Bug 1190233

Summary: Spams "warning: Failed to read auxiliary vector, /proc not mounted" messages
Product: Red Hat Enterprise Linux 7 Reporter: Enrico Scholz <rh-bugzilla>
Component: rpmAssignee: Florian Festi <ffesti>
Status: CLOSED DUPLICATE QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.0CC: aboccia, foraker1, redhat, tgummels, woodard
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-03-16 16:05:17 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Enrico Scholz 2015-02-06 17:56:30 UTC 
Description of problem:

rpmlib tries to read /proc/self/auxv when using most of its functions and gives out a

| warning: Failed to read auxiliary vector, /proc not mounted?

message on failures.  Unfortunately, this is triggered in use cases like

----
#include <unistd.h>
#include <rpm/rpmlib.h>

int main(void)
{
	setreuid(99, 99);
	rpmReadConfigFiles(NULL, NULL);
}
----
| open("/proc/self/auxv", O_RDONLY)       = -1 EACCES (Permission denied)
----

because 'auxv' is inaccessible for group + world and its ownership is not changed by the 'setreuid()' call.


This happens e.g. in kojihub servers which are run within apache httpd server which drops perms and loads rpmlib then.



Version-Release number of selected component (if applicable):

rpm-4.11.1-18.el7_0.x86_64


How reproducible:

100%
Comment 2 Patrick Hurrelmann 2015-02-19 08:30:43 UTC 
The same behaviour can be observed by using spacewalk 2.3 (nightly) and spacewalk-proxy 2.3 (nightly) on RHEL 7.x.
Apache error logs are spammed with the message "warning: Failed to read auxiliary vector, /proc not mounted?"
Comment 3 Ben Woodard 2015-02-26 23:38:53 UTC 
LLNL is also experiencing this bug. They are fine with having this BZ open. Adding them to the cc list for tracking purposes.
Comment 4 Florian Festi 2015-03-16 16:05:17 UTC 

*** This bug has been marked as a duplicate of bug 1119068 ***
Comment 5 john.haxby@oracle.com 2015-07-31 13:43:07 UTC 
This has been marked as duplicate of a bug that is private.