Opened 10 years ago

Closed 9 years ago

Last modified 9 years ago

#7832 closed patch (fixed)

Add support to drop permissions if running as root

Reported by: superm1@… Owned by: danielk
Priority: minor Milestone: 0.23
Component: MythTV - General Version: head
Severity: medium Keywords:
Cc: Ticket locked: no

Description

This is a patch that allows mythbackend to drop it's permissions down to a user specified on the command line rather than running the process as root.

It has two very useful applications: 1) When start-stop-daemon is not available to adjust the user to launch as (such as running in an upstart script) 2) When operating on a system with consolekit that you don't want to have the mythbackend process launched via su. Consolekit believes this scenario to be an interactive user actually.

Attachments (5)

drop_permissions.patch (3.9 KB) - added by superm1@… 10 years ago.
upstart_script_improvement.diff (652 bytes) - added by superm1@… 10 years ago.
36_setgroups_too (1.8 KB) - added by superm1@… 10 years ago.
follow on patch to setgroups() as well
36_setgroups_too.2 (1.8 KB) - added by superm1@… 10 years ago.
36_setgroups_too.3 (1.8 KB) - added by superm1@… 10 years ago.

Download all attachments as: .zip

Change History (19)

Changed 10 years ago by superm1@…

Attachment: drop_permissions.patch added

Changed 10 years ago by superm1@…

comment:1 Changed 10 years ago by superm1@…

There are two separate patches here, the upstart script gets simplified because of the mythbackend patch.

comment:2 Changed 10 years ago by Jeremy Visser <jeremy@…>

I'm very pleased to see this patch. This bug is the cause of bug #445953 downstream in Ubuntu, which wreaks havoc with system shutdown.

I'll attempt to test this patch. I can confirm that the updated upstart script fixes the downstream shutdown issue, but I haven't yet tested whether the drop permissions functionality works.

comment:3 Changed 10 years ago by danielk

Resolution: fixed
Status: newclosed

(In [23521]) Fixes #7832. Applies patch with minor modifications. This change allows mythbackend to run as a specified user without a setuid binary when run as root.

And this allows upstart scripts to run mythtv as the proper user.

comment:4 Changed 10 years ago by chckens@…

I'm running the latest packaged version of MythTV in Ubuntu Lucid, and this change seems to be causing problems with opening tuners.

My mythtv user is in the video group, and my tuners are all set to group video and are group writable:

graham@mauru:/home/lounge$ ls -l /dev/dvb/adapter0/frontend0 
crw-rw----+ 1 root video 212, 7 2010-02-21 12:00 /dev/dvb/adapter0/frontend0

Yet when run from the upstart script which runs myth with --user mythtv, it's unable to access the tuners:

2010-02-20 12:12:52.103 DVBChan(1:/dev/dvb/adapter0/frontend0) Warning: Opening 
DVB frontend device failed.
                        eno: Permission denied (13)

I tried su-ing to the mythtv user and running mythbackend without a --user parameter, then everything works as expected.

comment:5 Changed 10 years ago by superm1@…

I'm going to attach a patch that I think should address that by doing setgroups() as well.

Changed 10 years ago by superm1@…

Attachment: 36_setgroups_too added

follow on patch to setgroups() as well

Changed 10 years ago by superm1@…

Attachment: 36_setgroups_too.2 added

comment:6 Changed 10 years ago by superm1@…

Test that second patch, the first one is clearing the memory too soon.

comment:7 Changed 10 years ago by danielk

Resolution: fixed
Status: closednew

comment:8 Changed 10 years ago by danielk

Owner: changed from Isaac Richards to danielk
Status: newassigned

comment:9 Changed 10 years ago by superm1@…

@chckens: I've added that second patch into the standard lucid builds for testing, can you please verify whether it fixes the problem for you so we can determine if it's sufficient to include in the upstream svn? You'll find it in build 0.23.0~trunk23567-0ubuntu4 or later.

comment:10 Changed 10 years ago by chckens@…

No complaints here, the ubuntu4 package solves my issue.

comment:11 Changed 10 years ago by superm1@…

Actually it turns out that patch was still setting the wrong args for setgroups. The first arg is supposed to be the size of the array. Here's a 3rd patch that supersedes the first two. Third time's a charm!

Changed 10 years ago by superm1@…

Attachment: 36_setgroups_too.3 added

comment:12 Changed 10 years ago by nick@…

Can confirm that the 3rd patch fixes the DVB permissions problems on Fedora 12.

comment:13 Changed 9 years ago by sphery

Resolution: fixed
Status: assignedclosed

(In [23835]) Fixes #7832. Set the supplemental group IDs appropriately when changing the process persona for the --user command-line argument to mythbackend.

This change uses a slightly simplified version of Mario's patch on the ticket and puts the code that sets the supplemental group IDs after the call to setgid() to be slightly more portable (even though none of the platforms on which MythTV runs would have had issues with the other approach).

Thanks to Mario L. for the work on the --user command-line argument.

comment:14 Changed 9 years ago by sphery

(In [23836]) Refs #7832. Set supplemental groups for mythbackend with --user argument. Backports [23835] from trunk.

Note: See TracTickets for help on using tickets.