On Wed, 31 Mar 2021 10:33:07 +0200 Massimo Maiurana <maiur...@gmail.com> said:
> Carsten Haitzler ha scritto il 30/03/21 alle 21:18:
> > On Tue, 30 Mar 2021 18:20:18 +0200 Massimo Maiurana <maiur...@gmail.com>
> > said:
> >
> >> Nevermind, i rebuilt everything and now enlightenment_system was
> >> installed with 4555 mask as yours. Something has gone wrong on the first
> >> try :)
> >>
> >> Anyway i still don't understand why it says it can't become group root
> >> because it's not setuid. I would expect it saying it can't become user
> >> root, not group.
> >
> > it says can't become group root because...
> >
> > if (setuid(0) != 0)
> > {
> > E_UTIL_SUID_ERR("Unable to assume root user privileges\n");
> > return 37;
> > }
> > if (setgid(0) != 0)
> > {
> > E_UTIL_SUID_ERR("Unable to assume root group privileges\n");
> > return 38;
> > }
> >
> > that is literally the code. setting group to 0 fails. so sayeth the system.
>
> Ok, but why the message in the box asked "missing setuid bit"? It should
> warn about a missing setgid bit, as that is what it was checked.
actually it only needs the setuid bit to be root... setgid should just work
because it runs as root and already setuid to root before setgid. root can
setgid to anything... root isn't forbidden... so the setuid bit should have
already solved that.
> But does it really check that? Yes, looking at the code it should, but
> nor in Carla's installation neither in mine, now that it's fixed,
> enlightenment_system has the setgid bit and E doesn't display any error
> message. The only error I've seen was for a probably missing setuid bit
> when the executable umask was 0755; no errors with umask 4555, which
> looks odd to me.
i do not have the setgid bit set either.. it's not set... it doesn't need to be.
see above. it should work as the process will have already set uid to 0 ...
it's allowed to then do whatever it wants.
i can only imagine your distro has some extra security policies that somehow
even limit a setuid root app from changing gid... but the install just sets the
root setuid bit as that is all that is technically needed unless the previous
is happening. it doesn't seem to on arch. in fact not on the debian systems i
have either.
> >> Massimo Maiurana
> >>
> >> Carla Sensa ha scritto il 30/03/21 alle 15:39:
> >>> Never saw such message on my Ubuntu system.
> >>> Latest git, installed with sudo:
> >>> stat /usr/local/lib/x86_64-linux-gnu/enlightenment/utils
> >>> /enlightenment_system
> >>> File:
> >>> /usr/local/lib/x86_64-linux-gnu/enlightenment/utils/enlightenment_system
> >>> Size: 71688 Blocks: 144 IO Block: 4096 regular file
> >>> Device: 801h/2049d Inode: 4461560 Links: 1
> >>> Access: (4555/-r-sr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root)
> >>> Access: 2021-03-30 15:27:51.772226190 +0200
> >>> Modify: 2021-03-30 15:22:22.620735207 +0200
> >>> Change: 2021-03-30 15:23:30.235253374 +0200
> >>> Birth: -
> >>>
> >>>
> >>> Le 30/03/2021 à 13:23, Massimo Maiurana a écrit :
> >>>> With latest git master I get the following message at startup:
> >>>> "Enlightenment cannot successfully start the enlightenment_system
> >>>> service since it can't become group root. Missing setuid bit?"
> >>>>
> >>>> Well, build and installation was performed as root and the
> >>>> enlightenment_system binary was installed in
> >>>> $PREFIX/lib/X86_64-linux-gnu/enlightenment/utils, where all binaries
> >>>> is owned by root:root and have 755 permissions. Shouldn't this be
> >>>> enough? If not, how should it be? And who is responsible for that?
> >>>>
> >>>> Also, since it complains about being unable to become *group* root,
> >>>> shouldn't the message say that the missing one is the setgid bit and
> >>>> not setuid?
> >>>>
> >>>
> >>>
> >>> _______________________________________________
> >>> enlightenment-users mailing list
> >>> enlightenment-users@lists.sourceforge.net
> >>> https://lists.sourceforge.net/lists/listinfo/enlightenment-users
> >>
> >>
> >>
> >> _______________________________________________
> >> enlightenment-users mailing list
> >> enlightenment-users@lists.sourceforge.net
> >> https://lists.sourceforge.net/lists/listinfo/enlightenment-users
> >
> >
>
--
------------- Codito, ergo sum - "I code, therefore I am" --------------
Carsten Haitzler - ras...@rasterman.com
_______________________________________________
enlightenment-users mailing list
enlightenment-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/enlightenment-users
