From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003 Description of problem: After performing three RH 6.2->7.3 upgrades, and installing the update RPMS, the systems behaved oddly. After reboot, 'ps ax' showed the following: 29528 ? S 0:00 [sendmail] 29529 ? S 0:00 [mimedefang] 29538 ? S 0:00 [sendmail] 29594 ? S 0:00 [sendmail] 30360 ? S 0:00 [sendmail] 30781 ? S 0:00 [sendmail] 30869 ? S 0:00 [sendmail] 30919 ? S 0:00 [sendmail] 32539 ? S 0:00 [sendmail] 32540 ? S 0:00 [mimedefang] 1367 ? S 0:00 [sendmail] 1758 ? S 0:00 [mimedefang] 4211 ? S 0:00 [sendmail] 4214 ? S 0:00 [mimedefang] 4686 ? S 0:00 [sendmail] 4688 ? S 0:00 [mimedefang] 4785 ? S 0:00 [sendmail] 4786 ? S 0:00 [mimedefang] 4998 ? S 0:00 [sendmail] 4999 ? S 0:00 [mimedefang] 5005 ? S 0:00 [sendmail] 5006 ? S 0:00 [mimedefang] 5518 ? S 0:00 [sendmail] 5598 ? S 0:00 [mimedefang] 5669 ? S 0:00 [sendmail] 5671 ? S 0:00 [mimedefang] 5682 ? S 0:00 [sendmail] 5684 ? S 0:00 [sendmail] 5685 ? S 0:00 [sendmail] 5687 ? S 0:00 [mimedefang] 5690 ? S 0:00 [mimedefang] However, at the time, the system was using _no_ swap. Downgrading to kernel-2.4.18-24.7.x fixes this. Dan. Version-Release number of selected component (if applicable): kernel-2.4.18-27.7.x How reproducible: Always Steps to Reproduce: Additional info:
Also, kernel-2.4.18-26 is not affected by this.
the ps output is limited because these are setuid apps, and with the ptrace fix we had to tighten getting info from such apps. Getting all kinds of info from such sensitive apps is a sensitive security issue; the update went to the other side of cautious and we'll be looking at if we can relax the checking a bit in the future; it's as clear cut as it might look though :(
Ok, thanks. I suspected it was something along those lines. It's annoying on the ps display, but it was also causing a problem with the mimedefang init script, as 'pidof' wasn't able to find the 'mimedefang-multiplexor' process, as the name was being truncated. Dan.
*** Bug 89535 has been marked as a duplicate of this bug. ***
Actually, it isn't just setuid processes. sendmail doesn't show up as bracketed (it is running as root) and is setuid. nscd shows up bracketed and isn't setuid. Does this have more to do with how the process is started? I see jserver, cserver, cannaserver, kserver, tserver and xfs bracketed, but none are setuid, just running as a non-root id.
Thanks for the bug report. However, Red Hat no longer maintains this version of the product. Please upgrade to the latest version and open a new bug if the problem persists. The Fedora Legacy project (http://fedoralegacy.org/) maintains some older releases, and if you believe this bug is interesting to them, please report the problem in the bug tracker at: http://bugzilla.fedora.us/
Created attachment 153237 [details] Bug 86569