Re: [mythtv-users] MythTV refuses to run SUID
> Try a different tack... kernel 2.6.12 and higher have the ability to > allow a user process to set realtime priority; no need for SUID root. > This works with MythTV's code w/o any changes. See here: > http://www.gossamer-threads.com/lists/mythtv/users/131634 Interesting. I'll look into this one a little more. I noticed on Gentoo that all the stuff necessary seems to be there already to pull this one off, except in /etc/security/limits.conf the commented "template" does not show a rt_priority option, although it does show just "priority" so I don't know if they're different or if I just don't have that rt functionality in my current version of PAM. Thanks for the tip though, this seems pretty cool. ~Lou pgpPNHhLLTl45.pgp Description: PGP signature ___ mythtv-users mailing list mythtv-users@mythtv.org http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
Re: [mythtv-users] MythTV refuses to run SUID
I have also battled this problem in suse 9.3. Many Fedora core people have also complained about it. The only solution I found was as root type 'visudo'. This is a special (error checking) instance of vi that allows editing of the sudo file. The following text helped me run mythfrontend with realtime priority. # User privilege specification rootALL=(ALL) ALL lisadaveh ALL = NOPASSWD: /usr/bin/mythfrontend Hope that helps... Dave Hofstra On 8/4/05, Louie Ilievski <[EMAIL PROTECTED]> wrote: > I have been trying to get MythTV to run SUID for a couple days now but it > simply refuses to. The log always shows > > 2005-08-04 17:38:33.495 Realtime priority would require SUID as root. > > I've always had this working in the past, and I've done nothing different with > this installation with the exception of having a slightly more up-to-date > version of MythTV, and probably some updated system packages. I am running > SVN R6990 on Gentoo, with kernel 2.6.12-gentoo-r7 (I just tried > 2.6.12-gentoo-r4 because I thought that's what I had last time with this > machine, but I get the same results). > > I've tried numerous variations of chmod even though I know the way I've always > done it is rightthese include: > > chmod +s /usr/bin/mythfrontend /usr/bin/mythtv > chmod u+s /usr/bin/mythfrontend /usr/bin/mythtv > chmod a+s /usr/bin/mythfrontend /usr/bin/mythtv > chmod 4755 /usr/bin/mythfrontend /usr/bin/mythtv > > The permissions do get set right, as I can see them with "ls". > > Is there anything else in the system that could possibly have an effect on the > SUID bit? Is this possibly a MythTV bug that I should file? > > Looking through the archives I noticed that others have had this problem in > the past, but have come up with no solution other than workarounds like > running mythfrontend as root, renicing it, or running it using sudo. One > mentioned removing the line in mythfrontend.cpp that says "setuid(getuid())", > but this is an unacceptable hack in my opinion, if it even actually works, > and should be treated as a bug. I also saw someone mention that the feature > was disabled entirely in .17, but I don't believe this because it worked fine > fairly recently. Finally, I saw a post saying some newer distros/kernels > disallow SUID or something, like RedHat with it's SELinux stuff. I have no > SELinux kernel or anything related to it installed on this system. > > I'm out of ideas. Any help? > > ~Lou > > ~Lou > > > ___ > mythtv-users mailing list > mythtv-users@mythtv.org > http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users > > > > ___ mythtv-users mailing list mythtv-users@mythtv.org http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
Re: [mythtv-users] MythTV refuses to run SUID
Brady wrote: > On 8/4/05, Louie Ilievski <[EMAIL PROTECTED]> wrote: > >>I have been trying to get MythTV to run SUID for a couple days now but it >>simply refuses to. The log always shows >> >>2005-08-04 17:38:33.495 Realtime priority would require SUID as root. >> >>I've always had this working in the past, and I've done nothing different with >>this installation with the exception of having a slightly more up-to-date >>version of MythTV, and probably some updated system packages. I am running >>SVN R6990 on Gentoo, with kernel 2.6.12-gentoo-r7 (I just tried >>2.6.12-gentoo-r4 because I thought that's what I had last time with this >>machine, but I get the same results). Try a different tack... kernel 2.6.12 and higher have the ability to allow a user process to set realtime priority; no need for SUID root. This works with MythTV's code w/o any changes. See here: http://www.gossamer-threads.com/lists/mythtv/users/131634 -Doug signature.asc Description: OpenPGP digital signature ___ mythtv-users mailing list mythtv-users@mythtv.org http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
Re: [mythtv-users] MythTV refuses to run SUID
This is a little out there so it most likely is not the solution.. Try this: as root: chmod +s /usr/X11R6/bin/xeyes then as your user attempt to execute the binary. I have had oodles of problems with newer distro's getting X to be 'less' secure at times. Every Fedora release gets annoyingly strict with X accepting connections from other users. On 8/4/05, Louie Ilievski <[EMAIL PROTECTED]> wrote: > I have been trying to get MythTV to run SUID for a couple days now but it > simply refuses to. The log always shows > > 2005-08-04 17:38:33.495 Realtime priority would require SUID as root. > > I've always had this working in the past, and I've done nothing different with > this installation with the exception of having a slightly more up-to-date > version of MythTV, and probably some updated system packages. I am running > SVN R6990 on Gentoo, with kernel 2.6.12-gentoo-r7 (I just tried > 2.6.12-gentoo-r4 because I thought that's what I had last time with this > machine, but I get the same results). > > I've tried numerous variations of chmod even though I know the way I've always > done it is rightthese include: > > chmod +s /usr/bin/mythfrontend /usr/bin/mythtv > chmod u+s /usr/bin/mythfrontend /usr/bin/mythtv > chmod a+s /usr/bin/mythfrontend /usr/bin/mythtv > chmod 4755 /usr/bin/mythfrontend /usr/bin/mythtv > > The permissions do get set right, as I can see them with "ls". > > Is there anything else in the system that could possibly have an effect on the > SUID bit? Is this possibly a MythTV bug that I should file? > > Looking through the archives I noticed that others have had this problem in > the past, but have come up with no solution other than workarounds like > running mythfrontend as root, renicing it, or running it using sudo. One > mentioned removing the line in mythfrontend.cpp that says "setuid(getuid())", > but this is an unacceptable hack in my opinion, if it even actually works, > and should be treated as a bug. I also saw someone mention that the feature > was disabled entirely in .17, but I don't believe this because it worked fine > fairly recently. Finally, I saw a post saying some newer distros/kernels > disallow SUID or something, like RedHat with it's SELinux stuff. I have no > SELinux kernel or anything related to it installed on this system. > > I'm out of ideas. Any help? > > ~Lou > > ~Lou > > > ___ > mythtv-users mailing list > mythtv-users@mythtv.org > http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users > > > > ___ mythtv-users mailing list mythtv-users@mythtv.org http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
