Recent issue with pkg base missing setuid

Kris Moore kris at ixsystems.com
Mon Dec 4 18:52:05 UTC 2017 

On 12/04/2017 13:47, Rodney W. Grimes wrote:
>> On 12/04/2017 11:37, Brad Davis wrote:
>>> On Mon, Dec 4, 2017, at 09:25 AM, Kris Moore wrote:
>>>> Anybody else noticed a recent regression (say past month or so) where
>>>> pkg base of latest HEAD is now failing to throw setuid on some files? We
>>>> saw it at first because /sbin/shutdown lost its setuid bit, so users
>>>> can't shutdown the box. I rolled back pkg to 1.10.1 which was working,
>>>> and that didn't seem to make a difference. Now I suspect something in
>>>> HEAD itself changed, but for the life of me can't find where.
>>> Hey Kris,
>>>
>>> Can you look at the plist file and see if it is correctly flagging the
>>> file there?
>>>
>>>
>>> Regards,
>>> Brad Davis
>>> _______________________________________________
>>> freebsd-pkgbase at freebsd.org mailing list
>>> https://lists.freebsd.org/mailman/listinfo/freebsd-pkgbase
>>> To unsubscribe, send any mail to "freebsd-pkgbase-unsubscribe at freebsd.org"
>> Here's what I have in the plist:
>>
>> @(root,operator,04554,) /sbin/shutdown
>>
>> I'll note that ping/ping6 also have similar, and they install setuid
>> properly:
>>
>> @(root,wheel,04555,) /sbin/ping
>> @(root,wheel,04555,) /sbin/ping6
>>
>> Here's what I have in the pkg tarball:
>>
>> # tar tvf FreeBSD-runtime-12.0.s20171204170123.txz | grep shutdown
>> hr-sr-xr--  0 root   operator     0 Dec  4 17:05 /sbin/shutdown link to
>> /sbin/poweroff
>>
>> # tar tvf FreeBSD-runtime-12.0.s20171204170123.txz | grep poweroff
>> -r-xr-xr--  0 root   wheel    15440 Dec  4 17:05 /sbin/poweroff
>> hr-sr-xr--  0 root   operator     0 Dec  4 17:05 /sbin/shutdown link to
>> /sbin/poweroff
>>
>>
>> And installing it again sure enough gives version without setuid:
>>
>> # pkg-static add -f FreeBSD-runtime-12.0.s20171204170123.txz
>> Installing FreeBSD-runtime-12.0.s20171204170123...
>> package FreeBSD-runtime is already installed, forced install
>> Extracting FreeBSD-runtime-12.0.s20171204170123: 100%
>>
>> [root at chimera]
>> /usr/obj/usr/src/repo/FreeBSD:12:amd64/12.0.s20171204170123# ls -al
>> /sbin/shutdown
>> -r-xr-xr--  2 root  wheel  15440 Dec  4 17:05 /sbin/shutdown
> Can you show us ls -ail for /sbin/shutdown and /sbin/poweroff?
>
>
[root at chimera] /usr/src# ls -ail /sbin/shutdown
245898 -r-xr-xr--  2 root  wheel  15440 Dec  4 17:05 /sbin/shutdown
[root at chimera] /usr/src# ls -ail /sbin/poweroff
245898 -r-xr-xr--  2 root  wheel  15440 Dec  4 17:05 /sbin/poweroff

-- 
Kris Moore
Director of Engineering
iXsystems
Enterprise Storage & Servers Driven By Open Source

More information about the freebsd-pkgbase mailing list