Bug 219911 - Fails to run as root
Summary: Fails to run as root
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Fedora Hosted Projects
Classification: Retired
Component: mock
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Clark Williams
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-12-16 09:44 UTC by Loïc Minier
Modified: 2013-01-10 04:09 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-12-19 16:02:37 UTC
Embargoed:


Attachments (Terms of Use)

Description Loïc Minier 2006-12-16 09:44:02 UTC
Hi,

When invoking mock as root:
# mock -r fedora-devel-x86_64-core --debug  init
You need to be a member of the mock group for this to work

I don't think it's reasonnable to refuse to root to run *because he is not in
some group*.

I would prefer mock to run as root because this sets a sane owner/group for
unpacked files in the chroot (root).

I understand mock might want to refuse running as root at all for security
reasons (FYI, mach permits running as root), but there should be a separate
test/message for this case.

Bye,

Comment 1 Jesse Keating 2006-12-16 17:57:02 UTC
Personally I'd rather it never run as root, raises the barrier to something
silly happening to the root file system.  I'll leave it up to Clark to decide
though.

Comment 2 Clark Williams 2006-12-19 16:02:37 UTC
Actually, I've never been a fan of the "must be a member of the mock" group. The
next version of mock that will go into rawhide (mock-0.7+) will remove that
requirement. 

I can move the root check up so that the message makes more sense, but I'm
trying not to do major changes to the 0.6x branch. So for now mock will continue
to have the "no root" and "must be in group mock" behavior. 

Hopefully I'll get the new version out to rawhide around the first of the year. 

Comment 3 Loïc Minier 2006-12-19 17:00:20 UTC
Why don't you set the target milestone to 0.7.0 then?

Also, how will you filter users who are allowed to run the SUID root helper
mock-helper?  In particular, it allows chrooting, but it's trivial to get out of
a chroot.

Comment 4 Clark Williams 2006-12-19 17:22:08 UTC
I would set the target milestone if I could figure out how.

The idea in mock-0.7 is to do away with mock-helper altogether and replace it
with a setuid:root launcher named mock. The new launcher just runs
/usr/libexec/mock.py as root (in a new namespace) and mock.py then raises and
lowers privledge levels as needed. 


Comment 5 Jesse Keating 2006-12-19 18:24:55 UTC
(In reply to comment #4)
> I would set the target milestone if I could figure out how.

Move the mock ticketing to http://hosted.fedoraproject.org/projects/mock ?  (:


Comment 6 Loïc Minier 2006-12-20 07:58:35 UTC
@Clark: you still need a way to restrict who's going to be allowed to use the
suid root wrapper (which might see security holes), or which privileges.


Feel free to move the report across ticketing systems, but closing it because
another behavior might be implemented in a future redesign branch doesn't
encourage me to file enhancement bugs against mock.   :-/


Note You need to log in before you can comment on or make changes to this bug.