Add support to drop permissions if running as root

[superm1@…]

This is a patch that allows mythbackend to drop it's permissions down to a user specified on the command line rather than running the process as root.

It has two very useful applications: 1) When start-stop-daemon is not available to adjust the user to launch as (such as running in an upstart script) 2) When operating on a system with consolekit that you don't want to have the mythbackend process launched via su. Consolekit believes this scenario to be an interactive user actually.

[superm1@…]

There are two separate patches here, the upstart script gets simplified because of the mythbackend patch.

[Jeremy Visser <jeremy@…>]

I'm very pleased to see this patch. This bug is the cause of ​bug #445953 downstream in Ubuntu, which wreaks havoc with system shutdown.

I'll attempt to test this patch. I can confirm that the updated upstart script fixes the downstream shutdown issue, but I haven't yet tested whether the drop permissions functionality works.

[danielk]

(In [23521]) Fixes #7832. Applies patch with minor modifications. This change allows mythbackend to run as a specified user without a setuid binary when run as root.

And this allows upstart scripts to run mythtv as the proper user.

[chckens@…]

I'm running the latest packaged version of MythTV in Ubuntu Lucid, and this change seems to be causing problems with opening tuners.

My mythtv user is in the video group, and my tuners are all set to group video and are group writable:

graham@mauru:/home/lounge$ ls -l /dev/dvb/adapter0/frontend0 
crw-rw----+ 1 root video 212, 7 2010-02-21 12:00 /dev/dvb/adapter0/frontend0

Yet when run from the upstart script which runs myth with --user mythtv, it's unable to access the tuners:

2010-02-20 12:12:52.103 DVBChan(1:/dev/dvb/adapter0/frontend0) Warning: Opening 
DVB frontend device failed.
                        eno: Permission denied (13)

I tried su-ing to the mythtv user and running mythbackend without a --user parameter, then everything works as expected.

[superm1@…]

I'm going to attach a patch that I think should address that by doing setgroups() as well.

[superm1@…]

follow on patch to setgroups() as well

[superm1@…]

Test that second patch, the first one is clearing the memory too soon.

[superm1@…]

@chckens: I've added that second patch into the standard lucid builds for testing, can you please verify whether it fixes the problem for you so we can determine if it's sufficient to include in the upstream svn? You'll find it in build 0.23.0~trunk23567-0ubuntu4 or later.

[chckens@…]

No complaints here, the ubuntu4 package solves my issue.

[superm1@…]

Actually it turns out that patch was still setting the wrong args for setgroups. The first arg is supposed to be the size of the array. Here's a 3rd patch that supersedes the first two. Third time's a charm!

[nick@…]

Can confirm that the 3rd patch fixes the DVB permissions problems on Fedora 12.

[sphery]

(In [23835]) Fixes #7832. Set the supplemental group IDs appropriately when changing the process persona for the --user command-line argument to mythbackend.

This change uses a slightly simplified version of Mario's patch on the ticket and puts the code that sets the supplemental group IDs after the call to setgid() to be slightly more portable (even though none of the platforms on which MythTV runs would have had issues with the other approach).

Thanks to Mario L. for the work on the --user command-line argument.

[sphery]

(In [23836]) Refs #7832. Set supplemental groups for mythbackend with --user argument. Backports [23835] from trunk.