Possible UID/GID bug in chrooted shells?
mbp at samba.org
Thu Jun 13 16:16:02 EST 2002
On 13 Jun 2002, Dave Dykstra <dwd at bell-labs.com> wrote:
> On Tue, Jun 11, 2002 at 06:05:37PM +0100, Tom Worley wrote:
> > On Tuesday 11 June 2002 5:24 pm, you wrote:
> > > Tom: You just need to tell rsync to use numeric IDS, or else make a /etc
> > > in the chroot root, so that names can be resolved (it's chrooted, so it
> > > can't see the real /etc... ever notice the /etc in anon ftp sessions?). By
> > > default, rsync uses the names, rather than the numbers, since it was
> > > developed as a mirroring tool, where you might be mirroring a system where
> > > the ids don't match. If it's not told to use numeric ids, it will attempt
> > > to resolve names to local numeric ids, and use them, else it uses the euid
> > > and egid of the rsync process.
> > Tim, I had already tried that with no joy, e.g.:
> > rsync --delete-excluded --delete -essh -avzog --numeric-ids /home/admin/
> > test at localhost:/home/backup
> > Same results, all files are owned by root as rsync is SUID root in the chroot
> > enviroment. There is an /etc/passwd in there, but only with root and the test
> > user's entries.
> > Oh, and I'm using linux 2.4.18 kernel, chroot 2.0.11, rsync 2.5.6CVS (from
> > debian sid packages)
I suspect some kind of bug with real vs effective uids.
I'm not how that script will cause them to be set, but it may be
eff=root, real=testluser. In that case rsync will probably get pretty
confused, because I think it calls getuid() and will therefore think
it's not root, even though it is. As Dave says, this is not a
supported mode of operation: rsync wants to either be root, or not,
but not halfway.
> rsync is not designed to run setuid-root so I'm not surprised that it
> behaves strangely. It might help to write a small setuid-root wrapper
> program that sets the real user id to root and execs rsync.
> In general it's a bad idea to make a program setuid if it isn't designed
> for it.
.. and that's putting it politely!
Manipulating uids from shell scripts is a bad idea, for large values
The total cost of the development work on Olestra has been estimated
More information about the rsync