The Samba-Bugzilla – Bug 4654
Running auth_script method as non-root user fails
Last modified: 2007-05-24 05:20:46 UTC
I am running smbd as a non-root user.
During the authentication of every user I get a "broken pipe" during a write() in smbrun.c:259 in function smbrunsecret.
I seems to be a problem in the code of the child process, where it tries to loose all its privileges:
Without this line the pipe is working fine.
Please upload your smb.conf and the script you want to run.
Created attachment 2726 [details]
Excerpt of smb.conf
This is an excerpt of the corresponding smb.conf.
(In reply to comment #1)
> Please upload your smb.conf and the script you want to run.
I didn't add the script, since it'd lead to a wrong direction. The script is never called, because the server exits before.
Ok, I had not seen that you are running smbd as non-root. In this particular case the whole call to become_user_permanently() is not necessary, we are already that user.
The whole point of this call is to make sure that we can't get back to root, which would be indicated by the fact that gain_root_privilege() fails the assert in util_sec.c:152.
I'm reluctant not to assert here, because the fact that we did not gain root with gain_root_privileges() only states that we were too stupid, others might be smarter. To be 100% certain we need root to then be able to safely "su - <user>" as it is documented everywhere.
I will thus refuse this bug as wontfix, running smbd in non-root mode is of minor importance to us, and I don't want to touch the stability of the root-mode for a minor feature.