* Bug: mount doing bad security check: only root can use -types, (effective EUID is 5013)
@ 2017-06-05 23:07 L A Walsh
2017-06-06 9:36 ` Karel Zak
0 siblings, 1 reply; 10+ messages in thread
From: L A Walsh @ 2017-06-05 23:07 UTC (permalink / raw)
To: util-linux
mount is Using util-linux 2.30-rc2 (libmount 2.30.0: smack, btrfs, mtab,
debug).
Trying to mount any file system, thinks I have bad UID:
Ishtar:/mnt# /bin/mount /dev/tmpfs /mnt/tmpfs -t tmpfs
mount: only root can use "--types" option (effective UID is 5013)
Ishtar:/mnt# echo "$UID $EUID"
0 0
The previous version of mount works fine -- so it seems clear that the
new version of mount is doing something wrong.
Someone else had a problem w/mount doing some bad check
that wasn't the case. Think they had the right bits (CAP_SYS_ADMIN),
but the mount command was ignoring caps and looking for UID==0.
But in this case, it "double" shouldn't matter, since I'm
running as root.
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Bug: mount doing bad security check: only root can use -types, (effective EUID is 5013)
2017-06-05 23:07 Bug: mount doing bad security check: only root can use -types, (effective EUID is 5013) L A Walsh
@ 2017-06-06 9:36 ` Karel Zak
2017-06-06 14:15 ` L A Walsh
0 siblings, 1 reply; 10+ messages in thread
From: Karel Zak @ 2017-06-06 9:36 UTC (permalink / raw)
To: L A Walsh; +Cc: util-linux
On Mon, Jun 05, 2017 at 04:07:55PM -0700, L A Walsh wrote:
> mount is Using util-linux 2.30-rc2 (libmount 2.30.0: smack, btrfs, mtab,
> debug).
>
> Trying to mount any file system, thinks I have bad UID:
>
> Ishtar:/mnt# /bin/mount /dev/tmpfs /mnt/tmpfs -t tmpfs
> mount: only root can use "--types" option (effective UID is 5013)
geteuid() returns 5013, so it runs in restricted mode.
> Ishtar:/mnt# echo "$UID $EUID"
> 0 0
Well, it's better to use commands like "id" rather than rely on env
variables.
> Someone else had a problem w/mount doing some bad check
> that wasn't the case. Think they had the right bits (CAP_SYS_ADMIN),
> but the mount command was ignoring caps and looking for UID==0.
Yes, it's:
ruid = getuid();
euid = geteuid();
cxt->restricted = (uid_t) 0 == ruid && ruid == euid ? 0 : 1;
in your case geteuid() returns 5013.
BTW, there is no change in this libmount code since 2010, and no
change in "only root can use" mount.c code since year 2013.
> But in this case, it "double" shouldn't matter, since I'm
> running as root.
Try to verify that you're really root ;-)
Karel
--
Karel Zak <kzak@redhat.com>
http://karelzak.blogspot.com
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Bug: mount doing bad security check: only root can use -types, (effective EUID is 5013)
2017-06-06 9:36 ` Karel Zak
@ 2017-06-06 14:15 ` L A Walsh
2017-06-06 15:10 ` Karel Zak
2017-06-06 15:11 ` L A Walsh
0 siblings, 2 replies; 10+ messages in thread
From: L A Walsh @ 2017-06-06 14:15 UTC (permalink / raw)
To: Karel Zak; +Cc: util-linux
Karel Zak wrote:
> ruid = getuid();
> euid = geteuid();
>
> cxt->restricted = (uid_t) 0 == ruid && ruid == euid ? 0 : 1;
>
> in your case geteuid() returns 5013.
>
----
But my EUID isn't 5013 ("LOGINUID" is). That's the complaint/bug.
I looked at 'id': it doesn't show euid:
Ishtar:/tmp> sudo bash -c 'id; echo "UID=$UID, EUID=$EUID"; /bin/mount
devpts /tmp/mnt -t devpts'
uid=0(root) gid=0(root) groups=...
UID=0, EUID=0
mount: only root can use "--types" option (effective UID is 5013)
I also mentioned I'm using
'sudo', which also sets both the UID & EUID to the new USER (unless
you go out of your way to configure it not to do so -- in which case
many things don't function normally -- including bash which would
operate in restricted mode (like rbash).
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Bug: mount doing bad security check: only root can use -types, (effective EUID is 5013)
2017-06-06 14:15 ` L A Walsh
@ 2017-06-06 15:10 ` Karel Zak
2017-06-06 15:11 ` L A Walsh
1 sibling, 0 replies; 10+ messages in thread
From: Karel Zak @ 2017-06-06 15:10 UTC (permalink / raw)
To: L A Walsh; +Cc: util-linux
On Tue, Jun 06, 2017 at 07:15:01AM -0700, L A Walsh wrote:
> Karel Zak wrote:
> > ruid = getuid();
> > euid = geteuid();
> >
> > cxt->restricted = (uid_t) 0 == ruid && ruid == euid ? 0 : 1;
> >
> > in your case geteuid() returns 5013.
> ----
> But my EUID isn't 5013 ("LOGINUID" is). That's the complaint/bug.
The code it pretty simple, it just get euid from kernel and print
it. The error message is independent on another code and libmount.
I don't see any room for bug there. Your euid is 5013.
You can also try "strace -o log mount --types xxx /dev/foo /mnt/bar"
and see the "log" file where will be geteuid()...
This code is without relevant changes since 2011-01-10.
Karel
static void __attribute__((__noreturn__)) exit_non_root(const char *option)
{
const uid_t ruid = getuid();
const uid_t euid = geteuid();
if (ruid == 0 && euid != 0) {
/* user is root, but setuid to non-root */
if (option)
errx(MNT_EX_USAGE, _("only root can use \"--%s\" option "
"(effective UID is %u)"),
option, euid);
errx(MNT_EX_USAGE, _("only root can do that "
"(effective UID is %u)"), euid);
}
if (option)
errx(MNT_EX_USAGE, _("only root can use \"--%s\" option"), option);
errx(MNT_EX_USAGE, _("only root can do that"));
}
--
Karel Zak <kzak@redhat.com>
http://karelzak.blogspot.com
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Bug: mount doing bad security check: only root can use -types, (effective EUID is 5013)
2017-06-06 14:15 ` L A Walsh
2017-06-06 15:10 ` Karel Zak
@ 2017-06-06 15:11 ` L A Walsh
2017-06-06 15:21 ` Tilman Schmidt
1 sibling, 1 reply; 10+ messages in thread
From: L A Walsh @ 2017-06-06 15:11 UTC (permalink / raw)
To: Karel Zak; +Cc: util-linux
L A Walsh wrote:
>
> But my EUID isn't 5013 ("LOGINUID" is). That's the complaint/bug.
---
FWIW, I display them in perl, and they also show 0/0:
sudo bash -c 'perl -e "use P;P \"UID=$<, EUID=$>\""; /bin/mount devpts
/tmp/mnt -t devpts'
UID=0, EUID=0
mount: only root can use "--types" option (effective UID is 5013)
I.e. both bash & perl show UID/EUID being 0 before I call mount.
I don't get it.
I looked at mount's src-code, and have no idea why it's not
returning the right value.
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Bug: mount doing bad security check: only root can use -types, (effective EUID is 5013)
2017-06-06 15:11 ` L A Walsh
@ 2017-06-06 15:21 ` Tilman Schmidt
2017-06-06 16:03 ` Karel Zak
2017-06-06 16:10 ` L A Walsh
0 siblings, 2 replies; 10+ messages in thread
From: Tilman Schmidt @ 2017-06-06 15:21 UTC (permalink / raw)
To: L A Walsh; +Cc: Karel Zak, util-linux
What does "ls -l /bin/mount" say?
Is its owner the user with UID 5013, by any chance?
On Tue, Jun 6, 2017, at 17:11, L A Walsh wrote:
> L A Walsh wrote:
> >
> > But my EUID isn't 5013 ("LOGINUID" is). That's the complaint/bug.
> ---
> FWIW, I display them in perl, and they also show 0/0:
> sudo bash -c 'perl -e "use P;P \"UID=$<, EUID=$>\""; /bin/mount devpts
> /tmp/mnt -t devpts'
> UID=0, EUID=0
> mount: only root can use "--types" option (effective UID is 5013)
>
> I.e. both bash & perl show UID/EUID being 0 before I call mount.
> I don't get it.
>
> I looked at mount's src-code, and have no idea why it's not
> returning the right value.
--
Tilman Schmidt
tilman@imap.cc
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Bug: mount doing bad security check: only root can use -types, (effective EUID is 5013)
2017-06-06 15:21 ` Tilman Schmidt
@ 2017-06-06 16:03 ` Karel Zak
2017-06-06 16:10 ` L A Walsh
1 sibling, 0 replies; 10+ messages in thread
From: Karel Zak @ 2017-06-06 16:03 UTC (permalink / raw)
To: Tilman Schmidt; +Cc: L A Walsh, util-linux
On Tue, Jun 06, 2017 at 05:21:16PM +0200, Tilman Schmidt wrote:
> What does "ls -l /bin/mount" say?
> Is its owner the user with UID 5013, by any chance?
Yes, sounds like executed by root, but suid to non-root.
Karel
--
Karel Zak <kzak@redhat.com>
http://karelzak.blogspot.com
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Bug: mount doing bad security check: only root can use -types, (effective EUID is 5013)
2017-06-06 15:21 ` Tilman Schmidt
2017-06-06 16:03 ` Karel Zak
@ 2017-06-06 16:10 ` L A Walsh
2017-06-06 17:12 ` Patch: ensure mount & umount are root-owned before setting SUID bit L A Walsh
1 sibling, 1 reply; 10+ messages in thread
From: L A Walsh @ 2017-06-06 16:10 UTC (permalink / raw)
To: Tilman Schmidt; +Cc: Karel Zak, util-linux
Tilman Schmidt wrote:
> What does "ls -l /bin/mount" say?
> Is its owner the user with UID 5013, by any chance?
>
Bingo.
Maybe the install should check to see
if it is root before setting a SUID bit on the executable?
Thank & good call!
^ permalink raw reply [flat|nested] 10+ messages in thread
* Patch: ensure mount & umount are root-owned before setting SUID bit
2017-06-06 16:10 ` L A Walsh
@ 2017-06-06 17:12 ` L A Walsh
2017-06-20 11:14 ` Karel Zak
0 siblings, 1 reply; 10+ messages in thread
From: L A Walsh @ 2017-06-06 17:12 UTC (permalink / raw)
To: Karel Zak; +Cc: util-linux
L A Walsh wrote:
>
>
> Maybe the install should check to see
> if it is root before setting a SUID bit on the executable?
Maybe this can be applied to source tree sometime before nxt release?
Won't help if you are running the make as 'root', but at least
it will flag an error when you try to "make install" it...
tnx,
-l
-----
--- Makefile.in 2017-05-23 03:21:36.000000000 -0700
+++ Makefile.in 2017-06-06 10:09:12.318352218 -0700
@@ -12332,7 +12332,9 @@
@BUILD_SETARCH_TRUE@ done
@BUILD_MOUNT_TRUE@@MAKEINSTALL_DO_SETUID_TRUE@install-exec-hook-mount:
+@BUILD_MOUNT_TRUE@@MAKEINSTALL_DO_SETUID_TRUE@ chown root:root
$(DESTDIR)$(bindir)/mount
@BUILD_MOUNT_TRUE@@MAKEINSTALL_DO_SETUID_TRUE@ chmod 4755
$(DESTDIR)$(bindir)/mount
+@BUILD_MOUNT_TRUE@@MAKEINSTALL_DO_SETUID_TRUE@ chown root:root
$(DESTDIR)$(bindir)/umount
@BUILD_MOUNT_TRUE@@MAKEINSTALL_DO_SETUID_TRUE@ chmod 4755
$(DESTDIR)$(bindir)/umount
@BUILD_BASH_COMPLETION_TRUE@@BUILD_RUNUSER_TRUE@install-data-hook-bashcomp-runuser::
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Patch: ensure mount & umount are root-owned before setting SUID bit
2017-06-06 17:12 ` Patch: ensure mount & umount are root-owned before setting SUID bit L A Walsh
@ 2017-06-20 11:14 ` Karel Zak
0 siblings, 0 replies; 10+ messages in thread
From: Karel Zak @ 2017-06-20 11:14 UTC (permalink / raw)
To: L A Walsh; +Cc: util-linux
On Tue, Jun 06, 2017 at 10:12:50AM -0700, L A Walsh wrote:
> L A Walsh wrote:
> >
> >
> > Maybe the install should check to see
> > if it is root before setting a SUID bit on the executable?
> Maybe this can be applied to source tree sometime before nxt release?
> Won't help if you are running the make as 'root', but at least
> it will flag an error when you try to "make install" it...
Fixed thanks!
Karel
>
--
Karel Zak <kzak@redhat.com>
http://karelzak.blogspot.com
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2017-06-20 11:15 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-06-05 23:07 Bug: mount doing bad security check: only root can use -types, (effective EUID is 5013) L A Walsh
2017-06-06 9:36 ` Karel Zak
2017-06-06 14:15 ` L A Walsh
2017-06-06 15:10 ` Karel Zak
2017-06-06 15:11 ` L A Walsh
2017-06-06 15:21 ` Tilman Schmidt
2017-06-06 16:03 ` Karel Zak
2017-06-06 16:10 ` L A Walsh
2017-06-06 17:12 ` Patch: ensure mount & umount are root-owned before setting SUID bit L A Walsh
2017-06-20 11:14 ` Karel Zak
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.