59746 – sudo-1.6.4 always exits with: seteuid(0): Operation not permitted

Bug 59746 - sudo-1.6.4 always exits with: seteuid(0): Operation not permitted

Summary: sudo-1.6.4 always exits with: seteuid(0): Operation not permitted

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat Powertools
Classification:	Retired
Component:	sudo
Sub Component:
Version:	6.2
Hardware:	sparc
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Bernhard Rosenkraenzer
QA Contact:	Ben Levenson
Docs Contact:
URL:	http://www.sudo.ws/sudo/dist/sudo-1.6...
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2002-02-12 16:36 UTC by Charles R. Anderson
Modified:	2007-04-18 16:40 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2003-02-12 11:14:01 UTC
Embargoed:

Attachments	(Terms of Use)

Description Charles R. Anderson 2002-02-12 16:36:44 UTC

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux sparc64; en-US; rv:0.9.6) Gecko/20011120

Description of problem:
The latest errata update sudo-1.6.4-0.6x.2 fails to work at all.  No
matter how it is invoked, it always exits with this error message:

seteuid(0): Operation not permitted

before even asking for a password.



Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. install RH 6.2 Powertools Sparc security update sudo-1.6.4-0.6x.2
2. type "sudo ls"
3.
	

Actual Results:  >sudo ls
seteuid(0): Operation not permitted


Expected Results:  The command should have been executed with superuser permissions.

Additional info:

I rebuilt the RPM package using sudo-1.6.5p2 from the URL in this bug report,
and the problem still exists.  The newer sudo package, however, reports more
information:

>sudo ls
seteuid(0) failed, your operating system may have broken POSIX saved ID support
Try running configure with --disable-saved-ids

So I guess the temporary fix is to add that configure option.  I did that and it
seems to work, but I don't know the security implications of not using saved
ids.  The real fix would be to fix the saved ids implementation in the
kernel/glibc?  I'm using the latest errata kernel and glibc packages:

kernel-2.2.19-6.2.12 (sparc64)
Linux localhost 2.2.19-6.2.12 #1 Fri Oct 26 13:31:19 EDT 2001 sparc64  unknown

glibc-2.1.3-23 (sparcv9)

Comment 1 Bernhard Rosenkraenzer 2002-02-12 17:10:08 UTC

Adding kernel and glibc maintainers to Cc list - Jakub, Arjan, are there any known issues 
with seteuid on sparc?

Comment 2 Jakub Jelinek 2002-02-12 17:30:57 UTC

Checking vger.samba.org CVSweb, looks like setresuid/setresgid appeared
on sparc/sparc64 in 2.3.40 and haven't been backported to 2.2.* kernels.

Comment 3 David Miller 2002-02-13 05:22:17 UTC

Jakub, the entries are there in my 2.2.x tree.  Where are you looking?

arch/sparc64/kernel/systbls.S, revision 1.53.2.7

has sys_reuid/sys_regid in syscall32 entries 126 and 127

arch/sparc/kernel/systbls.S, revision 1.55.2.2

similarly for sparc32's syscall table.

They are also present in the asm/unistd.h header shipped on
a 6.2 system.
You mention setresuid/setresgid but thats irrelevant since seteuid() is
implemented with setreuid not setresuid.
If glibc implements seteuid() using setresuid() now, that would
be news. :-)

Comment 4 Mark J. Cox 2003-02-12 11:14:01 UTC

Power Tools/sparc architecture are no longer supported

Note You need to log in before you can comment on or make changes to this bug.