7/work/coreutils-5.2.1/tests/chgrp'
make[2]: *** [check-am] Error 2
make[2]: Leaving directory `/var/tmp/portage/coreutils-5.2.1-r7/work/coreutils-5.2.1/tests/chgrp'
make[1]: *** [check-recursive] Error 1
make[1]: Leaving directory `/var/tmp/portage/coreutils-5.2.1-r7/work/coreutils-5.2.1/tests'
make: *** [check-recursive] Error 1


Emerge info:
Portage 2.0.54 (hardened/x86/2.6, gcc-3.3.6, glibc-2.3.5-r2, 2.6.11-hardened-r15-configuration1 i686)
=================================================================
System uname: 2.6.11-hardened-r15-configuration1 i686 Pentium III (Katmai)
Gentoo Base System version 1.6.13
distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled]
ccache version 2.3 [enabled]
dev-lang/python:     2.3.5-r2, 2.4.2
sys-apps/sandbox:    1.2.12
sys-devel/autoconf:  2.13, 2.59-r6
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1
sys-devel/binutils:  2.16.1
sys-devel/libtool:   1.5.22
virtual/os-headers:  2.6.11-r2
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=pentium3 -fomit-frame-pointer -fforce-addr -pipe"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/bind /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d"
CXXFLAGS="-O2 -march=pentium3 -fomit-frame-pointer -fforce-addr -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoconfig buildpkg ccache collision-protect distlocks maketest sandbox sfperms strict test"
GENTOO_MIRRORS="ftp://distro.ibiblio.org/pub/linux/distributions/gentoo/ http://distro.ibiblio.org/pub/linux/distributions/gentoo/ ftp://ftp.gtlib.cc.gatech.edu/pub/gentoo"
MAKEOPTS="-j2"
PKGDIR="/usr/portage//packages/x86/"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage/"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="acl berkdb bzip2 crypt dlloader doc expat fam ftp gd gdbm gmp gnutls hardened hardenedphp imap innodb ipv6 java jpeg ldap libwww mhash mysql ncurses nls nocd nptl pam pcre perl php pic png posix prelude python readline sasl session sockets spl sqlite sse ssl sysvipc tcpd udev userlocales vhosts x86 xml2 zlib userland_GNU kernel_linux elibc_glibc"
Unset:  ASFLAGS, CTARGET, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTDIR_OVERLAY

Comment 1 Joshua Pettett 2006-02-08 10:16:22 UTC

That first line should have been:

With FEATURES="maketest", coreutils-5.2.1-r7 emerge fails with:

Comment 2 SpanKY gentoo-dev

2006-02-08 21:20:08 UTC

what does `ls -l ./no-x` show ?

Comment 3 Joshua Pettett 2006-02-09 06:57:16 UTC

ngh2 chgrp # cd /var/tmp/portage/coreutils-5.2.1-r7/work/coreutils-5.2.1/tests/chgrp
ngh2 chgrp # ls -l ./no-x
-rwxr-xr-x  1 root root 977 Oct 17  2003 ./no-x
ngh2 chgrp # ./no-x
./no-x: line 10: /../group-names: No such file or directory
ngh2 chgrp # export srcdir=. # Per Makefile
ngh2 chgrp # ./no-x
setuidgid: fatal: unable to run ./no-x: access denied

Comment 4 Joshua Pettett 2006-02-09 07:05:11 UTC

Perhaps this will help:

ngh2 chgrp # export VERBOSE=yes
ngh2 chgrp # make check
make  check-TESTS
make[1]: Entering directory `/var/tmp/portage/coreutils-5.2.1-r7/work/coreutils-5.2.1/tests/chgrp'
+ chgrp --version
chgrp (coreutils) 5.2.1
Written by David MacKenzie and Jim Meyering.

Copyright (C) 2004 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ . ./../group-names
++ groups='root bin daemon sys adm disk wheel floppy dialout tape video'
++ case "$groups" in
+ set _ root bin daemon sys adm disk wheel floppy dialout tape video
+ shift
+ g1=root
+ g2=bin
+ . ./../lang-default
++ for i in LANG LANGUAGE LC_ALL LC_COLLATE LC_CTYPE LC_MESSAGES LC_NUMERIC LC_TIME
++ eval 'LANG=; export LANG'
+++ LANG=
+++ export LANG
++ for i in LANG LANGUAGE LC_ALL LC_COLLATE LC_CTYPE LC_MESSAGES LC_NUMERIC LC_TIME
++ eval 'LANGUAGE=; export LANGUAGE'
+++ LANGUAGE=
+++ export LANGUAGE
++ for i in LANG LANGUAGE LC_ALL LC_COLLATE LC_CTYPE LC_MESSAGES LC_NUMERIC LC_TIME
++ eval 'LC_ALL=; export LC_ALL'
+++ LC_ALL=
+++ export LC_ALL
++ for i in LANG LANGUAGE LC_ALL LC_COLLATE LC_CTYPE LC_MESSAGES LC_NUMERIC LC_TIME
++ eval 'LC_COLLATE=; export LC_COLLATE'
+++ LC_COLLATE=
+++ export LC_COLLATE
++ for i in LANG LANGUAGE LC_ALL LC_COLLATE LC_CTYPE LC_MESSAGES LC_NUMERIC LC_TIME
++ eval 'LC_CTYPE=; export LC_CTYPE'
+++ LC_CTYPE=
+++ export LC_CTYPE
++ for i in LANG LANGUAGE LC_ALL LC_COLLATE LC_CTYPE LC_MESSAGES LC_NUMERIC LC_TIME
++ eval 'LC_MESSAGES=; export LC_MESSAGES'
+++ LC_MESSAGES=
+++ export LC_MESSAGES
++ for i in LANG LANGUAGE LC_ALL LC_COLLATE LC_CTYPE LC_MESSAGES LC_NUMERIC LC_TIME
++ eval 'LC_NUMERIC=; export LC_NUMERIC'
+++ LC_NUMERIC=
+++ export LC_NUMERIC
++ for i in LANG LANGUAGE LC_ALL LC_COLLATE LC_CTYPE LC_MESSAGES LC_NUMERIC LC_TIME
++ eval 'LC_TIME=; export LC_TIME'
+++ LC_TIME=
+++ export LC_TIME
+ PRIV_CHECK_ARG=require-non-root
+ . ./../priv-check
++ case "$PRIV_CHECK_ARG" in
++ who='by an unprivileged user'
+++ id -u
++ my_uid=0
++ test 0 = 0
++ case $my_uid in
++ test 0 = 0
++ : nobody
+++ id -u nobody
++ coreutils_non_root_uid=65534
++ test 0 = 0
++ test 65534 = 0
++ give_msg=no
++ case $PRIV_CHECK_ARG:$my_uid in
++ setuidgid nobody test -w .
++ exec setuidgid nobody ./no-x
setuidgid: cannot run command `./no-x': Permission denied
FAIL: no-x

Comment 5 SpanKY gentoo-dev

2006-02-09 20:53:47 UTC

my best guess atm is your hardened kernel ... anything interesting in `dmesg` ?  are you able to reboot with a non-grsec/etc... enabled kernel to test ?

Comment 6 Joshua Pettett 2006-02-14 09:01:12 UTC

(In reply to comment #5)
> my best guess atm is your hardened kernel ... anything interesting in `dmesg` ?
>  are you able to reboot with a non-grsec/etc... enabled kernel to test ?
> 

Yes, that's the problem; it was a TPE violation.

Comment 7 SpanKY gentoo-dev

2006-02-14 09:53:02 UTC

hardened can figure out what to do with this ... i'd just say WONTFIX

Comment 8 Joshua Pettett 2006-02-18 13:17:30 UTC

This bug may be obsoleted by the fix for bug 122951.

Comment 9 SpanKY gentoo-dev

2006-02-18 13:32:54 UTC