From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux sparc64; en-US; rv:0.9.6) Gecko/20011120 Description of problem: The latest errata update sudo-1.6.4-0.6x.2 fails to work at all. No matter how it is invoked, it always exits with this error message: seteuid(0): Operation not permitted before even asking for a password. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. install RH 6.2 Powertools Sparc security update sudo-1.6.4-0.6x.2 2. type "sudo ls" 3. Actual Results: >sudo ls seteuid(0): Operation not permitted Expected Results: The command should have been executed with superuser permissions. Additional info: I rebuilt the RPM package using sudo-1.6.5p2 from the URL in this bug report, and the problem still exists. The newer sudo package, however, reports more information: >sudo ls seteuid(0) failed, your operating system may have broken POSIX saved ID support Try running configure with --disable-saved-ids So I guess the temporary fix is to add that configure option. I did that and it seems to work, but I don't know the security implications of not using saved ids. The real fix would be to fix the saved ids implementation in the kernel/glibc? I'm using the latest errata kernel and glibc packages: kernel-2.2.19-6.2.12 (sparc64) Linux localhost 2.2.19-6.2.12 #1 Fri Oct 26 13:31:19 EDT 2001 sparc64 unknown glibc-2.1.3-23 (sparcv9)
Adding kernel and glibc maintainers to Cc list - Jakub, Arjan, are there any known issues with seteuid on sparc?
Checking vger.samba.org CVSweb, looks like setresuid/setresgid appeared on sparc/sparc64 in 2.3.40 and haven't been backported to 2.2.* kernels.
Jakub, the entries are there in my 2.2.x tree. Where are you looking? arch/sparc64/kernel/systbls.S, revision 1.53.2.7 has sys_reuid/sys_regid in syscall32 entries 126 and 127 arch/sparc/kernel/systbls.S, revision 1.55.2.2 similarly for sparc32's syscall table. They are also present in the asm/unistd.h header shipped on a 6.2 system. You mention setresuid/setresgid but thats irrelevant since seteuid() is implemented with setreuid not setresuid. If glibc implements seteuid() using setresuid() now, that would be news. :-)
Power Tools/sparc architecture are no longer supported