I'm not quite sure what's triggering this. I don't have this issue on my desktop PC, (bog standard x86 setup), but my server is a little more esoteric: PPC, uClibc, GrSec, PaX. I've traced the problem back to this: muttley ~ # ls -l /usr/bin/fcrondyn -rwsr-sr-x 1 fcron fcron 30392 Jan 6 17:15 /usr/bin/fcrondyn muttley ~ # ldd /usr/bin/fcrondyn /usr/bin/fcrondyn: is setuid password for root : Of course when ldd is called from within revdep-rebuild that root password prompt is never shown to the user, so the process just sits there at 22% and does nothing until you Ctrl-C it. I imagine the problem is either uclibc shipping a weird ldd, or the box's hardening stepping in to prevent spying on setuid binaries. Either way, I've reached the limits of my knowledge so I thought it best to refer the problem to you guys =) app-portage/portage-utils-0.1.29 sys-libs/uclibc-0.9.30 sys-process/fcron-3.0.4-r1
Please post your emerge --info. I assume from the '#' prompts that you are running revdep-rebuild as root. If so, how are you doing so? (i.e. sudo revdep-rebuild or su, or logged in directly) If not, do you still see the issue when you run revdep-rebuild as root?
I'm logged in as root, via SSH. The process tree looks like this: 3541 ? Ss 0:00 \_ /usr/sbin/dropbear -b /etc/issue 3544 pts/0 Rs 0:00 \_ -bash 4247 pts/0 R+ 0:00 \_ ps xf Portage 2.1.6.4 (uclibc/ppc/hardened, gcc-3.4.6, uclibc-0.9.30-r0, 2.6.26-hardened-r7-muttley-1-misc ppc) ================================================================= System uname: Linux-2.6.26-hardened-r7-muttley-1-misc-ppc-G2_LE-with-libc0 Timestamp of tree: Sun, 04 Jan 2009 18:15:01 +0000 distcc 3.0 powerpc-gentoo-linux-uclibc [enabled] ccache version 2.4 [enabled] app-shells/bash: 3.2_p33 dev-lang/python: 2.4.4-r14, 2.5.2-r7 dev-util/ccache: 2.4-r7 sys-apps/baselayout: 1.12.11.1 sys-apps/sandbox: 1.2.18.1-r2 sys-devel/autoconf: 2.63 sys-devel/automake: 1.10.2 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.23-r3 ACCEPT_KEYWORDS="ppc" CBUILD="powerpc-gentoo-linux-uclibc" CFLAGS="-O2 -mcpu=603e -pipe" CHOST="powerpc-gentoo-linux-uclibc" CONFIG_PROTECT="/etc /var/bind" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-O2 -mcpu=603e -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig ccache distcc distlocks fixpackages parallel-fetch protect-owned sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" LDFLAGS="-Wl,-z,relro" MAKEOPTS="-j4" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://splig/gentoo-portage" USE="alsa apache2 bzip2 cgi cli cracklib crypt dri embedded fastcgi hardened ipv6 mudflap mysql ncurses offensive openmp pcre perl php pic ppc python quotas readline reflection samba session sni spl sqlite ssl ssp suhosin syslog tcpd uclibc uclibc-compat unicode xorg zlib" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="alias auth_basic authn_alias authn_anon authn_default authn_file authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias proxy proxy_http" APACHE2_MPMS="prefork" CAMERAS="sq905" ELIBC="uclibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="dummy fbdev v4l" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Oh hey, I just discovered something. While ldd/fcrondyn is prompting for the root password, the tree looks like this: 7132 pts/3 Ss 0:00 -/bin/bash 4461 pts/3 S+ 0:00 \_ ldd /usr/bin/fcrondyn 4462 pts/3 S+ 0:00 \_ /usr/bin/fcrondyn So I tried "kill 4462", and went back to the first terminal, to find this: muttley ~ # ldd /usr/bin/fcrondyn /usr/bin/fcrondyn: is setuid password for root :checking sub-depends for '/lib/libcrypt.so.0' libc.so.0 => /lib/libc.so.0 (0x4c2e9000) ld-uClibc.so.0 => /lib/ld-uClibc.so.0 (0x4c2d2000) checking sub-depends for '/lib/libc.so.0' ld-uClibc.so.0 => /lib/ld-uClibc.so.0 (0x49290000) libcrypt.so.0 => /lib/libcrypt.so.0 (0x00000000) libc.so.0 => /lib/libc.so.0 (0x00000000) /lib/ld-uClibc.so.0 => /lib/ld-uClibc.so.0 (0x00000000) Apparently fcrondyn is actually getting executed, rather than just inspected. Killing it lets ldd do its job. Also, killing it in the middle of a revdep-rebuild run allows that to continue, as well. Hmm, this is looking more like a bug in uclibc's ldd than one in revdep-rebuild...
I'm currently building an x86 uClibc, GrSec, PaX system to test on. However, in my chroot environment, I am not seeing the same behavior from ldd. Are there any security attributes on the file that might be causing this?
I haven't done anything myself. How would I find this out?
I am able to reproduce this with sys-libs/uclibc-0.9.28.3-r3 on x86. It is only happening when the group setuid bit is set and the owner of the file is someone other than the user running ldd. When that occurs, it asks for a password for the user running ldd and executes the executable, if the password is entered. If I enter a bad password, it then produces the ldd output. # ls -l /usr/bin/fcrondyn -rwsr-sr-x 1 fcron fcron 26176 Jan 12 2009 /usr/bin/fcrondyn Example: (with password) # ldd /usr/bin/fcrondyn /usr/bin/fcrondyn: is setuid password for root : fcrondyn> ^D Example: (without password) # ldd /usr/bin/fcrondyn /usr/bin/fcrondyn: is setuid password for root : Invalid password or too many authentication failures (try to connect later). (In the later case, fcron rejects all new authentication during 60 secs) 17:44:26 Unable to authenticate user libc.so.0 => /lib/libc.so.0 (0x51750000) ld-uClibc.so.0 => /lib/ld-uClibc.so.0 (0x517a4000) ld-uClibc.so.0 => /lib/ld-uClibc.so.0 (0x4ed65000) libcrypt.so.0 => /lib/libcrypt.so.0 (0x00000000) libc.so.0 => /lib/libc.so.0 (0x00000000) /lib/ld-uClibc.so.0 => /lib/ld-uClibc.so.0 (0x00000000) If I change the fcron user to have a shell and su to fcron, I get the following: # su fcron fcron@uclibc /tmp $ ldd /usr/bin/fcrondyn /usr/bin/fcrondyn: is setuid libcrypt.so.0 => /lib/libcrypt.so.0 (0x4f6aa000) libc.so.0 => /lib/libc.so.0 (0x4f65b000) ld-uClibc.so.0 => /lib/ld-uClibc.so.0 (0x4f6c5000) I am CC'ing the maintainers of the uclibc package. vapier/solar: Would you please assign this to who it needs to be assigned to and CC me on the bug.
I misspoke about the group setuid bit, it is the user setuid bit that is causing this.
https://bugs.uclibc.org is probably a better place to address this ticket.
If this behavior is still happening, then the bug should be filed upstream.
