busybox Digest, Vol 76, Issue 31

Brilliantov Kirill Vladimirovich brilliantov at byterg.ru
Mon Nov 28 05:40:11 UTC 2011


> errno has no meaning after successful calls.
> It does not stay 0. So, "illegal seek" msg is bogus.
>
> (1) uncomment error messages on error paths.
> your setuid() call seems to fail, and you don't see why.
>
> (2) run your program under strace.
>


Thank your for your reply Denys!

My code:
#define ERROR(fmt, ...) \
	syslog(LOG_ERR, fmt ", errno %d (%m)", ##__VA_ARGS__, errno)
int8_t drop_root(const char *user)
{
	ERROR("Run %s, user %s", __func__, user);
	struct passwd *pwd = NULL;
	int r;

	if (NULL == (pwd = getpwnam(user)))
		return -1;
	ERROR("After getpwnam, uid = %d, gid = %d", pwd->pw_uid, pwd->pw_gid);

	r = setgid(pwd->pw_gid);
	if (r) {
		ERROR("ERROR: After setGID, r = %d", r);
		return -1;
	}
	ERROR("After setGID, r = %d", r);

	r= setuid(pwd->pw_uid);
	if (r) {
		ERROR("ERROR: After setUID, r = %d", r);
		return -1;
	}
	ERROR("After setUID, r = %d", r);

	return 0;
}

Manul running:
monitor: Run drop_root, user monitor, errno 0 (Success)
monitor: After getpwnam, uid = 100, gid = 100, errno 0 (Success)
monitor: After setGID, r = 0, errno 29 (Illegal seek)
monitor: After setUID, r = 0, errno 29 (Illegal seek)
monitor: Ready to send message

Strace:
.....................
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 
0) = 0x4001e000
set_tls(0x4001e0a0, 0x4001f000, 0x4001e7f8, 0x4001e778, 0x40025050) = 0
mprotect(0x40145000, 4096, PROT_READ)   = 0
access("/etc/monitor", F_OK)            = 0
brk(0)                                  = 0x14000
brk(0x35000)                            = 0x35000
gettimeofday({946686039, 822996}, NULL) = 0
open("/etc/localtime", O_RDONLY)        = -1 ENOENT (No such file or 
directory)
open("/etc/localtime", O_RDONLY)        = -1 ENOENT (No such file or 
directory)
open("/etc/localtime", O_RDONLY)        = -1 ENOENT (No such file or 
directory)
open("/etc/localtime", O_RDONLY)        = -1 ENOENT (No such file or 
directory)
socket(PF_FILE, SOCK_DGRAM, 0)          = 3
fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0
connect(3, {sa_family=AF_FILE, path="/dev/log"...}, 110) = -1 ENOENT (No 
such file or directory)
close(3)                                = 0
open("/dev/console", O_WRONLY|O_NOCTTY) = 3
fstat64(3, {st_mode=S_IFCHR|0660, st_rdev=makedev(5, 1), ...}) = 0
ioctl(3, SNDCTL_TMR_TIMEBASE or TCGETS, {B115200 opost isig icanon echo 
...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 
0) = 0x4001f000
_llseek(3, 0, 0xbed55910, SEEK_CUR)     = -1 ESPIPE (Illegal seek)
write(3, "monitor: Run drop_root, user moni"..., 57monitor: Run 
drop_root, user monitor, errno 0 (Success)
) = 57
munmap(0x4001f000, 4096)                = 0
close(3)                                = 0
socket(PF_FILE, SOCK_STREAM, 0)         = 3
fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK)  = 0
connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"...}, 110) = 
-1 ENOENT (No such file or directory)
close(3)                                = 0
socket(PF_FILE, SOCK_STREAM, 0)         = 3
fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK)  = 0
connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"...}, 110) = 
-1 ENOENT (No such file or directory)
close(3)                                = 0
open("/etc/nsswitch.conf", O_RDONLY)    = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=224, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 
0) = 0x4001f000
read(3, "passwd:         files\ngroup:     "..., 4096) = 224
read(3, ""..., 4096)                    = 0
close(3)                                = 0
munmap(0x4001f000, 4096)                = 0
open("/lib/libnss_files.so.2", O_RDONLY) = 3
read(3, 
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\254\30\0\0004\0\0\0d"..., 512) 
= 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=50108, ...}) = 0
mmap2(NULL, 70324, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) 
= 0x4014b000
mprotect(0x40154000, 28672, PROT_NONE)  = 0
mmap2(0x4015b000, 8192, PROT_READ|PROT_WRITE, 
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x8) = 0x4015b000
close(3)                                = 0
mprotect(0x4015b000, 4096, PROT_READ)   = 0
open("/etc/passwd", O_RDONLY)           = 3
fcntl64(3, F_GETFD)                     = 0
fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0
fstat64(3, {st_mode=S_IFREG|0644, st_size=91, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 
0) = 0x4001f000
read(3, "root:x:0:0:root:/root:/bin/sh\nmon"..., 4096) = 91
close(3)                                = 0
munmap(0x4001f000, 4096)                = 0
gettimeofday({946686040, 242418}, NULL) = 0
open("/etc/localtime", O_RDONLY)        = -1 ENOENT (No such file or 
directory)
open("/etc/localtime", O_RDONLY)        = -1 ENOENT (No such file or 
directory)
open("/etc/localtime", O_RDONLY)        = -1 ENOENT (No such file or 
directory)
socket(PF_FILE, SOCK_DGRAM, 0)          = 3
fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0
connect(3, {sa_family=AF_FILE, path="/dev/log"...}, 110) = -1 ENOENT (No 
such file or directory)
close(3)                                = 0
open("/dev/console", O_WRONLY|O_NOCTTY) = 3
fstat64(3, {st_mode=S_IFCHR|0660, st_rdev=makedev(5, 1), ...}) = 0
ioctl(3, SNDCTL_TMR_TIMEBASE or TCGETS, {B115200 opost isig icanon echo 
...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 
0) = 0x4001f000
_llseek(3, 0, 0xbed55910, SEEK_CUR)     = -1 ESPIPE (Illegal seek)
write(3, "monitor: After getpwnam, uid = 10"..., 66monitor: After 
getpwnam, uid = 100, gid = 100, errno 0 (Success)
) = 66
munmap(0x4001f000, 4096)                = 0
close(3)                                = 0
setgid32(100)                           = 0
gettimeofday({946686040, 265991}, NULL) = 0
open("/etc/localtime", O_RDONLY)        = -1 ENOENT (No such file or 
directory)
open("/etc/localtime", O_RDONLY)        = -1 ENOENT (No such file or 
directory)
open("/etc/localtime", O_RDONLY)        = -1 ENOENT (No such file or 
directory)
socket(PF_FILE, SOCK_DGRAM, 0)          = 3
fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0
connect(3, {sa_family=AF_FILE, path="/dev/log"...}, 110) = -1 ENOENT (No 
such file or directory)
close(3)                                = 0
open("/dev/console", O_WRONLY|O_NOCTTY) = 3
fstat64(3, {st_mode=S_IFCHR|0660, st_rdev=makedev(5, 1), ...}) = 0
ioctl(3, SNDCTL_TMR_TIMEBASE or TCGETS, {B115200 opost isig icanon echo 
...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 
0) = 0x4001f000
_llseek(3, 0, 0xbed55910, SEEK_CUR)     = -1 ESPIPE (Illegal seek)
write(3, "monitor: After setGID, r = 0, err"..., 55monitor: After 
setGID, r = 0, errno 29 (Illegal seek)
) = 55
munmap(0x4001f000, 4096)                = 0
close(3)                                = 0
setuid32(100)                           = 0
gettimeofday({946686040, 621567}, NULL) = 0
open("/etc/localtime", O_RDONLY)        = -1 ENOENT (No such file or 
directory)
open("/etc/localtime", O_RDONLY)        = -1 ENOENT (No such file or 
directory)
open("/etc/localtime", O_RDONLY)        = -1 ENOENT (No such file or 
directory)
socket(PF_FILE, SOCK_DGRAM, 0)          = 3
fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0
connect(3, {sa_family=AF_FILE, path="/dev/log"...}, 110) = -1 ENOENT (No 
such file or directory)
close(3)                                = 0
open("/dev/console", O_WRONLY|O_NOCTTY) = 3
fstat64(3, {st_mode=S_IFCHR|0660, st_rdev=makedev(5, 1), ...}) = 0
ioctl(3, SNDCTL_TMR_TIMEBASE or TCGETS, {B115200 opost isig icanon echo 
...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 
0) = 0x4001f000
_llseek(3, 0, 0xbed55910, SEEK_CUR)     = -1 ESPIPE (Illegal seek)
write(3, "monitor: After setUID, r = 0, err"..., 55monitor: After 
setUID, r = 0, errno 29 (Illegal seek)
) = 55
munmap(0x4001f000, 4096)                = 0
close(3)                                = 0
rt_sigaction(SIGINT, {0x9444, [INT], SA_RESTART|0x4000000}, NULL, 8) = 0
rt_sigaction(SIGTERM, {0x9444, [TERM], SA_RESTART|0x4000000}, NULL, 8) = 0
rt_sigaction(SIGHUP, {0x9444, [HUP], SA_RESTART|0x4000000}, NULL, 8) = 0
open("/etc/monitor", O_RDONLY)          = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=48, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 
0) = 0x4001f000
read(3, "PORT=65000\nBROADCAST=1\nSERVER=0.0"..., 4096) = 48
read(3, ""..., 4096)                    = 0
close(3)                                = 0
munmap(0x4001f000, 4096)                = 0
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
ioctl(3, SIOCGIFADDR, {ifr_name="eth0", ifr_addr={AF_INET, 
inet_addr("192.168.255.2")}}) = 0
close(3)                                = 0
socket(PF_NETLINK, SOCK_RAW, 0)         = 3
bind(3, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0
getsockname(3, {sa_family=AF_NETLINK, pid=329, groups=00000000}, [12]) = 0
gettimeofday({946686040, 668309}, NULL) = 0
sendto(3, "\24\0\0\0\26\0\1\3XHm8\0\0\0\0\0\0\0\0"..., 20, 0, 
{sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 20
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, 
msg_iov(1)=[{"<\0\0\0\24\0\2\0XHm8I\1\0\0\2\10\200\376\1\0\0\0\10\0\1\0\177\0\0\1\10"..., 
4096}], msg_controllen=0, msg_flags=0}, 0) = 128
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, 
msg_iov(1)=[{"\24\0\0\0\3\0\2\0XHm8I\1\0\0\0\0\0\0\1\0\0\0\10\0\1\0\177\0\0\1\10"..., 
4096}], msg_controllen=0, msg_flags=0}, 0) = 20
close(3)                                = 0
open("/etc/gai.conf", O_RDONLY)         = -1 ENOENT (No such file or 
directory)
socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP) = -1 EAFNOSUPPORT (Address 
family not supported by protocol)
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(65000), 
sin_addr=inet_addr("0.0.0.0")}, 16) = 0
getsockname(3, {sa_family=AF_INET, sin_port=htons(3072), 
sin_addr=inet_addr("127.0.0.1")}, [16]) = 0
close(3)                                = 0
socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP) = 3
setsockopt(3, SOL_SOCKET, SO_BROADCAST, [1], 4) = 0
bind(3, {sa_family=AF_INET, sin_port=htons(65000), 
sin_addr=inet_addr("0.0.0.0")}, 16) = 0
gettimeofday({946686040, 698108}, NULL) = 0
open("/etc/localtime", O_RDONLY)        = -1 ENOENT (No such file or 
directory)
open("/etc/localtime", O_RDONLY)        = -1 ENOENT (No such file or 
directory)
open("/etc/localtime", O_RDONLY)        = -1 ENOENT (No such file or 
directory)
socket(PF_FILE, SOCK_DGRAM, 0)          = 4
fcntl64(4, F_SETFD, FD_CLOEXEC)         = 0
connect(4, {sa_family=AF_FILE, path="/dev/log"...}, 110) = -1 ENOENT (No 
such file or directory)
close(4)                                = 0
open("/dev/console", O_WRONLY|O_NOCTTY) = 4
fstat64(4, {st_mode=S_IFCHR|0660, st_rdev=makedev(5, 1), ...}) = 0
ioctl(4, SNDCTL_TMR_TIMEBASE or TCGETS, {B115200 opost isig icanon echo 
...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 
0) = 0x4001f000
_llseek(4, 0, 0xbed55938, SEEK_CUR)     = -1 ESPIPE (Illegal seek)
write(4, "monitor: Ready to send message\r\n"..., 32monitor: Ready to 
send message
) = 32
munmap(0x4001f000, 4096)                = 0
close(4)

Running with system:
monitor: Run drop_root, user monitor, errno 0 (Success)
monitor: After getpwnam, uid = 100, gid = 100, errno 0 (Success)
monitor: After setGID, r = 0, errno 29 (Illegal seek)

Thank you.

-- 
Best regards,
Brilliantov Kirill Vladimirovich


More information about the busybox mailing list