[gentoo-user] strace + SUID program

public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed

* [gentoo-user] strace + SUID program
@ 2009-10-03 15:41 Helmut Jarausch
  2009-10-03 19:02 ` Stroller
  0 siblings, 1 reply; 5+ messages in thread
From: Helmut Jarausch @ 2009-10-03 15:41 UTC (permalink / raw
  To: gentoo-user

Hi,

I'm still struggling with a permission problem with fcrontab.
On (only) one of two identical (I believe so) machines,
fcrontab -e (as non-root user) gives
Could not change egid to fcron[449]: Operation not permitted

Since the fcrontab binary and all used dynamic libs are identical
and the permissions on /var/spool/fron (/**/*) are
identical on both machines,
I tried strace.

But how to apply strace to an SUID/SGID application.
When I say

strace fcrontab -e 
it fails with the very same error now even on the machine where it works
without strace.

I'd be glad if someone could throw some light on this
strange situation.

Many thanks,
Helmut.

-- 
Helmut Jarausch

Lehrstuhl fuer Numerische Mathematik
RWTH - Aachen University
D 52056 Aachen, Germany

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [gentoo-user] strace + SUID program
  2009-10-03 15:41 [gentoo-user] strace + SUID program Helmut Jarausch
@ 2009-10-03 19:02 ` Stroller
  2009-10-03 21:03   ` Helmut Jarausch
  0 siblings, 1 reply; 5+ messages in thread
From: Stroller @ 2009-10-03 19:02 UTC (permalink / raw
  To: gentoo-user


On 3 Oct 2009, at 16:41, Helmut Jarausch wrote:
> ...
> I'm still struggling with a permission problem with fcrontab.
> On (only) one of two identical (I believe so) machines,
> fcrontab -e (as non-root user) gives
> Could not change egid to fcron[449]: Operation not permitted

Could you post the output of `ls -ld  /var/spool/fcron` for us, please?

TYIA,

Stroller.



^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [gentoo-user] strace + SUID program
  2009-10-03 19:02 ` Stroller
@ 2009-10-03 21:03   ` Helmut Jarausch
  2009-10-03 21:59     ` [gentoo-user] " walt
  0 siblings, 1 reply; 5+ messages in thread
From: Helmut Jarausch @ 2009-10-03 21:03 UTC (permalink / raw
  To: gentoo-user

On  3 Oct, Stroller wrote:
> 
> On 3 Oct 2009, at 16:41, Helmut Jarausch wrote:
>> ...
>> I'm still struggling with a permission problem with fcrontab.
>> On (only) one of two identical (I believe so) machines,
>> fcrontab -e (as non-root user) gives
>> Could not change egid to fcron[449]: Operation not permitted
> 
> Could you post the output of `ls -ld  /var/spool/fcron` for us, please?
> 

drwsrws--- 2 fcron fcron 4096 2009-10-03 17:57 /var/spool/fcron

Thanks,
Helmut.

-- 
Helmut Jarausch

Lehrstuhl fuer Numerische Mathematik
RWTH - Aachen University
D 52056 Aachen, Germany



^ permalink raw reply	[flat|nested] 5+ messages in thread

* [gentoo-user]  Re: strace + SUID program
  2009-10-03 21:03   ` Helmut Jarausch
@ 2009-10-03 21:59     ` walt
  2009-10-03 22:58       ` Stroller
  0 siblings, 1 reply; 5+ messages in thread
From: walt @ 2009-10-03 21:59 UTC (permalink / raw
  To: gentoo-user

On 10/03/2009 02:03 PM, Helmut Jarausch wrote:
> On  3 Oct, Stroller wrote:
>>
>> On 3 Oct 2009, at 16:41, Helmut Jarausch wrote:
>>> ...
>>> I'm still struggling with a permission problem with fcrontab.
>>> On (only) one of two identical (I believe so) machines,
>>> fcrontab -e (as non-root user) gives
>>> Could not change egid to fcron[449]: Operation not permitted
>>
>> Could you post the output of `ls -ld  /var/spool/fcron` for us, please?
>>
>
> drwsrws--- 2 fcron fcron 4096 2009-10-03 17:57 /var/spool/fcron

And that is the same as the other machine, right?

I know nothing about fcron, but I recall agonizing over the choice
of crons the first time I installed gentoo.  I'm curious why you
picked fcron over the many alternative crons.

BTW, noticed the fcron ebuild says:
         ewarn "fcron usage can now only be restricted by adding users"
         ewarn "to the following files instead of to the group 'cron':"
         ewarn
         ewarn "   ${ROOT}etc/fcron/fcron.allow"
         ewarn "   ${ROOT}etc/fcron/fcron.deny"

Are those files the same on both machines?




^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [gentoo-user]  Re: strace + SUID program
  2009-10-03 21:59     ` [gentoo-user] " walt
@ 2009-10-03 22:58       ` Stroller
  0 siblings, 0 replies; 5+ messages in thread
From: Stroller @ 2009-10-03 22:58 UTC (permalink / raw
  To: gentoo-user


On 3 Oct 2009, at 22:59, walt wrote:
> On 10/03/2009 02:03 PM, Helmut Jarausch wrote:
>> On  3 Oct, Stroller wrote:
>>>
>>> On 3 Oct 2009, at 16:41, Helmut Jarausch wrote:
>>>> ...
>>>> I'm still struggling with a permission problem with fcrontab.
>>>> On (only) one of two identical (I believe so) machines,
>>>> fcrontab -e (as non-root user) gives
>>>> Could not change egid to fcron[449]: Operation not permitted
>>>
>>> Could you post the output of `ls -ld  /var/spool/fcron` for us,  
>>> please?
>>>
>>
>> drwsrws--- 2 fcron fcron 4096 2009-10-03 17:57 /var/spool/fcron
>
> And that is the same as the other machine, right? ...

Sorry... I asked that because incorrect permissions on this directory  
were (I think) the cause of the fcron problems posted in a different  
thread a couple of days ago.

But I had not read Helmut's post properly - he had already covered  
this matter in the statements of his original post. Sorry to have  
wasted your time, Helmut.

Stroller.



^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2009-10-03 22:58 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-10-03 15:41 [gentoo-user] strace + SUID program Helmut Jarausch
2009-10-03 19:02 ` Stroller
2009-10-03 21:03   ` Helmut Jarausch
2009-10-03 21:59     ` [gentoo-user] " walt
2009-10-03 22:58       ` Stroller

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox