James Carlson wrote: > Lily Li writes: > >> <blockquote cite="mid:18862.36218.789866.874548 at gargle.gargle.HOWL" >> > > Please use plain text in ARC messages, if at all possible. > > Yes, I should have. I just wanted to make it easier to read by marking those error messages of the output in red. Anyway, I will always send ARC mails in plain text later on. >> If there are no setuid binaries involved, then how exactly does the >> "ping" (-p) option work? >> >> </pre> >> </blockquote> >> In fact, shmux use 'fping' instead of 'ping' to test if the target is >> alive or not, and it only does ping test when '-p' option is >> provided(see below, in shmux manpage). And checking with fping source >> codes, 'fping' also does not use 'ping' inside, it uses socket call.<br> >> > > OK, then, my question is still the same: how does that work? > > % fping zhadum > fping: can't create raw socket : Permission denied > % > > 'fping' (as currently delivered on Solaris and OpenSolaris) requires > privileges that ordinary users don't have. How do you plan to make > shmux work reliably? > I have three basic opinions on this as below:
- shmux still works without fping(ie. it will not do ping if no '-p' option specified), but to take full advantage of /shmux/ you will need to have fping <http://www.fping.com/> installed. - all other features of shmux do not need root privilege - I found with the integration of fping(as of snv_103), the fping is installed without setuid by default, so we only can run fping by root, ie, it is basically useless to normal users. So I strongly suggest to file a bug of fping to make it changed. >> -bash-3.2$ shmux -p -r rsh -c "uname -a" pollen<br> >> <font color="#ff0000"> shmux! fping: can't create raw socket : >> Permission denied<br> >> > > Right; it doesn't work. > > >> -bash-3.00$ shmux -p -r rsh -c "uname -a" pollen<br> >> <font color="#ff0000"> shmux! Fatal error for fping: execv(fping): No >> such file or directory<br> >> > > I'm having trouble reading through the HTML, Sorry for this! > but that doesn't look > right at all. If you depend on fping being installed, then you should > have a package dependency on SUNWfping so you can _guarantee_ that it > is present. It shouldn't just break apart in the user's hands. > > OK, it should be better to add SUNWfping dependency to the pkgdefs/SUNWshmux/depend file. BTW, the INSTALL of shmux(see below) states it depends on fping, ssh and pcre for full features. fping is used for ping test by '-p' option, ssh is used for shell by '-r' option, and 'pcre' is used for analyzing output by '-a' option. 'ssh' is optional, other two supported methods are sh and rsh. Should I add all these three dependencies? -- shmux dependencies shmux will make use of the following programs if they are available on the system (and found in the PATH). They are not required but allow using certain optional features of shmux. See the man page for details. + fping: http://www.fping.com/ + ssh: http://www.openssh.org/, ... Also, if you want Perl Compatible Regular Expression support, you'll need the PCRE library: + pcre: http://www.pcre.org/ >> As a result, shmux depends on whether the fping has been installed with >> setuid or not, it does not have setuid itself.<br> >> > > Users can't set the 'setuid' bit on /usr/bin/fping in any reliable > way. The permission bits for packaged software are controlled by > packaging. Moreover, given the nature of the program, they almost > certainly should *not* set that bit. > > Yes, I know. > In other words, if it doesn't ship in a way that's functional for your > purposes, then you can't depend on users hacking around the problem. > > One complicated way out of this would be to file a bug against fping > It's reasonable. > (perhaps some options should work by default but don't), From the manpage of fping(see below), it seems a MUST to set uid or run by root: RESTRICTIONS If certain options are used (i.e, a low value for -i and -t, and a high value for -r) it is possible to flood the net- work. This program must be installed as setuid root in order to open up a raw socket, or must be run by root. > and then make > integration of shmux dependent on that fix. > > Should I wait until the bug is fixed? > Another much simpler answer would be to change the code to use regular > /usr/sbin/ping, which *does* have the right privileges and *does* work > for ordinary users. > > I think shmux makes good use of fping based on the following two differences: - you can specify any number of targets on the command line - instead of sending to one target until it times out or replies, fping will send out a ping packet and move on to the next target in a round-robin fashion Anything else, please let me know. Thanks, Lily
