Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 716734

Summary: app-misc/beep no longer supports setuid/setgid, should drop "suid" USE flag support
Product: Gentoo Linux Reporter: Michael Yagliyan <burnsmellfactory>
Component: Current packagesAssignee: Gentoo Shell Tools project <shell-tools>
Status: RESOLVED FIXED    
Severity: normal CC: burnsmellfactory, chain, fturco, jstein, mail, sam
Priority: Normal Keywords: PullRequest
Version: unspecified   
Hardware: All   
OS: Linux   
See Also: https://github.com/gentoo/gentoo/pull/19588
Whiteboard:
Package list:
Runtime testing required: ---

Description Michael Yagliyan 2020-04-08 21:40:14 UTC 
See https://github.com/spkr-beep/beep/blob/master/PERMISSIONS.md.  Due to recent security bugs, beep now aborts immediately if run setuid or setgid:

beep: Error: Running setuid or setgid, which is not supported for security reasons.
beep: Error: Set up permissions for the pcspkr evdev device file instead.

(and it exits with status 1)

I'm not sure which upstream version introduced this change, but I encountered it after upgrading from app-misc/beep-1.3-r3 to 1.4.9.  The ebuild for 1.4.9 still supports the suid USE flag, and sets the setuid bit on the binary if the USE flag is enabled.

At a bare minimum it should drop that support and stop setting setuid/setgid.

An even better solution would be if the ebuild optionally setup a "beep" group (or call it whatever) and the device permissions, as recommended on that PERMISSIONS.md page, so that the end user wouldn't have to do all that manually.
Comment 1 Maciej S. Szmigiero 2020-11-01 19:54:19 UTC 
As Michael stated, the replacement for "suid" USE flag is an appropriate udev rule file.
The package upstream even suggests a few.
Comment 2 Larry the Git Cow gentoo-dev 2021-09-23 08:20:26 UTC 
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=51db2842c8c2c925a6c0d7c7875949e94afa9d6f

commit 51db2842c8c2c925a6c0d7c7875949e94afa9d6f
Author:     Alessandro Barbieri <lssndrbarbieri@gmail.com>
AuthorDate: 2021-02-22 01:02:52 +0000
Commit:     Michał Górny <mgorny@gentoo.org>
CommitDate: 2021-09-23 08:17:03 +0000

    app-misc/beep: capabilities added, suid removed
    
    Closes: https://bugs.gentoo.org/716734
    Package-Manager: Portage-3.0.14, Repoman-3.0.2
    Signed-off-by: Alessandro Barbieri <lssndrbarbieri@gmail.com>
    Closes: https://github.com/gentoo/gentoo/pull/19588
    Signed-off-by: Michał Górny <mgorny@gentoo.org>

 app-misc/beep/beep-1.4.9-r1.ebuild | 57 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 57 insertions(+)