Bug 598444

Summary: net-snmpd fails and dies when configured to run as user
Product: Red Hat Enterprise Linux 6 Reporter: bugreports2005
Component: net-snmpAssignee: Jan Safranek <jsafrane>
Status: CLOSED DUPLICATE QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: medium Docs Contact:
Priority: low    
Version: 6.0   
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-06-01 12:24:25 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description bugreports2005 2010-06-01 12:20:32 UTC 
Description of problem:

snmpd fails and dies trying to downgrade its privileges, when ran with the -u and -g options.

Version-Release number of selected component (if applicable):

net-snmp-5.5-12.el6.i686 from RHEL6 Beta 1.

How reproducible:

Always.

Steps to Reproduce:
1. Open /etc/sysconfig/snmpd and set something like this:
   OPTIONS="-LS0-6d -Lf /dev/null -p /var/run/snmpd.pid -u daemon -g daemon"
2. service snmpd restart
3. service snmpd status

Actual results:

snmpd dead but pid file exists
a log entry is made saying "initgroups failed: Operation not permitted"

Expected results:

snmpd running as user "daemon".

Additional info:

I understand that snmpd tries to change the group after having already changed the uid and therefore having lost the privilege to do so. Upstream has fixed this by changing the group first and then the uid (SVN revision 18452).
Comment 1 Jan Safranek 2010-06-01 12:24:25 UTC 

*** This bug has been marked as a duplicate of bug 578405 ***
Comment 2 Jan Safranek 2010-06-01 12:35:13 UTC 
Thanks for the report! It's good to see someone actually tests the beta and reports problems... even if this one was caught by our QA guys.