/freeradius-server

New issue

radiusd: Cannot change ownership of log file /tmp/test.log: Operation not permitted #1914

Closed
spbnick opened this Issue Feb 16, 2017 · 1 comment

Comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
1 participant
@spbnick
@spbnick
Collaborator

spbnick commented Feb 16, 2017

Issue type

  • Defect - Crash or memory corruption.
  • Defect - Non compliance with a standards document, or incorrect API usage.
  • Defect - Unexpected behaviour (obvious or verified by project member).
  • Feature request.

Defect/Feature description

Radiusd (latest v3.0.x) fails to log to a file supplied with -l option, producing the following message:

radiusd: Cannot change ownership of log file /tmp/test.log: Operation not permitted

strace shows what's happening:

setgroups(1, [95])                      = 0
setgid(95)                              = 0
mkdir("/var/log/radius", 0700)          = -1 EEXIST (File exists)
geteuid()                               = 0
setresuid(4294967295, 95, 0)            = 0
geteuid()                               = 95
setrlimit(RLIMIT_CORE, {rlim_cur=0, rlim_max=0}) = 0
fchown(3, 95, 95)                       = -1 EPERM (Operation not permitted)

See also https://bugzilla.redhat.com/show_bug.cgi?id=1421207

How to reproduce issue

sudo radiusd -sfxx -l /tmp/test.log

@alandekok alandekok added a commit that referenced this issue Feb 16, 2017

@alandekok alandekok suid down after fchown. Fixes #1914
This commit was signed with a verified signature.
@alandekok alandekok Alan DeKok
GPG key ID: 7D0E79CD77621ECD Learn about signing commits
a408998

alandekok closed this in 30a95d8 Feb 16, 2017

@spbnick
Collaborator

spbnick commented Feb 16, 2017

Thanks, Alan!
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment