archive mirror
 help / color / mirror / Atom feed
From: Christoph Pleger <>
Subject: [linux-lvm] lvcreate from a setuid-root binary
Date: Thu, 15 Nov 2018 17:39:56 +0100	[thread overview]
Message-ID: <> (raw)


I am calling lvcreate from a setuid-binary, which internally calls 
setreuid(), so that not only effective and saved UIDs, but also the real 
UID is set to 0. From _nonroot_warning() in lvmcmdline.c I see that LVM 
command line tools expect that.

Unfortunately - though these UIDs are all set to 0 - lvcreate still does 
not work for me. That is, it does work when I call my setuid-binary as a 
non-root user from the command line, but it does not work when I call my 
setuid-binary from PAM module pam_exec - and that is what I need my 
program for. I let my program send lvcreate output to a file and that 
file has the following content:

  device-mapper: version ioctl on  failed: Permission denied
   Incompatible libdevmapper 1.02.137 (2016-11-30) and kernel driver 
(unknown version).
   striped: Required device-mapper target(s) not detected in your kernel.
   Run `lvcreate --help' for more information.

What might be the problem here so that lvcreate gives these errors 
though all UIDs are 0?


             reply	other threads:[~2018-11-15 16:40 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-11-15 16:39 Christoph Pleger [this message]
2018-11-15 17:57 ` [linux-lvm] lvcreate from a setuid-root binary Alasdair G Kergon
2018-11-16 13:43   ` Christoph Pleger
2018-11-16 15:32     ` Zdenek Kabelac
2018-11-16 16:12       ` Christoph Pleger
2018-11-16 17:21         ` Roger Heflin
2018-11-16 15:41     ` Stuart D. Gathman
2018-11-21  9:56       ` Christoph Pleger
2018-11-21  9:58         ` Vladislav Bogdanov
2018-11-21 10:23           ` Christoph Pleger
2018-11-17  0:24     ` Alasdair G Kergon
2018-11-19  8:55       ` Christoph Pleger
2018-11-19 13:01         ` Alasdair G Kergon
2018-11-19 13:19     ` Bryn M. Reeves
2018-11-19 15:17       ` Christoph Pleger
2018-11-19 15:35 ` Christoph Pleger
     [not found] <>
2018-11-19 14:04 ` matthew patton
2018-11-19 15:03   ` Christoph Pleger
     [not found] <>
2018-11-19 16:05 ` matthew patton
     [not found] <>
2018-11-22 16:41 ` matthew patton

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \ \ \ \

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).