Bug 167745
| Summary: | SU doesn't have correct permissions | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Ryan Skadberg <redhat> |
| Component: | elfutils | Assignee: | Roland McGrath <roland> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | rawhide | CC: | jacob.kroon, mephisto, rodd, tmraz, twaugh |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | 0.116 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2006-04-13 23:41:49 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Ryan Skadberg
2005-09-07 19:28:19 UTC
here it says ~]$ su - Password: su: incorrect password works OK here too when set user id is turned on. -> -rwsr-xr-x 1 root root 23516 Sep 7 04:41 /bin/su ps. im not using selinux I can verify this, I also get the same error message as Ryan, su: cannot set groups: Operation not permitted It appeared after the coreutils update today. I did a 'touch /.autorelabel' + reboot to see if it was a SElinux issue, but the problem is still there. rpm -q coreutils: coreutils-5.2.1-53 ls -l /bin/su -rwxr-xr-x 1 root root 23516 Sep 7 04:41 /bin/su I'm seeing the groups error also. It happens for regular or root user. su - Password: su: cannot set groups: Operation not permitted Sep 7 06:30:01 cornette-lt crond(pam_unix)[2570]: session opened for user root by (uid=0) Sep 7 06:30:01 cornette-lt crond(pam_unix)[2571]: session opened for user root by (uid=0) Sep 7 06:30:02 cornette-lt crond(pam_unix)[2570]: session closed for user root Sep 7 06:30:06 cornette-lt crond(pam_unix)[2571]: session closed for user root Sep 7 06:35:01 cornette-lt crond(pam_unix)[2615]: session opened for user root by (uid=0) Sep 7 06:35:02 cornette-lt crond(pam_unix)[2615]: session closed for user root Sep 7 06:40:01 cornette-lt crond(pam_unix)[2658]: session opened for user root by (uid=0) Sep 7 06:40:01 cornette-lt crond(pam_unix)[2657]: session opened for user root by (uid=0) Sep 7 06:40:02 cornette-lt crond(pam_unix)[2657]: session closed for user root Sep 7 06:40:02 cornette-lt crond(pam_unix)[2658]: session closed for user root Sep 7 06:40:14 cornette-lt login(pam_unix)[2383]: session opened for user root by (uid=0) Sep 7 06:41:12 cornette-lt login(pam_unix)[2384]: session opened for user jim by (uid=0) Sep 7 06:45:01 cornette-lt crond(pam_unix)[2974]: session opened for user root by (uid=0) Sep 7 06:45:03 cornette-lt crond(pam_unix)[2974]: session closed for user root Sep 7 06:50:01 cornette-lt crond(pam_unix)[3016]: session opened for user root by (uid=0) Sep 7 06:50:01 cornette-lt crond(pam_unix)[3018]: session opened for user root by (uid=0) Sep 7 06:50:01 cornette-lt crond(pam_unix)[3016]: session closed for user root Sep 7 06:50:02 cornette-lt crond(pam_unix)[3018]: session closed for user root Sep 7 06:55:01 cornette-lt crond(pam_unix)[3062]: session opened for user root by (uid=0) Sep 7 06:55:02 cornette-lt crond(pam_unix)[3062]: session closed for user root Sep 7 07:00:02 cornette-lt crond(pam_unix)[3105]: session opened for user root by (uid=0) Sep 7 07:00:02 cornette-lt crond(pam_unix)[3104]: session opened for user root by (uid=0) Sep 7 07:00:02 cornette-lt crond(pam_unix)[3104]: session closed for user root Sep 7 07:00:03 cornette-lt crond(pam_unix)[3105]: session closed for user root Sep 7 07:01:01 cornette-lt crond(pam_unix)[3117]: session opened for user root by (uid=0) Sep 7 07:01:01 cornette-lt crond(pam_unix)[3117]: session closed for user root Sep 7 07:04:14 cornette-lt login(pam_unix)[2384]: session closed for user jim Sep 7 07:04:14 cornette-lt login(pam_unix)[2383]: session closed for user root Sep 7 17:09:04 cornette-lt login(pam_unix)[2383]: session opened for user root by (uid=0) Sep 7 17:09:24 cornette-lt login(pam_unix)[2384]: session opened for user jim by (uid=0) Sep 7 17:10:01 cornette-lt crond(pam_unix)[2664]: session opened for user root by (uid=0) Sep 7 17:10:01 cornette-lt crond(pam_unix)[2663]: session opened for user root by (uid=0) Sep 7 17:10:02 cornette-lt crond(pam_unix)[2663]: session closed for user root Sep 7 17:10:06 cornette-lt crond(pam_unix)[2664]: session closed for user root Sep 7 17:15:01 cornette-lt crond(pam_unix)[2906]: session opened for user root by (uid=0) Sep 7 17:15:02 cornette-lt crond(pam_unix)[2906]: session closed for user root Sep 7 17:20:01 cornette-lt crond(pam_unix)[2997]: session opened for user root by (uid=0) Sep 7 17:20:01 cornette-lt crond(pam_unix)[2999]: session opened for user root by (uid=0) Sep 7 17:20:01 cornette-lt crond(pam_unix)[2997]: session closed for user root Sep 7 17:20:03 cornette-lt crond(pam_unix)[2999]: session closed for user root Sep 7 17:25:01 cornette-lt crond(pam_unix)[3083]: session opened for user root by (uid=0) Sep 7 17:25:04 cornette-lt crond(pam_unix)[3083]: session closed for user root Sep 7 17:30:01 cornette-lt crond(pam_unix)[3234]: session opened for user root by (uid=0) Sep 7 17:30:01 cornette-lt crond(pam_unix)[3235]: session opened for user root by (uid=0) Sep 7 17:30:02 cornette-lt crond(pam_unix)[3234]: session closed for user root Sep 7 17:30:03 cornette-lt crond(pam_unix)[3235]: session closed for user root Sep 7 17:35:01 cornette-lt crond(pam_unix)[3465]: session opened for user root by (uid=0) Sep 7 17:35:03 cornette-lt crond(pam_unix)[3465]: session closed for user root Sep 7 17:40:01 cornette-lt crond(pam_unix)[4699]: session opened for user root by (uid=0) Sep 7 17:40:01 cornette-lt crond(pam_unix)[4698]: session opened for user root by (uid=0) Sep 7 17:40:01 cornette-lt crond(pam_unix)[4698]: session closed for user root Sep 7 17:40:02 cornette-lt crond(pam_unix)[4699]: session closed for user root Sep 7 17:45:02 cornette-lt crond(pam_unix)[8752]: session opened for user root by (uid=0) Sep 7 17:45:04 cornette-lt crond(pam_unix)[8752]: session closed for user root Sep 7 17:50:02 cornette-lt crond(pam_unix)[8870]: session opened for user root by (uid=0) Sep 7 17:50:02 cornette-lt crond(pam_unix)[8871]: session opened for user root by (uid=0) Sep 7 17:50:03 cornette-lt crond(pam_unix)[8870]: session closed for user root Sep 7 17:50:05 cornette-lt crond(pam_unix)[8871]: session closed for user root Sep 7 17:55:01 cornette-lt crond(pam_unix)[9003]: session opened for user root by (uid=0) Sep 7 17:55:03 cornette-lt crond(pam_unix)[9003]: session closed for user root Sep 7 18:00:01 cornette-lt crond(pam_unix)[9070]: session opened for user root by (uid=0) Sep 7 18:00:01 cornette-lt crond(pam_unix)[9072]: session opened for user root by (uid=0) Sep 7 18:00:02 cornette-lt crond(pam_unix)[9070]: session closed for user root Sep 7 18:00:04 cornette-lt crond(pam_unix)[9072]: session closed for user root Sep 7 18:01:01 cornette-lt crond(pam_unix)[9084]: session opened for user root by (uid=0) Sep 7 18:01:01 cornette-lt crond(pam_unix)[9084]: session closed for user root Sep 7 18:05:01 cornette-lt crond(pam_unix)[9142]: session opened for user root by (uid=0) Sep 7 18:05:03 cornette-lt crond(pam_unix)[9142]: session closed for user root Sep 7 18:06:59 cornette-lt login(pam_unix)[2383]: session closed for user root Sep 7 18:06:59 cornette-lt login(pam_unix)[2384]: session closed for user jim Sep 7 18:10:01 cornette-lt crond(pam_unix)[2329]: session opened for user root by (uid=0) Sep 7 18:10:01 cornette-lt crond(pam_unix)[2328]: session opened for user root by (uid=0) Sep 7 18:10:02 cornette-lt crond(pam_unix)[2328]: session closed for user root Sep 7 18:10:10 cornette-lt crond(pam_unix)[2329]: session closed for user root Sep 7 18:10:30 cornette-lt login(pam_unix)[2388]: session opened for user root by (uid=0) Sep 7 18:10:40 cornette-lt login(pam_unix)[2389]: session opened for user jim by (uid=0) Sep 7 18:15:01 cornette-lt crond(pam_unix)[2906]: session opened for user root by (uid=0) Sep 7 18:15:02 cornette-lt crond(pam_unix)[2906]: session closed for user root Sep 7 18:20:01 cornette-lt crond(pam_unix)[2977]: session opened for user root by (uid=0) Sep 7 18:20:02 cornette-lt crond(pam_unix)[2976]: session opened for user root by (uid=0) Sep 7 18:20:02 cornette-lt crond(pam_unix)[2976]: session closed for user root Sep 7 18:20:05 cornette-lt crond(pam_unix)[2977]: session closed for user root Sep 7 18:25:01 cornette-lt crond(pam_unix)[3058]: session opened for user root by (uid=0) Sep 7 18:25:02 cornette-lt crond(pam_unix)[3058]: session closed for user root Sep 7 18:30:01 cornette-lt crond(pam_unix)[3105]: session opened for user root by (uid=0) Sep 7 18:30:01 cornette-lt crond(pam_unix)[3107]: session opened for user root by (uid=0) Sep 7 18:30:01 cornette-lt crond(pam_unix)[3105]: session closed for user root Sep 7 18:30:03 cornette-lt crond(pam_unix)[3107]: session closed for user root Sep 7 18:35:01 cornette-lt crond(pam_unix)[3154]: session opened for user root by (uid=0) Sep 7 18:35:02 cornette-lt crond(pam_unix)[3154]: session closed for user root Sep 7 18:40:01 cornette-lt crond(pam_unix)[3197]: session opened for user root by (uid=0) Sep 7 18:40:01 cornette-lt crond(pam_unix)[3196]: session opened for user root by (uid=0) Sep 7 18:40:01 cornette-lt crond(pam_unix)[3196]: session closed for user root Sep 7 18:40:02 cornette-lt crond(pam_unix)[3197]: session closed for user root Sep 7 18:45:01 cornette-lt crond(pam_unix)[3243]: session opened for user root by (uid=0) Sep 7 18:45:02 cornette-lt crond(pam_unix)[3243]: session closed for user root Sep 7 18:50:01 cornette-lt crond(pam_unix)[3285]: session opened for user root by (uid=0) Sep 7 18:50:01 cornette-lt crond(pam_unix)[3287]: session opened for user root by (uid=0) Sep 7 18:50:02 cornette-lt crond(pam_unix)[3285]: session closed for user root Sep 7 18:50:03 cornette-lt crond(pam_unix)[3287]: session closed for user root Sep 7 18:55:01 cornette-lt crond(pam_unix)[3332]: session opened for user root by (uid=0) Sep 7 18:55:02 cornette-lt crond(pam_unix)[3332]: session closed for user root Sep 7 19:00:01 cornette-lt crond(pam_unix)[3374]: session opened for user root by (uid=0) Sep 7 19:00:01 cornette-lt crond(pam_unix)[3375]: session opened for user root by (uid=0) Sep 7 19:00:01 cornette-lt crond(pam_unix)[3374]: session closed for user root Sep 7 19:00:03 cornette-lt crond(pam_unix)[3375]: session closed for user root Sep 7 19:01:01 cornette-lt crond(pam_unix)[3387]: session opened for user root by (uid=0) Sep 7 19:01:01 cornette-lt crond(pam_unix)[3387]: session closed for user root Sep 7 19:05:01 cornette-lt crond(pam_unix)[3436]: session opened for user root by (uid=0) Sep 7 19:05:02 cornette-lt crond(pam_unix)[3436]: session closed for user root Sep 7 19:10:01 cornette-lt crond(pam_unix)[3481]: session opened for user root by (uid=0) Sep 7 19:10:01 cornette-lt crond(pam_unix)[3483]: session opened for user root by (uid=0) Sep 7 19:10:02 cornette-lt crond(pam_unix)[3481]: session closed for user root Sep 7 19:10:03 cornette-lt crond(pam_unix)[3483]: session closed for user root Sep 7 19:15:01 cornette-lt crond(pam_unix)[3530]: session opened for user root by (uid=0) Sep 7 19:15:02 cornette-lt crond(pam_unix)[3530]: session closed for user root Sep 7 19:20:01 cornette-lt crond(pam_unix)[24604]: session opened for user root by (uid=0) Sep 7 19:20:01 cornette-lt crond(pam_unix)[24605]: session opened for user root by (uid=0) Sep 7 19:20:02 cornette-lt crond(pam_unix)[24604]: session closed for user root Sep 7 19:20:03 cornette-lt crond(pam_unix)[24605]: session closed for user root Sep 7 19:25:01 cornette-lt crond(pam_unix)[27929]: session opened for user root by (uid=0) Sep 7 19:25:02 cornette-lt crond(pam_unix)[27929]: session closed for user root Sep 7 19:30:01 cornette-lt crond(pam_unix)[28608]: session opened for user root by (uid=0) Sep 7 19:30:02 cornette-lt crond(pam_unix)[28607]: session opened for user root by (uid=0) Sep 7 19:30:02 cornette-lt crond(pam_unix)[28607]: session closed for user root Sep 7 19:30:02 cornette-lt crond(pam_unix)[28608]: session closed for user root Sep 7 19:35:01 cornette-lt crond(pam_unix)[28841]: session opened for user root by (uid=0) Sep 7 19:35:02 cornette-lt crond(pam_unix)[28841]: session closed for user root Sep 7 19:40:01 cornette-lt crond(pam_unix)[29136]: session opened for user root by (uid=0) Sep 7 19:40:01 cornette-lt crond(pam_unix)[29139]: session opened for user root by (uid=0) Sep 7 19:40:01 cornette-lt crond(pam_unix)[29136]: session closed for user root Sep 7 19:40:02 cornette-lt crond(pam_unix)[29139]: session closed for user root Sep 7 19:45:01 cornette-lt crond(pam_unix)[29403]: session opened for user root by (uid=0) Sep 7 19:45:02 cornette-lt crond(pam_unix)[29403]: session closed for user root Sep 7 19:50:01 cornette-lt crond(pam_unix)[29597]: session opened for user root by (uid=0) Sep 7 19:50:01 cornette-lt crond(pam_unix)[29598]: session opened for user root by (uid=0) Sep 7 19:50:01 cornette-lt crond(pam_unix)[29597]: session closed for user root Sep 7 19:50:01 cornette-lt crond(pam_unix)[29598]: session closed for user root Sep 7 19:55:01 cornette-lt crond(pam_unix)[29825]: session opened for user root by (uid=0) Sep 7 19:55:02 cornette-lt crond(pam_unix)[29825]: session closed for user root Sep 7 20:00:01 cornette-lt crond(pam_unix)[29987]: session opened for user root by (uid=0) Sep 7 20:00:01 cornette-lt crond(pam_unix)[29988]: session opened for user root by (uid=0) Sep 7 20:00:01 cornette-lt crond(pam_unix)[29987]: session closed for user root Sep 7 20:00:02 cornette-lt crond(pam_unix)[29988]: session closed for user root Sep 7 20:01:01 cornette-lt crond(pam_unix)[30046]: session opened for user root by (uid=0) Sep 7 20:01:02 cornette-lt crond(pam_unix)[30046]: session closed for user root Sep 7 20:02:20 cornette-lt login(pam_unix)[2389]: session closed for user jim Sep 7 20:02:20 cornette-lt login(pam_unix)[2388]: session closed for user root Sep 7 20:52:22 cornette-lt login(pam_unix)[2383]: session opened for user root by (uid=0) Sep 7 20:52:43 cornette-lt login(pam_unix)[2384]: session opened for user jim by (uid=0) Sep 7 20:55:01 cornette-lt crond(pam_unix)[2857]: session opened for user root by (uid=0) Sep 7 20:55:16 cornette-lt crond(pam_unix)[2857]: session closed for user root Sep 7 21:00:01 cornette-lt crond(pam_unix)[2933]: session opened for user root by (uid=0) Sep 7 21:00:01 cornette-lt crond(pam_unix)[2934]: session opened for user root by (uid=0) Sep 7 21:00:01 cornette-lt crond(pam_unix)[2933]: session closed for user root Sep 7 21:00:03 cornette-lt crond(pam_unix)[2934]: session closed for user root Sep 7 21:01:01 cornette-lt crond(pam_unix)[2948]: session opened for user root by (uid=0) Sep 7 21:01:01 cornette-lt crond(pam_unix)[2948]: session closed for user root Sep 7 21:05:01 cornette-lt crond(pam_unix)[2990]: session opened for user root by (uid=0) Sep 7 21:05:03 cornette-lt crond(pam_unix)[2990]: session closed for user root Sep 7 21:10:01 cornette-lt crond(pam_unix)[3032]: session opened for user root by (uid=0) Sep 7 21:10:01 cornette-lt crond(pam_unix)[3033]: session opened for user root by (uid=0) Sep 7 21:10:01 cornette-lt crond(pam_unix)[3032]: session closed for user root Sep 7 21:10:02 cornette-lt crond(pam_unix)[3033]: session closed for user root Sep 7 21:15:01 cornette-lt crond(pam_unix)[3077]: session opened for user root by (uid=0) Sep 7 21:15:02 cornette-lt crond(pam_unix)[3077]: session closed for user root Sep 7 21:20:02 cornette-lt crond(pam_unix)[3134]: session opened for user root by (uid=0) Sep 7 21:20:02 cornette-lt crond(pam_unix)[3133]: session opened for user root by (uid=0) Sep 7 21:20:02 cornette-lt crond(pam_unix)[3133]: session closed for user root Sep 7 21:20:03 cornette-lt crond(pam_unix)[3134]: session closed for user root Sep 7 21:20:26 cornette-lt login(pam_unix)[2383]: session closed for user root Sep 7 21:20:26 cornette-lt login(pam_unix)[2384]: session closed for user jim Sep 7 22:02:54 cornette-lt login(pam_unix)[2382]: session opened for user root by (uid=0) Sep 7 22:05:01 cornette-lt crond(pam_unix)[2687]: session opened for user root by (uid=0) Sep 7 22:05:10 cornette-lt crond(pam_unix)[2687]: session closed for user root Sep 7 22:05:59 cornette-lt login(pam_unix)[2383]: session opened for user jim by (uid=0) Sep 7 22:10:02 cornette-lt crond(pam_unix)[2964]: session opened for user root by (uid=0) Sep 7 22:10:02 cornette-lt crond(pam_unix)[2963]: session opened for user root by (uid=0) Sep 7 22:10:02 cornette-lt crond(pam_unix)[2963]: session closed for user root Sep 7 22:10:03 cornette-lt crond(pam_unix)[2964]: session closed for user root Sep 7 22:15:01 cornette-lt crond(pam_unix)[3009]: session opened for user root by (uid=0) Sep 7 22:15:02 cornette-lt crond(pam_unix)[3009]: session closed for user root Sep 7 22:20:01 cornette-lt crond(pam_unix)[3056]: session opened for user root by (uid=0) Sep 7 22:20:01 cornette-lt crond(pam_unix)[3055]: session opened for user root by (uid=0) Sep 7 22:20:02 cornette-lt crond(pam_unix)[3055]: session closed for user root Sep 7 22:20:02 cornette-lt crond(pam_unix)[3056]: session closed for user root Sep 7 22:22:27 cornette-lt su(pam_unix)[3109]: session opened for user root by (uid=500) Sep 7 22:22:27 cornette-lt su(pam_unix)[3113]: session closed for user root Sep 7 22:22:27 cornette-lt su(pam_unix)[3109]: session closed for user root Sep 7 22:25:01 cornette-lt crond(pam_unix)[3143]: session opened for user root by (uid=0) Sep 7 22:25:03 cornette-lt crond(pam_unix)[3143]: session closed for user root Sep 7 22:28:57 cornette-lt su(pam_unix)[3186]: authentication failure; logname= uid=500 euid=500 tty=pts/0 ruser=jim rhost= user=kdejim Sep 7 22:29:35 cornette-lt passwd(pam_unix)[3192]: password changed for kdejim Sep 7 22:29:55 cornette-lt su(pam_unix)[3197]: session opened for user kdejim by (uid=500) Sep 7 22:29:55 cornette-lt su(pam_unix)[3201]: session closed for user kdejim Sep 7 22:29:55 cornette-lt su(pam_unix)[3197]: session closed for user kdejim Sep 7 22:30:01 cornette-lt crond(pam_unix)[3203]: session opened for user root by (uid=0) Sep 7 22:30:01 cornette-lt crond(pam_unix)[3206]: session opened for user root by (uid=0) Sep 7 22:30:01 cornette-lt crond(pam_unix)[3203]: session closed for user root Sep 7 22:30:01 cornette-lt crond(pam_unix)[3206]: session closed for user root As far as I can tell this was not caused by a change in coreutils.spec. This is caused by /usr/lib/rpm/find-debuginfo.sh:
if test -w "$f"; then
eu-strip -f "${debugfn}" "$f" || :
else
chmod u+w "$f"
eu-strip -f "${debugfn}" "$f" || :
chmod u-w "$f"
The eu-strip program does not restore the file permissions correctly. (In
contract, the strip program does.)
The reason this has shown up now is that find-debuginfo.sh now tries to strip setuid ELF files too. This script checks the file(1) output against a regular expression, and this expression changed. FWIW, coreutils-5.2.1-54 explicitly lists /bin/su as setuid in the file manifest, so *this* package no longer has a problem. There may well be others due to this change in behaviour of find-debuginfo.sh. *** Bug 167892 has been marked as a duplicate of this bug. *** Please show me a simple test case of eu-strip changing the file permissions. I do not see it. [tim@cyberelk ~]$ install -m 04755 /bin/bash /tmp/bash [tim@cyberelk ~]$ ls -l /tmp/bash -rwsr-xr-x 1 tim tim 764704 Sep 9 22:36 /tmp/bash* [tim@cyberelk ~]$ eu-strip -f /tmp/foo /tmp/bash [tim@cyberelk ~]$ ls -l /tmp/bash -rwxr-xr-x 1 tim tim 762432 Sep 9 22:36 /tmp/bash* Now I can't figure out how the similar test I did earlier gave me different results from those. I've fixed the problem upstream and there will be a new rawhide build before too long. This was fixed a while back, and should be fine in FC5. |