Opened 14 years ago
Closed 14 years ago
Last modified 14 years ago
#7832 closed patch (fixed)
Add support to drop permissions if running as root
Reported by: | Owned by: | danielk | |
---|---|---|---|
Priority: | minor | Milestone: | 0.23 |
Component: | MythTV - General | Version: | head |
Severity: | medium | Keywords: | |
Cc: | Ticket locked: | no |
Description
This is a patch that allows mythbackend to drop it's permissions down to a user specified on the command line rather than running the process as root.
It has two very useful applications: 1) When start-stop-daemon is not available to adjust the user to launch as (such as running in an upstart script) 2) When operating on a system with consolekit that you don't want to have the mythbackend process launched via su. Consolekit believes this scenario to be an interactive user actually.
Attachments (5)
Change History (19)
Changed 14 years ago by
Attachment: | drop_permissions.patch added |
---|
Changed 14 years ago by
Attachment: | upstart_script_improvement.diff added |
---|
comment:1 Changed 14 years ago by
comment:2 Changed 14 years ago by
I'm very pleased to see this patch. This bug is the cause of bug #445953 downstream in Ubuntu, which wreaks havoc with system shutdown.
I'll attempt to test this patch. I can confirm that the updated upstart script fixes the downstream shutdown issue, but I haven't yet tested whether the drop permissions functionality works.
comment:3 Changed 14 years ago by
Resolution: | → fixed |
---|---|
Status: | new → closed |
comment:4 Changed 14 years ago by
I'm running the latest packaged version of MythTV in Ubuntu Lucid, and this change seems to be causing problems with opening tuners.
My mythtv user is in the video group, and my tuners are all set to group video and are group writable:
graham@mauru:/home/lounge$ ls -l /dev/dvb/adapter0/frontend0 crw-rw----+ 1 root video 212, 7 2010-02-21 12:00 /dev/dvb/adapter0/frontend0
Yet when run from the upstart script which runs myth with --user mythtv, it's unable to access the tuners:
2010-02-20 12:12:52.103 DVBChan(1:/dev/dvb/adapter0/frontend0) Warning: Opening DVB frontend device failed. eno: Permission denied (13)
I tried su-ing to the mythtv user and running mythbackend without a --user parameter, then everything works as expected.
comment:5 Changed 14 years ago by
I'm going to attach a patch that I think should address that by doing setgroups() as well.
Changed 14 years ago by
Attachment: | 36_setgroups_too.2 added |
---|
comment:6 Changed 14 years ago by
Test that second patch, the first one is clearing the memory too soon.
comment:7 Changed 14 years ago by
Resolution: | fixed |
---|---|
Status: | closed → new |
comment:8 Changed 14 years ago by
Owner: | changed from Isaac Richards to danielk |
---|---|
Status: | new → assigned |
comment:9 Changed 14 years ago by
@chckens: I've added that second patch into the standard lucid builds for testing, can you please verify whether it fixes the problem for you so we can determine if it's sufficient to include in the upstream svn? You'll find it in build 0.23.0~trunk23567-0ubuntu4 or later.
comment:11 Changed 14 years ago by
Actually it turns out that patch was still setting the wrong args for setgroups. The first arg is supposed to be the size of the array. Here's a 3rd patch that supersedes the first two. Third time's a charm!
Changed 14 years ago by
Attachment: | 36_setgroups_too.3 added |
---|
comment:12 Changed 14 years ago by
Can confirm that the 3rd patch fixes the DVB permissions problems on Fedora 12.
comment:13 Changed 14 years ago by
Resolution: | → fixed |
---|---|
Status: | assigned → closed |
(In [23835]) Fixes #7832. Set the supplemental group IDs appropriately when changing the process persona for the --user command-line argument to mythbackend.
This change uses a slightly simplified version of Mario's patch on the ticket and puts the code that sets the supplemental group IDs after the call to setgid() to be slightly more portable (even though none of the platforms on which MythTV runs would have had issues with the other approach).
Thanks to Mario L. for the work on the --user command-line argument.
There are two separate patches here, the upstart script gets simplified because of the mythbackend patch.