Bug 4654 - Running auth_script method as non-root user fails
Summary: Running auth_script method as non-root user fails
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: File Services (show other bugs)
Version: 3.0.25
Hardware: x86 Linux
: P3 normal
Target Milestone: none
Assignee: Samba Bugzilla Account
QA Contact: Samba QA Contact
Depends on:
Reported: 2007-05-24 04:20 UTC by jan
Modified: 2007-05-24 05:20 UTC (History)
0 users

See Also:

Excerpt of smb.conf (562 bytes, text/plain)
2007-05-24 05:04 UTC, jan
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description jan 2007-05-24 04:20:26 UTC
I am running smbd as a non-root user.

During the authentication of every user I get a "broken pipe" during a write() in smbrun.c:259 in function smbrunsecret.

I seems to be a problem in the code of the child process, where it tries to loose all its privileges:
become_user_permanently(uid, gid);

Without this line the pipe is working fine.
Comment 1 Volker Lendecke 2007-05-24 04:43:26 UTC
Please upload your smb.conf and the script you want to run.
Comment 2 jan 2007-05-24 05:04:44 UTC
Created attachment 2726 [details]
Excerpt of smb.conf

This is an excerpt of the corresponding smb.conf.
Comment 3 jan 2007-05-24 05:06:53 UTC
(In reply to comment #1)
> Please upload your smb.conf and the script you want to run.

I didn't add the script, since it'd lead to a wrong direction. The script is never called, because the server exits before.

Comment 4 Volker Lendecke 2007-05-24 05:20:46 UTC
Ok, I had not seen that you are running smbd as non-root. In this particular case the whole call to become_user_permanently() is not necessary, we are already that user.

The whole point of this call is to make sure that we can't get back to root, which would be indicated by the fact that gain_root_privilege() fails the assert in util_sec.c:152.

I'm reluctant not to assert here, because the fact that we did not gain root with gain_root_privileges() only states that we were too stupid, others might be smarter. To be 100% certain we need root to then be able to safely "su - <user>"  as it is documented everywhere.

I will thus refuse this bug as wontfix, running smbd in non-root mode is of minor importance to us, and I don't want to touch the stability of the root-mode for a minor feature.