diff options
author | Lukas Slebodnik <lslebodn@redhat.com> | 2015-05-27 14:49:14 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-05-31 19:40:22 +0200 |
commit | d3ff187769601118d500b5bdd8ad6b7b733bdddb (patch) | |
tree | febf02a72ff570b52aaa9d7d36f12bda978cf057 | |
parent | 44f35a0f32785bf460b5d05424f5e9a15f4f4028 (diff) | |
download | sssd-d3ff187769601118d500b5bdd8ad6b7b733bdddb.tar.gz sssd-d3ff187769601118d500b5bdd8ad6b7b733bdddb.tar.xz sssd-d3ff187769601118d500b5bdd8ad6b7b733bdddb.zip |
PROXY: proxy_child should work in non-root mode
According to design page[1], proxy_child should run
with root privileges in non-root mode however proxy_child
did not have setuid bit.
After setting setuid bit proxy_child will be executed with extra privileges.
The effective user ID will be 0 but effective group ID will be still
the same as egid of sssd_be. Therefore gid of private pipe for
proxy_child should be the same. Otherwise proxy_child will fail
due to wrong permissions of unix pipe (sbus_client_init -> check_file)
[1] https://fedorahosted.org/sssd/wiki/DesignDocs/NotRootSSSD
Resolves:
https://fedorahosted.org/sssd/ticket/2655
Reviewed-by: Michal Židek <mzidek@redhat.com>
(cherry picked from commit 1370bcccaed090f36d75e8a8cebb320ea1612b7e)
-rw-r--r-- | Makefile.am | 2 | ||||
-rw-r--r-- | contrib/sssd.spec.in | 2 | ||||
-rw-r--r-- | src/providers/proxy/proxy_init.c | 2 |
3 files changed, 4 insertions, 2 deletions
diff --git a/Makefile.am b/Makefile.am index cb826d2ae..ac6a358ea 100644 --- a/Makefile.am +++ b/Makefile.am @@ -3089,6 +3089,8 @@ if SSSD_USER chmod 4750 $(DESTDIR)$(sssdlibexecdir)/ldap_child -chgrp $(SSSD_USER) $(DESTDIR)$(sssdlibexecdir)/krb5_child chmod 4750 $(DESTDIR)$(sssdlibexecdir)/krb5_child + -chgrp $(SSSD_USER) $(DESTDIR)$(sssdlibexecdir)/proxy_child + chmod 4750 $(DESTDIR)$(sssdlibexecdir)/proxy_child if BUILD_SEMANAGE -chgrp $(SSSD_USER) $(DESTDIR)$(sssdlibexecdir)/selinux_child chmod 4750 $(DESTDIR)$(sssdlibexecdir)/selinux_child diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in index 35de44493..2600438f3 100644 --- a/contrib/sssd.spec.in +++ b/contrib/sssd.spec.in @@ -680,7 +680,7 @@ rm -rf $RPM_BUILD_ROOT %files proxy %defattr(-,root,root,-) %doc COPYING -%{_libexecdir}/%{servicename}/proxy_child +%attr(4750,root,sssd) %{_libexecdir}/%{servicename}/proxy_child %{_libdir}/%{name}/libsss_proxy.so %files dbus diff --git a/src/providers/proxy/proxy_init.c b/src/providers/proxy/proxy_init.c index b56e9763b..5e682b298 100644 --- a/src/providers/proxy/proxy_init.c +++ b/src/providers/proxy/proxy_init.c @@ -522,7 +522,7 @@ int sssm_proxy_auth_init(struct be_ctx *bectx, goto done; } - ret = sbus_new_server(ctx, bectx->ev, sbus_address, 0, 0, + ret = sbus_new_server(ctx, bectx->ev, sbus_address, 0, bectx->gid, false, &ctx->sbus_srv, proxy_client_init, ctx); if (ret != EOK) { DEBUG(SSSDBG_FATAL_FAILURE, "Could not set up sbus server.\n"); |