[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Need help. Problem with setgid on Fedora Core 9.

I upgraded from Core 4 to Core 9 (fresh install) and now my mailinglist manager, mj2, won't work anymore. Here's the problem. In ~majordomo/bin, I have all of the programs (written in perl) and all of the associated wrappers. The wrappers are all owned by majordomo (owner and group) and the appropriate ones also have setuid and setgid bits set. Unless I am sudo'd to the majordomo account (103 in this case), the program does not start because of a problem with setgid.

BTW, selinux is totally disabled.

528 > ~majordomo/bin/mj_shell
Insecure dependency in eval while running setuid at /usr/lib/perl5/5.10.0/SelfLoader.pm line 54. Compilation failed in require at /usr/lib/perl5/site_perl/5.10.0/Term/ReadLine/Perl.pm line 63.
529 >

I did some experimenting and discovered that the setgid bit is not working. In fact, I even went so far as to modify the code so that the wrapper was installed setuid/setgid as root and I made the program do a setgid, setegid, setresgid to 103, all to no avail. The error that I get back is EPERM, which in the man page says:

 The calling  process  is  not  privileged  (does  not  have  the
 CAP_SETGID  capability),  and  gid  does not match the effective
 group ID or saved set-group-ID of the calling process.

To recap, the fundamental problem is that I seem to no longer be able to run setgid either as root or as the result of installing a program with the setgid bit set. The software I'm using is actuallying looking to see if the current group is the same as the saved group.

It doesn't matter if I run it as steveo or root. The only time it succeeds is if I am su'd to majordomo.

If anyone can help me and help quickly, my server is now down, and I'd really appreciate suggestions on what to do.

Is there something that needs to be done to allow setgid to succeed? AFAICT, that's the only thing that's holding me up right now.

Time flies like the wind. Fruit flies like a banana. Stranger things have  .0.
happened but none stranger than this. Does your driver's license say Organ ..0
Donor?Black holes are where God divided by zero. Listen to me! We are all- 000
individuals! What if this weren't a hypothetical question?
steveo at syslang.net

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]