Summary: | net-im/ejabberd-16.04 fails to authenticate users with pam | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Joe D <joed> |
Component: | Current packages | Assignee: | Amadeusz Żołnowski (RETIRED) <aidecoe> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | hanno, navid.zamani |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=334473 | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Joe D
2016-08-27 01:17:28 UTC
It is interesting, because it works for me without suid. The command is actually run, but afterwards chown is run which resets suid bit... I will change the order. I have fixed in in current ejabberd-16.04.ebuild. I am not revbumping now because I have other fixes in progress for ejabberd-16.04-r1.ebuild. Could you please reemerge ejabberd-16.04 and test it, please? And know there's another thing which changes permissions. On installation there's a portage functionality which removes read bit from group for files having suid set. It makes ejabberd fail on start. s/know/now/ I have partially fixed it in ejabberd-16.04. If you turn off sfperms FEATURE then it should work. In ejabberd-16.04-r1 I have applied full workaround for the problem (see other bug #334473) but that revision needs stabilization of course. (In reply to Amadeusz Żołnowski from comment #2) > I have fixed in in current ejabberd-16.04.ebuild. I am not revbumping now > because I have other fixes in progress for ejabberd-16.04-r1.ebuild. Could > you please reemerge ejabberd-16.04 and test it, please? I re-emerged it, but it didn't seem to do anything. Then I realized that epam is NOT contained in ejabberd but in p1_pam. When I re-emerged p1_pam, the suid bit was cleared. epam wrapper which is a part of ejabberd package and is installed in /usr/lib/ejabberd-16.04/priv/bin should have suid bit set, while epam binary installed by p1_pam package should have suid bit unset. Is it what you observe? |