On 12/23/2013 03:17 PM, Eric Blake wrote: >>> + if (!(conf = virConfReadFile(login_shell_path, 0))) >>> + goto cleanup; >> >> ...and non-root invariably fails here, since login_shell_path >> (/etc/libvirt/virt-login-shell.conf) is buried inside a directory that >> is not searchable by either root or virtlogin. > > Ah, I see - non-root fails here if run unprivileged (such as under gdb), > but when run setuid it has the permissions of root and can read the file > just fine. Then again, when run as setuid, it's not even getting past virInitialize(). :( At least I managed to figure out how to debug things: I recompiled with a sleep() at the beginning, gave my just-compiled binary the same setuid permissions as the installed binary, and then attach gdb (as root, since non-root can't ptrace a running setuid binary for obvious reasons). So I suspect that the failure in virInitialize() is yet more fallout from the CVE-2013-4400 patches being untested. -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list