Re: Permission denied when running from xinetd
On Wed, 2007-11-28 at 08:39 -0500, [EMAIL PROTECTED] wrote: I used both UID and id [EMAIL PROTECTED] ~]# cat /tmp/rsync.ids 0 0 uid=0(root) gid=0(root) context=root:system_r:inetd_t I bet that context would do it. Paul's suggestion to use id was a good one! Matt -- To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
Re: Permission denied when running from xinetd
On Tue 27 Nov 2007, [EMAIL PROTECTED] wrote: On Nov 26, 2007 11:38 PM, Matt McCutchen [EMAIL PROTECTED] wrote: root. Set a shell script like the following as the server in the xinetd configuration to verify that the daemon is running as root and to strace it to get more information about the failed chdir: #!/bin/bash echo $UID $EUID /tmp/rsync.ids exec strace -f -o /tmp/rsync.strace /usr/bin/rsync --daemon I have set the script as server, here is the section of strace output for both scenarios: I think a very important part of using that script was to determine the ids, as in: what got written to /tmp/rsync.ids (Aside: I would have used id /tmp/rsync.ids, not rely on UID being set, I believe that's a bash extension, although I may be confused due to having been brought up on SysVR2 Unix :-) Paul Slootman -- To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
Re: Permission denied when running from xinetd
[EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Hmm. Bizarre things happening when root and different behaviour when run as a daemon versus from the command line. Those are the sort of symptoms one gets from SELinux denials. Is SELinux enabled on this system? I am not aware of SE linux running on this system unless centos is enabling this by default. How do I check? (I know I should not ask...) [EMAIL PROTECTED] ~]# uname -a Linux centos1.tekran.com 2.6.18-8.el5 #1 SMP Thu Mar 15 19:57:35 EDT 2007 i686 i686 i386 GNU/Linux It depends how CentOS was installed, but SELinux probably is enabled. The command sestatus will tell you. You can control SELinux using the setenforce command or by editing /etc/selinux/config. Disabling it completely may require a reboot. Ron -- To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
Re: Permission denied when running from xinetd
On Tue, 2007-11-27 at 17:54 -0500, [EMAIL PROTECTED] wrote: I am not aware of SE linux running on this system unless centos is enabling this by default. How do I check? (I know I should not ask...) I know I should not answer, but run selinuxenabled; echo $?. Zero means enabled, one means disabled. Matt -- To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
Re: Permission denied when running from xinetd
I think a very important part of using that script was to determine the ids, as in: what got written to /tmp/rsync.ids (Aside: I would have used id /tmp/rsync.ids, not rely on UID being set, I believe that's a bash extension, although I may be confused due to having been brought up on SysVR2 Unix :-) as always, I missed the most important part... :-)) I used both UID and id [EMAIL PROTECTED] ~]# cat /tmp/rsync.ids 0 0 uid=0(root) gid=0(root) context=root:system_r:inetd_t -- To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
Re: Permission denied when running from xinetd
selinux is enabled. I changed enforcing to permissive mode and it works now. i think i should check to see if it is necessary to run it on my system and no matter what I learn - just disable it. thank you guys for your help. -- To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
Re: Permission denied when running from xinetd
Matt McCutchen [EMAIL PROTECTED] wrote: On Sun, 2007-11-25 at 17:37 -0500, [EMAIL PROTECTED] wrote: When I run rsyncd from xinetd and try to rsync I will get permission denied error: rsync: chdir /home/test failed : Permission denied (13) That's very bizarre, since the daemon is ostensibly running as root and the permissions on /home/test clearly should allow the chdir. Hmm. Bizarre things happening when root and different behaviour when run as a daemon versus from the command line. Those are the sort of symptoms one gets from SELinux denials. Is SELinux enabled on this system? Ron -- To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
Re: Permission denied when running from xinetd
Hmm. Bizarre things happening when root and different behaviour when run as a daemon versus from the command line. Those are the sort of symptoms one gets from SELinux denials. Is SELinux enabled on this system? I am not aware of SE linux running on this system unless centos is enabling this by default. How do I check? (I know I should not ask...) [EMAIL PROTECTED] ~]# uname -a Linux centos1.tekran.com 2.6.18-8.el5 #1 SMP Thu Mar 15 19:57:35 EDT 2007 i686 i686 i386 GNU/Linux -- To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
Re: Permission denied when running from xinetd
On Nov 26, 2007 11:38 PM, Matt McCutchen [EMAIL PROTECTED] wrote: On Sun, 2007-11-25 at 17:37 -0500, [EMAIL PROTECTED] wrote: root. Set a shell script like the following as the server in the xinetd configuration to verify that the daemon is running as root and to strace it to get more information about the failed chdir: #!/bin/bash echo $UID $EUID /tmp/rsync.ids exec strace -f -o /tmp/rsync.strace /usr/bin/rsync --daemon I have set the script as server, here is the section of strace output for both scenarios: xinetd: 11891 open(/etc/group, O_RDONLY) = 4 11891 fcntl64(4, F_GETFD) = 0 11891 fcntl64(4, F_SETFD, FD_CLOEXEC) = 0 11891 fstat64(4, {st_mode=S_IFREG|0644, st_size=702, ...}) = 0 11891 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7d04000 11891 read(4, root:x:0:root,rsync,henro\nbin:x:..., 4096) = 702 11891 close(4) = 0 11891 munmap(0xb7d04000, 4096) = 0 11891 chdir(/home/test) = -1 EACCES (Permission denied) 11891 time(NULL)= 1196105171 standalone daemon: 11942 open(/etc/group, O_RDONLY) = 4 11942 fcntl64(4, F_GETFD) = 0 11942 fcntl64(4, F_SETFD, FD_CLOEXEC) = 0 11942 fstat64(4, {st_mode=S_IFREG|0644, st_size=702, ...}) = 0 11942 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f8c000 11942 read(4, root:x:0:root,rsync,henro\nbin:x:..., 4096) = 702 11942 close(4) = 0 11942 munmap(0xb7f8c000, 4096) = 0 11942 chdir(/home/test) = 0 11942 setgid32(0) = 0 11942 setgroups32(1, [0]) = 0 11942 setuid32(0) = 0 11942 geteuid32() = 0 11942 select(7, NULL, [6], NULL, {60, 0}) = 1 (out [6], left {60, 0}) 11942 write(6, @RSYNCD: OK\n, 12) = 12 -- To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
Re: Permission denied when running from xinetd
On Sun, 2007-11-25 at 17:37 -0500, [EMAIL PROTECTED] wrote: When I run rsyncd from xinetd and try to rsync I will get permission denied error: rsync: chdir /home/test failed : Permission denied (13) That's very bizarre, since the daemon is ostensibly running as root and the permissions on /home/test clearly should allow the chdir. Make sure that xinetd is running as root so that it can launch the rsync daemon as root. Set a shell script like the following as the server in the xinetd configuration to verify that the daemon is running as root and to strace it to get more information about the failed chdir: #!/bin/bash echo $UID $EUID /tmp/rsync.ids exec strace -f -o /tmp/rsync.strace /usr/bin/rsync --daemon Matt -- To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
Permission denied when running from xinetd
Hey folks, When I run rsyncd from xinetd and try to rsync I will get permission denied error: rsync: chdir /home/test failed : Permission denied (13) If I shutdown xinetd and start standalone daemon ( rsync --daemon --config /etc/rsyncd.conf) everything works as expected. This is my xinetd config for rsync: service rsync { disable = no socket_type = stream wait= no user= root server = /usr/bin/rsync server_args = --daemon log_on_failure += USERID } This is my rsyncd.conf strict modes = false use chroot = false max verbosity = 3 [cvs1] path = /home/test auth users = user1 secrets file = /etc/rsync-passwords.txt read only = yes list = yes uid = root gid = root /etc/rsync-passwords.txt user1:test permissions for the directory: [EMAIL PROTECTED] ~]# ll /home/test -d drwxrwxrwx 2 root root 4096 Nov 25 00:15 /home/test Thanks -- To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html