[distcc] distccd on cygwin: CRITICAL! still have root privileges after trying to discard them

[Benjamin R. Haskell]

On Fri, 12 Nov 2010, Ivarsson, Magnus wrote:

> Hi, I am new to distcc but I must say that it looks really promising.
>
> Eager to get started I tried to start the distccd on a few machines 
> running windows xp and windows 7 and cygwin.
> On my own laptop it went well, but on the other machines (one xp and 
> one win7) the result was this:
>
>  bash-3.2# distccd --daemon --allow 1.2.3.4/24
>  distccd[4596] (dcc_preferred_user) Warning: no such user as "distcc"
>  distccd[4596] (dcc_discard_root) ERROR: setgid(65534) failed: Invalid argument
>  distccd[4596] (dcc_exit) exit: code 112; self: 0.000000 user 0.000000 sys; children: 0.000000 user 0.000000 sys
>
>
> Trying to set the user manually gets me a tiny step forward:
>
>  bash-3.2# distccd --daemon --allow 1.2.3.4/24 --user apa
>  distccd[4996] (dcc_discard_root) CRITICAL! still have root privileges after trying to discard them!
>  distccd[4996] (dcc_exit) exit: code 112; self: 0.000000 user 0.000000 sys; children: 0.000000 user 0.000000 sys
>
>
> The version information:
>
>  bash-3.2# distccd --version
>  distccd 2.18.3 i686-pc-cygwin (protocols 1 and 2) (default port 3632)
>    built Apr 25 2005 11:10:45
>  Copyright (C) 2002, 2003, 2004 by Martin Pool.
>  Includes miniLZO (C) 1996-2002 by Markus Franz Xaver Johannes Oberhumer.
>
>
>
> I have tried to search for solutions on the web but to no avail
>  - any clues would be greatly appreciated!

I think a long-term solution for Cygwin would be to add something like 
the example in 
http://www.cygwin.com/1.5/cygwin-ug-net/ntsec.html#ntsec-setuid
in the dcc_discard_root function in src/setuid.c (near line 126).

If you just want a hack (which almost surely opens a security hole), you 
can short-circuit the conditional on line 131.  (dcc_discard_root won't 
actually be discarding root, but you can just pretend it didn't fail.)

-- 
Best,
Ben