Bug#295169: dpkg: [S-S-D] start-stop-daemon doesn't set HOME enviroment variable when switching users via --chuid
Package: dpkg
Severity: critical
Tags: patch
Justification: breaks unrelated software
Hi,
start-stop-daemon doesn't set the HOME environment variable when run
with the --chuid option. This can cause breakages in applications that
depend on this value matching the actual home directory of the user the
daemon is being run as.
To test, first:
# apt-get install postgresql postgresql-contrib
Assign a password to the postgres database account:
# psql -U postgres -c "ALTER USER postgres WITH PASSWORD 'test'" template1
Edit /etc/postgresql/pg_hba.conf to have these lines:
local all all md5
host all all 127.0.0.1 255.255.255.0 md5
Reload postgresql:
# /etc/init.d/postgresql reload
Add a ~/.pgpass file to the postgres user account:
# echo '*:*:*:postgres:test' > /var/lib/postgres/.pgpass
# chown postgres:postgres /var/lib/postgres/.pgpass
# chmod 600 /var/lib/postgres/.pgpass
Restart the pg_autovaccum daemon:
# /etc/init.d/autovac-restart
Observe the daemon is no longer running via ps ax. The log will say:
[2005-02-13 11:36:34 PM] Failed connection to database template1 with error: fe_
sendauth: no password supplied
..
[2005-02-13 11:36:34 PM] Error: Cannot connect to template1, exiting.
A 'strace -f' reveals this:
stat("/root/.pgpass", 0x7fbffff580) = -1 ENOENT (No such file or directory)
Editing /etc/init.d/postgresql to set HOME before hand and export it allows
the daemon to run.
A patch to start-stop-daemon is included to correct this issue. I've
already tested it and verified it fixes this particular issue.
To minimize intrusiveness, this patch checks for the existance of the
user's homedir via access() and only adds a HOME variable to the
enviroment if that directory exists. This ensures that HOME always
points to a real location, even if it's not the correct one. I'd hope
no programs would depend on HOME existing but don't care if it's
correct, but I figured it was best to change as little behavior as
possible.
Adam
-- System Information:
Debian Release: 3.1
Architecture: x86_64
Kernel: Linux 2.6.10-9-amd64-k8
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
--- start-stop-daemon.c.orig 2005-02-13 22:42:32.521610976 -0500
+++ start-stop-daemon.c 2005-02-13 23:17:25.409443664 -0500
@@ -115,6 +115,7 @@
static const char *schedule_str = NULL;
static const char *progname = "";
static int nicelevel = 0;
+static const char *home_env_name = "HOME=";
static struct stat exec_stat;
#if defined(OSHURD)
@@ -1184,6 +1185,18 @@
changegroup = ""; /* just empty */
runas_gid = pw->pw_gid;
}
+
+ if (0 == access(pw->pw_dir, F_OK)) {
+ size_t home_dir_len = sizeof(home_env_name)+strlen(pw->pw_dir);
+ char *home_dir;
+
+ home_dir = xmalloc(home_dir_len);
+ strncpy(home_dir, home_env_name, sizeof(home_env_name));
+ strncat(home_dir, pw->pw_dir, home_dir_len-sizeof(home_env_name));
+
+ putenv(home_dir);
+ }
+
}
if (stop) {
Reply to: