Bug 1253220

Summary: captest list sys_psacct instead of sys_pacct
Product: Red Hat Enterprise Linux 7 Reporter: Karel Srot <ksrot>
Component: libcap-ngAssignee: Steve Grubb <sgrubb>
Status: CLOSED ERRATA QA Contact: Karel Srot <ksrot>
Severity: low Docs Contact:
Priority: medium    
Version: 7.1CC: sgrubb
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: libcap-ng-0.7.5-4.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1253219 Environment:
Last Closed: 2015-11-19 08:22:47 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Karel Srot 2015-08-13 09:07:53 UTC 
present also on RHEL-7, libcap-ng-0.7.5-2.el7

+++ This bug was initially created as a clone of Bug #1253219 +++

Description of problem:


captest --drop-caps --text list capability sys_psacct while it should rather be sys_pacct (as listed by capsh --decode)

# uname -a
Linux palava.usersys.redhat.com 2.6.32-573.1.1.el6.x86_64 #1 SMP Tue Jul 14 02:46:51 EDT 2015 x86_64 x86_64 x86_64 GNU/Linux
# rpm -q libcap-ng
libcap-ng-0.6.4-3.el6_0.1.x86_64


# captest --drop-caps --text
User  credentials uid:0 euid:0 suid:0
Group credentials gid:0 egid:0 sgid:0
Current capabilities: none
securebits flags: none
Attempting direct access to shadow...FAILED (Permission denied)
Attempting to access shadow by child process...SUCCESS
Attemping to regain root...SUCCESS - PRIVILEGE ESCALATION POSSIBLE
Child User  credentials uid:0 euid:0 suid:0
Child Group credentials gid:0 egid:0 sgid:0
Child Effective: chown, dac_override, dac_read_search, fowner, fsetid, kill, setgid, setuid, setpcap, linux_immutable, net_bind_service, net_broadcast, net_admin, net_raw, ipc_lock, ipc_owner, sys_module, sys_rawio, sys_chroot, sys_ptrace, sys_psacct, sys_admin, sys_boot, sys_nice, sys_resource, sys_time, sys_tty_config, mknod, lease, audit_write, audit_control, setfcap, mac_override, mac_admin
Child Permitted: chown, dac_override, dac_read_search, fowner, fsetid, kill, setgid, setuid, setpcap, linux_immutable, net_bind_service, net_broadcast, net_admin, net_raw, ipc_lock, ipc_owner, sys_module, sys_rawio, sys_chroot, sys_ptrace, sys_psacct, sys_admin, sys_boot, sys_nice, sys_resource, sys_time, sys_tty_config, mknod, lease, audit_write, audit_control, setfcap, mac_override, mac_admin
Child Inheritable: none
Child Bounding Set: chown, dac_override, dac_read_search, fowner, fsetid, kill, setgid, setuid, setpcap, linux_immutable, net_bind_service, net_broadcast, net_admin, net_raw, ipc_lock, ipc_owner, sys_module, sys_rawio, sys_chroot, sys_ptrace, sys_psacct, sys_admin, sys_boot, sys_nice, sys_resource, sys_time, sys_tty_config, mknod, lease, audit_write, audit_control, setfcap, mac_override, mac_admin
Child securebits flags: none
Attempting direct access to shadow...SUCCESS

# capsh --decode=00000003FFFFFFFF
0x00000003ffffffff=cap_chown,cap_dac_override,cap_dac_read_search,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_linux_immutable,cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw,cap_ipc_lock,cap_ipc_owner,cap_sys_module,cap_sys_rawio,cap_sys_chroot,cap_sys_ptrace,cap_sys_pacct,cap_sys_admin,cap_sys_boot,cap_sys_nice,cap_sys_resource,cap_sys_time,cap_sys_tty_config,cap_mknod,cap_lease,cap_audit_write,cap_audit_control,cap_setfcap,cap_mac_override,cap_mac_admin
Comment 2 Steve Grubb 2015-08-13 13:15:07 UTC 
Fixed in upstream commit 82.
Comment 6 Steve Grubb 2015-08-14 18:11:11 UTC 
libcap-ng-0.7.5-4.el7 was built to resolve this issue.
Comment 10 errata-xmlrpc 2015-11-19 08:22:47 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-2161.html