[Bug 256728] rc.subr: ${name}_user uses "su -m" that invokes root shell instead of /bin/sh
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 256728] rc.subr: ${name}_user uses "su -m" that invokes root shell instead of /bin/sh"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 256728] rc.subr: ${name}_user uses "su -m" that invokes root shell instead of /bin/sh"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 256728] rc.subr: ${name}_user uses "su -m" that invokes root shell instead of /bin/sh"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 256728] rc.subr: ${name}_user uses "su -m" that invokes root shell instead of /bin/sh"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 20 Jun 2021 10:02:32 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256728
Bug ID: 256728
Summary: rc.subr: ${name}_user uses "su -m" that invokes root
shell instead of /bin/sh
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: Ports Framework
Assignee: portmgr@FreeBSD.org
Reporter: eugen@freebsd.org
CC: ports-bugs@FreeBSD.org
The port net/p2p/transmission-daemon is an example of service that utilizes
<name>_user rc.conf setting. Also, it supports writing debugging logs to
pre-opened (redirected to a file) STDERR by means of environment variable
TR_DEBUG_FD=2 but our framework uses "su -m" for such services executing root
shell that defaults to stock csh (contrib/tcsh) that closes its file descriptor
2 at start.
Note there is some kind of work-around if we do not use login classes and/or
limits for the service, then add to /etc/rc.conf
transmission_chroot="/"
So "chroot -u transmission /" is used to substitute user instead of "su -m" and
chroot(8) is documented not to use root shell but SHELL=/bin/sh. And /bin/sh
keeps redirected STDERR open in such case.
--
You are receiving this mail because:
You are on the CC list for the bug.