Your message dated Sun, 6 Jan 2008 18:46:20 -0700
with message-id <[EMAIL PROTECTED]>
and subject line Bug#443269: schedutils: Patch to fix problems with ionice
command execution
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: schedutils
Version: 1.5.0-1
Severity: normal
Tags: patch
I have a patch which fixes some problems when ionice is asked to execute
a command:
1. When execvp'ing the command, check that the execvp actually succeeds
(actually it doesn't check, it just assumes that if execvp returns then
the exec must have failed). If the execvp fails, report the errno value
and exit with a non-zero exit status. The old code would simply exit with
"successful" status if asked to execute a command that did not exist or
otherwise failed to start executing, which wreaks all kinds of havoc in
shell scripts.
2. Before exec, do setuid(getuid()), dropping privileges if ionice
happens to be setuid. Also report errors while attempting to do this,
and exit without executing anything if the setuid call fails.
I'm not sure if it's a good idea to make ionice setuid by default (or
at all), but unfortunately the kernel interface seems to insist on root
privileges even if you want to select a lower I/O priority, so I find it
quite helpful to have a setuid binary of ionice around.
--- ionice.c-schedutils-1.5.0 2007-09-20 01:23:44.000000000 -0400
+++ ionice.c 2007-09-20 01:30:07.000000000 -0400
@@ -143,8 +143,16 @@
return 1;
}
- if (argv[optind])
- execvp(argv[optind], &argv[optind]);
+ if (argv[optind]) {
+ if (setuid(getuid())) {
+ perror("setuid(getuid())");
+ return 1;
+ } else {
+ execvp(argv[optind], &argv[optind]);
+ perror("execvp");
+ return 1;
+ }
+ }
}
return 0;
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable'), (102, 'testing'), (101, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.22.1-zb5s (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash
Versions of packages schedutils depends on:
ii libc6 2.6.1-1+b1 GNU C Library: Shared libraries
schedutils recommends no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Version: 2.13-1
This was fixed upstream in 2.13, albeit without the priv dropping (which
really needs a full review to make sure there's nothing else scary)
lamont
--- End Message ---
