[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

sshd help: setresgid() isn't working

I've fixed all the Hurd build problems in openssh 1:4.0p1-1, which I'll
be uploading to experimental shortly. However, I still can't get sshd to
work, and it's beginning to look like a bug in glibc's Hurd support.

sshd's debug log looks like this:

  debug3: privsep user:group 101:65534
  debug1: permanently_set_uid: 101/65534
  permanently_set_uid: was able to restore old [e]gid

Now, I'm building this with glibc 2.3.2.ds1-22 that has weak aliases for
setresuid and setresgid thanks to Michael Banck, so sshd is using those
functions to switch IDs. That means it's doing roughly the following
sequence of libc calls:

  old_uid = getuid();
  old_gid = getgid();
  setresgid(65534, 65534, 65534);
  setresuid(101, 101, 101);
  setgid(old_gid); /* must fail */
  setegid(old_gid); /* must fail */

I've attached a reduced test program which does this, and fails. It
looks to me as if setresgid() is broken. Can somebody with more libc
knowledge than I check this out?


Colin Watson                                       [cjwatson@debian.org]
#define _GNU_SOURCE
#include <stdlib.h>
#include <stdio.h>
#include <stdarg.h>
#include <unistd.h>
#include <errno.h>

void die (const char *fmt, ...) {
	va_list ap;

	va_start(ap, fmt);
	vfprintf(stderr, fmt, ap);
	putc('\n', stderr);

int main (int argc, char **argv) {
	uid_t old_uid = getuid();
	gid_t old_gid = getgid();

	if (setresgid(65534, 65534, 65534) < 0)
		die("setresgid 65534: %s", strerror(errno));
	if (setresuid(101, 101, 101) < 0)
		die("setresuid 101: %s", strerror(errno));

	if (setgid(old_gid) != -1)
		die("setgid %u succeeded", (unsigned int) old_gid);
	if (setegid(old_gid) != -1)
		die("setegid %u succeeded", (unsigned int) old_gid);

	if (setuid(old_uid) != -1)
		die("setuid %u succeeded", (unsigned int) old_uid);
	if (seteuid(old_uid) != -1)
		die("seteuid %u succeeded", (unsigned int) old_uid);

	return 0;

Reply to: