Bug 501666

Summary: execcap / libcap works incorrectly WITHOUT ltrace.
Product: Red Hat Enterprise Linux 5 Reporter: Kirby Zhou <kirbyzhou>
Component: libcapAssignee: Karsten Hopp <karsten>
Status: CLOSED WONTFIX QA Contact: BaseOS QE <qe-baseos-auto>
Severity: high Docs Contact:
Priority: low    
Version: 5.3CC: kirbyzhou
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-06-02 13:03:43 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Kirby Zhou 2009-05-20 09:00:41 UTC 
Description of problem:

  Cannot make execcap working correctly WITHOUT ltrace. It doesnot modify any caps, but when I use ltrace to trace it, everything goes well except bash.


Version-Release number of selected component (if applicable):

 libcap-1.10-26.x86_64
 kernel-2.6.18-128.el5
 glibc-2.5-34
 ltrace-0.5-7.45svn.el5

How reproducible:

 100%

Steps to Reproduce:

[@89.112 home]# ll
total 4
drwx------ 3 kirbyzhou kirbyzhou 4096 May 20 16:47 kirbyzhou

[@89.112 home]# execcap 'cap_chown-eip' chown 0.0 kirbyzhou/test 
### it is successful!!!! ###
[@89.112 home]# execcap 'cap_chown=' chown 0.0 kirbyzhou/test 
### it is successful!!!! ###

[@89.112 home]# ltrace execcap 'cap_chown-eip' chown 0.0 kirbyzhou/test 
__libc_start_main(0x400881, 5, 0x7fffcab71578, 0x400980, 0x400970 <unfinished ...>
getuid()                                                                         = 0
cap_from_text(0x7fffcab72c04, 0x7fffcab71578, 0x7fffcab715a8, -1, 0x3ce41512d0)  = 0x1e146014
cap_set_proc(0x1e146014, 0, 0x3ce3f0aae0, 0, 4)                                  = 0
execvp(0x7fffcab72c12, 0x7fffcab71588, 0x3ce3f0aae0, -1, 4 <unfinished ...>
unexpected breakpoint at 0x3ce3a00a6f
chown: cannot access `kirbyzhou/test': Permission denied
+++ exited (status 1) +++

[@89.112 home]# ltrace execcap 'cap_chown=' chown 0.0 kirbyzhou/test               
__libc_start_main(0x400881, 5, 0x7fffb7287c88, 0x400980, 0x400970 <unfinished ...>
getuid()                                                                         = 0
cap_from_text(0x7fffb7288c07, 0x7fffb7287c88, 0x7fffb7287cb8, -1, 0x3ce41512d0)  = 0x244b014
cap_set_proc(0x244b014, 0, 0x3ce3f0aae0, 0, 4)                                   = 0
execvp(0x7fffb7288c12, 0x7fffb7287c98, 0x3ce3f0aae0, -1, 4 <unfinished ...>
unexpected breakpoint at 0x3ce3a00a6f
chown: cannot access `kirbyzhou/test': Permission denied
+++ exited (status 1) +++

Actual results:

  See above 
 
Expected results:

  Without ltrace, execcap can limit process's capability. The following statemenet would fail.
  execcap 'cap_chown=' chown 0.0 kirbyzhou/test 

Additional info:
  
  Even with ltrace, , execcap can limit bash:

[@89.112 home]# ltrace execcap 'CAP_CHOWN=' bash                         
__libc_start_main(0x400881, 3, 0x7fff0b27aca8, 0x400980, 0x400970 <unfinished ...>
getuid()                                                                         = 0
cap_from_text(0x7fff0b27bc1b, 0x7fff0b27aca8, 0x7fff0b27acc8, -1, 0x3ce41512d0)  = 0x147f7014
cap_set_proc(0x147f7014, 0, 0x3ce3f0aae0, 0, 4)                                  = 0
execvp(0x7fff0b27bc26, 0x7fff0b27acb8, 0x3ce3f0aae0, -1, 4 <unfinished ...>
unexpected breakpoint at 0x3ce3a00a6f
--- SIGCHLD (Child exited) ---
--- SIGCHLD (Child exited) ---
--- SIGCHLD (Child exited) ---
--- SIGCHLD (Child exited) ---
--- SIGCHLD (Child exited) ---
--- SIGCHLD (Child exited) ---
--- SIGCHLD (Child exited) ---
--- SIGCHLD (Child exited) ---
--- SIGCHLD (Child exited) ---
[@89.112 home]# getpcaps $$
--- SIGCHLD (Child exited) ---
Capabilities for `22102': =
--- SIGCHLD (Child exited) ---
--- SIGCHLD (Child exited) ---
[@89.112 home]# chown 0.0 kirbyzhou/test
--- SIGCHLD (Child exited) ---
--- SIGCHLD (Child exited) ---
--- SIGCHLD (Child exited) ---
[@89.112 home]#
Comment 1 RHEL Program Management 2014-03-07 13:35:23 UTC 
This bug/component is not included in scope for RHEL-5.11.0 which is the last RHEL5 minor release. This Bugzilla will soon be CLOSED as WONTFIX (at the end of RHEL5.11 development phase (Apr 22, 2014)). Please contact your account manager or support representative in case you need to escalate this bug.
Comment 2 RHEL Program Management 2014-06-02 13:03:43 UTC 
Thank you for submitting this request for inclusion in Red Hat Enterprise Linux 5. We've carefully evaluated the request, but are unable to include it in RHEL5 stream. If the issue is critical for your business, please provide additional business justification through the appropriate support channels (https://access.redhat.com/site/support).