RFC: syslog-ng #608791 and future unblock request

To: Debian Release Team <debian-release@lists.debian.org>
Subject: RFC: syslog-ng #608791 and future unblock request
From: Laszlo Boszormenyi <gcs@debian.hu>
Date: Sat, 29 Jan 2011 18:28:53 +0100
Message-id: <[🔎] 1296322133.8544.63.camel@julia.gcs.org.hu>

Hi Release Team!

There's a bug, #608791 [1] in syslog-ng, which I'd like to fix for
Squeeze. If you ask for automated directory creation then its uid and
gid settings are not working, but set to root:root. The problem is, the
corresponding capabilities are not set for the process before fchown()
calls.

I could solve this with the following patch.
--- syslog-ng-3.1.3.orig/src/misc.c
+++ syslog-ng-3.1.3/src/misc.c
@@ -24,6 +24,7 @@
 #include "misc.h"
 #include "dnscache.h"
 #include "messages.h"
+#include "gprocess.h"
 
 #include <sys/types.h>
 #include <sys/socket.h>
@@ -368,6 +369,7 @@ create_containing_directory(gchar *name,
   struct stat st;
   gint rc;
   gchar *p;
+  cap_t saved_caps;
   
   /* check that the directory exists */
   dirname = g_path_get_dirname(name);
@@ -401,12 +403,16 @@ create_containing_directory(gchar *name,
         {
           if (mkdir(name, dir_mode < 0 ? 0700 : (mode_t) dir_mode) ==
-1)
             return FALSE;
+          saved_caps = g_process_cap_save();
+          g_process_cap_modify(CAP_CHOWN, TRUE);
+          g_process_cap_modify(CAP_FOWNER, TRUE);
           if (dir_uid >= 0)
             chown(name, (uid_t) dir_uid, -1);
           if (dir_gid >= 0)
             chown(name, -1, (gid_t) dir_gid);
           if (dir_mode >= 0)
             chmod(name, (mode_t) dir_mode);
+          g_process_cap_restore(saved_caps);
         }
       *p = '/';
       p = strchr(p + 1, '/');

This way, I've to link pdbtool with libcap, so adding @DEPS_LIBS@ for it
in Makefile.am is also necessary. Upstream support solved it a bit
different.
diff --git a/src/affile.c b/src/affile.c
index b5e1bef..df79029 100644
--- a/src/affile.c
+++ b/src/affile.c
@@ -55,10 +55,20 @@ affile_open_file(gchar *name, gint flags,
       return FALSE;
     }
 
-  if (create_dirs && !create_containing_directory(name, dir_uid,
dir_gid, dir_mode))
-    return FALSE;
-
   saved_caps = g_process_cap_save();
+  if (create_dirs)
+    {
+      g_process_cap_modify(CAP_CHOWN, TRUE);
+      g_process_cap_modify(CAP_FOWNER, TRUE);
+
+      if (!create_containing_directory(name, dir_uid, dir_gid,
dir_mode))
+       {
+         g_process_cap_restore(saved_caps);
+         return FALSE;
+       }
+      g_process_cap_restore(saved_caps);
+    }
+
   if (privileged)
     {
       g_process_cap_modify(CAP_DAC_READ_SEARCH, TRUE);

This way no extra linking is necessary, but the capabilities used for a
slightly more time and even when dir_owner() and dir_group() are not
set. Support ACK that my solution is better even for the extra linking.
The bad news is that we still couldn't get feedback from the real
upstream author of syslog-ng.

If you accept it, which patch should I use and where should I upload?
Can it go for t-p-u or via Sid maybe with priority=medium?

Regards,
Laszlo/GCS
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608791

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to:

Follow-Ups:
- Re: RFC: syslog-ng #608791 and future unblock request
  - From: Julien Cristau <jcristau@debian.org>

Prev by Date: Bug#611117: unblock: apt/0.8.10.3
Next by Date: Bug#611466: release.debian.org: unblock apt-dater/0.8.4-4
Previous by thread: Bug#611447: marked as done (please unblock rootstrap 0.3.24-6)
Next by thread: Re: RFC: syslog-ng #608791 and future unblock request
Index(es):
- Date
- Thread