[pkg-fso-maint] Bug#701578: nodm considers uid instead of euid at start

Eric Lavarde bugs.debian.nospam at lavar.de
Sat Mar 16 11:25:38 UTC 2013


Package: nodm
Version: 0.11-1.3
Followup-For: Bug #701578

Hello,

after adding an strace to the call of nodm, I think I found the problem:

	nohup strace -ff -t -o /var/tmp/nodm_$$ /etc/init.d/nodm start > /var/tmp/nodm_$$.out 2>&1

I get at the end of /var/tmp/nodm_4218.4385 (the one of the nodm binary
according to /var/run/nodm.pid, which remains after the failed call):

	11:59:28 getuid()                       = 103
	11:59:28 write(2, "nodm: can only be run by root\n", 30) = 30
	11:59:28 exit_group(1)                  = ?

Adding then an 'id' call to the /etc/pm/sleep.d/10_vdr-dvb, I get the
following result in /var/log/pm-suspend.log:

	uid=103(vdr) gid=106(vdr) euid=0(root) Gruppen=0(root),24(cdrom),29(audio),44(video),46(plugdev),106(vdr)

(notice the euid=0)

According to the limited understanding I got through the reading of 
	http://www.enggresources.com/classroom/viewans.php?qid=889
I think that the correct behavior should be to call geteuid and not getuid,
as I assume that the only intent is to check that the user has root rights
(and not that they is a specific user).

It would be really nice to fix this (a sudo-based workaround will probably
be feasible but is ugly).

Thanks, Eric

PS: I attach the complete strace output in case you'd like to analyse deeper.

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.6.9+vdr1 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages nodm depends on:
ii  debconf [debconf-2.0]  1.5.49
ii  libc6                  2.13-37
ii  libpam0g               1.1.3-7.1
ii  libx11-6               2:1.5.0-1
ii  x11-common             1:7.7+1
ii  x11-xserver-utils      7.7~3

nodm recommends no packages.

nodm suggests no packages.

-- Configuration Files:
/etc/init.d/nodm changed:
set -e
set -x
PATH=/bin:/usr/bin:/sbin:/usr/sbin
DESC="Automatic Display Manager"
NAME=nodm
PIDDIR=/var/run/
PIDFILE=${PIDDIR}/${NAME}.pid
NODM_ENABLED=no
NODM_XINIT=/usr/bin/xinit
NODM_FIRST_VT=7
NODM_XSESSION=/etc/X11/Xsession
NODM_X_OPTIONS="-nolisten tcp"
NODM_USER=root
NODM_MIN_SESSION_TIME=60
if [ -f /etc/default/$NAME ]
then
	. /etc/default/$NAME
fi
export NODM_XINIT NODM_XSESSION NODM_X_OPTIONS NODM_USER NODM_MIN_SESSION_TIME NODM_FIRST_VT
[ -x /usr/sbin/nodm ] || exit 0
.. /lib/init/vars.sh
.. /lib/lsb/init-functions
case "$1" in
	start)
		[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
		if [ "$NODM_ENABLED" = "no" ] || [ "$NODM_ENABLED" = "false" ]
		then
			log_warning_msg "Not starting $NAME because NODM_ENABLED is '$NODM_ENABLED' in /etc/default/$NAME"
		else
			start-stop-daemon --start --verbose --oknodo --pidfile ${PIDFILE} --make-pidfile --background --exec /usr/sbin/nodm
		fi
		[ "$VERBOSE" != no ] && log_end_msg $?
		;;
	stop)
		[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
		start-stop-daemon --stop --pidfile ${PIDFILE} --oknodo
		rm -f ${PIDFILE}
		[ "$VERBOSE" != no ] && log_end_msg $?
		;;
	restart|force-reload)
		$0 stop
		$0 start
		;;
	*)
		log_success_msg "Usage: $0 {start|stop|restart|force-reload}" >&2
		exit 1
		;;
esac
exit 0


-- debconf information:
  nodm/min_session_time: 60
  nodm/enabled: true
  nodm/xsession: /etc/X11/Xsession
  nodm/x_options: -nolisten tcp
  nodm/first_vt: 7
  nodm/user: vdr
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nodm_4218.tgz
Type: application/x-gzip
Size: 10033 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-fso-maint/attachments/20130316/65ffcaa0/attachment.bin>


More information about the pkg-fso-maint mailing list