Bug 163303 - vipw/vigr fails to detect terminal
Summary: vipw/vigr fails to detect terminal
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted
Version: 4
Hardware: All
OS: Linux
medium
high
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact:
URL:
Whiteboard:
: 162844 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-07-14 22:05 UTC by Ignacio Vazquez-Abrams
Modified: 2007-11-30 22:11 UTC (History)
4 users (show)

Fixed In Version: Current
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-09-27 20:37:55 UTC


Attachments (Terms of Use)

Description Ignacio Vazquez-Abrams 2005-07-14 22:05:53 UTC
When running vipw/vigr as root in a terminal the following appears:

Vim: Warning: Output is not to a terminal
Vim: Warning: Input is not from a terminal

Keypresses appear "raw" instead of showing their normal effect. They do still
appear to work though, although the only thing I really tried in that state was
":q!".

Comment 1 Tomasz Ostrowski 2005-07-26 07:04:45 UTC
If the editor is other than vi then it is impossible to get out of it - I use
joe and I'm not able to CTRL-C out of it - I have to kill it from another
console. In single user mode I'd have to reset the system.

Comment 2 Ignacio Vazquez-Abrams 2005-07-28 07:12:49 UTC
It seems that something got updated in the meantime that fixed the problem. I'll
look into it a little more.

Comment 3 Charles C. Van Tilburg 2005-07-28 13:42:19 UTC
bug 162844 also deals with this... FC4

selinux seems to be involved...

Comment 4 Charles C. Van Tilburg 2005-07-28 13:46:36 UTC
setenforce 0 causes vipw to work just fine...

Comment 5 Tomasz Ostrowski 2005-07-28 14:52:34 UTC
A better workaround than turning off selinux (when using targeted policy):

1. Install selinux-policy-targeted-sources package:
yum install selinux-policy-targeted-sources

2. Add a line:
allow sysadm_passwd_t devpts_t:chr_file ioctl;
to /etc/selinux/targeted/src/policy/domains/misc/local.te

3. make -C /etc/selinux/targeted/src/policy reload

I think "component" for this bug should be changed to selinux-policy-targeted
and the bug assigned to Daniel Walsh - policy maintainer.

Comment 6 Charles C. Van Tilburg 2005-07-28 15:01:41 UTC
well, of course you should turn it back on after...

Comment 7 Karel Zak 2005-07-28 15:26:53 UTC
*** Bug 162844 has been marked as a duplicate of this bug. ***

Comment 9 Charles C. Van Tilburg 2005-07-28 15:39:46 UTC
actually, 162844 was first...

Comment 10 Daniel Walsh 2005-07-28 16:45:17 UTC
Fixed in selinux-policy-targetd-1.25.3-9

Comment 11 John Villalovos 2005-08-08 04:25:42 UTC
I don't know if the "fix" broke it for me.  But vipw does NOT work at all if I
login on the text console.  No error message is displayed, I just return back to
the command prompt.

vipw works if I SSH in using PuTTY.
vipw works if I run X Windows and start a terminal.

With the text console, when I run vipw, I get the following in
/var/log/audit/audit.log

type=AVC msg=audit(1123474668.338:12872868): avc:  denied  { search } for 
pid=20917 comm="vim" name="sys" dev=proc ino=-268435431
scontext=root:system_r:sysadm_passwd_t tcontext=system_u:object_r:sysctl_t
tclass=dir
type=SYSCALL msg=audit(1123474668.338:12872868): arch=40000003 syscall=5
success=no exit=-13 a0=d11170 a1=0 a2=bfbd6c60 a3=0 items=1 pid=20917 auid=0
uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="vim"
exe="/usr/bin/vim"
type=CWD msg=audit(1123474668.338:12872868):  cwd="/etc"
type=PATH msg=audit(1123474668.338:12872868): item=0
name="/proc/sys/kernel/version" flags=101  inode=4026531865 dev=00:03
mode=040555 ouid=0 ogid=0 rdev=00:00

I'm pretty sure that vipw was working before with the text console, since that
is primarily what I use on the system.

Also here is an strace dump of the failed vipw:

execve("/usr/sbin/vipw", ["vipw"], [/* 20 vars */]) = 0
brk(0)                                  = 0x9b37000
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7f15000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY)      = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=45866, ...}) = 0
old_mmap(NULL, 45866, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7f09000
close(3)                                = 0
open("/lib/libselinux.so.1", O_RDONLY)  = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\20\225"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=68864, ...}) = 0
old_mmap(0xb67000, 68592, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
= 0xb67000
old_mmap(0xb77000, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x10000) = 0xb77000
close(3)                                = 0
open("/lib/libc.so.6", O_RDONLY)        = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\n\317\272"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=1489572, ...}) = 0
old_mmap(0xb98000, 1219548, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3,
0) = 0xb98000
old_mmap(0xcbc000, 16384, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x124000) = 0xcbc000
old_mmap(0xcc0000, 7132, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xcc0000
close(3)                                = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7f08000
set_thread_area({entry_number:-1 -> 6, base_addr:0xb7f086c0, limit:1048575,
seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0,
useable:1}) = 0
mprotect(0xcbc000, 8192, PROT_READ)     = 0
mprotect(0xb94000, 4096, PROT_READ)     = 0
munmap(0xb7f09000, 45866)               = 0
access("/etc/selinux/", F_OK)           = 0
brk(0)                                  = 0x9b37000
brk(0x9b58000)                          = 0x9b58000
open("/etc/selinux/config", O_RDONLY|O_LARGEFILE) = -1 EACCES (Permission denied)
open("/proc/mounts", O_RDONLY|O_LARGEFILE) = 3
fstat64(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7f14000
read(3, "rootfs / rootfs rw 0 0\n/dev /dev"..., 1024) = 520
close(3)                                = 0
munmap(0xb7f14000, 4096)                = 0
open("/usr/lib/locale/locale-archive", O_RDONLY|O_LARGEFILE) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=48520880, ...}) = 0
mmap2(NULL, 2097152, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7d08000
close(3)                                = 0
setrlimit(RLIMIT_CPU, {rlim_cur=RLIM_INFINITY, rlim_max=RLIM_INFINITY}) = 0
setrlimit(RLIMIT_FSIZE, {rlim_cur=RLIM_INFINITY, rlim_max=RLIM_INFINITY}) = 0
setrlimit(RLIMIT_STACK, {rlim_cur=RLIM_INFINITY, rlim_max=RLIM_INFINITY}) = 0
setrlimit(RLIMIT_DATA, {rlim_cur=RLIM_INFINITY, rlim_max=RLIM_INFINITY}) = 0
setrlimit(RLIMIT_RSS, {rlim_cur=RLIM_INFINITY, rlim_max=RLIM_INFINITY}) = 0
setrlimit(RLIMIT_CORE, {rlim_cur=0, rlim_max=0}) = 0
rt_sigaction(SIGALRM, {SIG_IGN}, {SIG_DFL}, 8) = 0
rt_sigaction(SIGHUP, {SIG_IGN}, {SIG_DFL}, 8) = 0
rt_sigaction(SIGINT, {SIG_IGN}, {SIG_DFL}, 8) = 0
rt_sigaction(SIGPIPE, {SIG_IGN}, {SIG_DFL}, 8) = 0
rt_sigaction(SIGQUIT, {SIG_IGN}, {SIG_DFL}, 8) = 0
rt_sigaction(SIGTERM, {SIG_IGN}, {SIG_DFL}, 8) = 0
rt_sigaction(SIGTSTP, {SIG_IGN}, {SIG_DFL}, 8) = 0
rt_sigaction(SIGTTOU, {SIG_IGN}, {SIG_DFL}, 8) = 0
umask(0)                                = 022
open("/etc/ptmptmp", O_WRONLY|O_CREAT|O_LARGEFILE, 0600) = 3
link("/etc/ptmptmp", "/etc/ptmp")       = 0
unlink("/etc/ptmptmp")                  = 0
open("/etc/passwd", O_RDONLY|O_LARGEFILE) = 4
read(4, "root:x:0:0:root:/root:/bin/bash\n"..., 8192) = 2589
write(3, "root:x:0:0:root:/root:/bin/bash\n"..., 2589) = 2589
read(4, "", 8192)                       = 0
close(4)                                = 0
close(3)                                = 0
stat64("/etc/ptmp", {st_mode=S_IFREG|0600, st_size=2589, ...}) = 0
clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD,
child_tidptr=0xb7f08708) = 19217
waitpid(19217, [{WIFEXITED(s) && WEXITSTATUS(s) == 1}], WSTOPPED) = 19217
--- SIGCHLD (Child exited) @ 0 (0) ---
write(2, "vipw: ", 6)                   = 6
write(2, "vim: ", 5)                    = 5
open("/usr/share/locale/locale.alias", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=2528, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7d07000
read(3, "# Locale name alias data base.\n#"..., 4096) = 2528
read(3, "", 4096)                       = 0
close(3)                                = 0
munmap(0xb7d07000, 4096)                = 0
open("/usr/share/locale/en_US.UTF-8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT
(No such file or directory)
open("/usr/share/locale/en_US.utf8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT
(No such file or directory)
open("/usr/share/locale/en_US/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No
such file or directory)
open("/usr/share/locale/en.UTF-8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No
such file or directory)
open("/usr/share/locale/en.utf8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No
such file or directory)
open("/usr/share/locale/en/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such
file or directory)
write(2, "Permission denied\n", 18)     = 18
open("/usr/share/locale/en_US.UTF-8/LC_MESSAGES/util-linux.mo", O_RDONLY) = -1
ENOENT (No such file or directory)
open("/usr/share/locale/en_US.utf8/LC_MESSAGES/util-linux.mo", O_RDONLY) = -1
ENOENT (No such file or directory)
open("/usr/share/locale/en_US/LC_MESSAGES/util-linux.mo", O_RDONLY) = -1 ENOENT
(No such file or directory)
open("/usr/share/locale/en.UTF-8/LC_MESSAGES/util-linux.mo", O_RDONLY) = -1
ENOENT (No such file or directory)
open("/usr/share/locale/en.utf8/LC_MESSAGES/util-linux.mo", O_RDONLY) = -1
ENOENT (No such file or directory)
open("/usr/share/locale/en/LC_MESSAGES/util-linux.mo", O_RDONLY) = -1 ENOENT (No
such file or directory)
write(2, "vipw: /etc/passwd unchanged\n", 28) = 28
unlink("/etc/ptmp")                     = 0
exit_group(1)                           = ?



Note You need to log in before you can comment on or make changes to this bug.