From owner-freebsd-current Mon Oct 8 21:17: 3 2001 Delivered-To: freebsd-current@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 82E8337B403 for ; Mon, 8 Oct 2001 21:16:57 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.11.6/8.11.5) with SMTP id f994GHB03949; Tue, 9 Oct 2001 00:16:17 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Tue, 9 Oct 2001 00:16:17 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: "Georg-W. Koltermann" Cc: current@freebsd.org Subject: Re: VMWare2 permission problems on -current as of Sep 26 In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=ISO-8859-1 Content-Transfer-Encoding: QUOTED-PRINTABLE Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG So normally vmware runs setuid root, which means that the 'real' uid and gid will be the normal user, as opposed to the root user. '0x4' on FreeBSD would constitute R_OK -- a=A0quick glance at my local Linux box demonstrates that it has the same meaning there. If you run the 'access' command with similar arguments on /home/hunter/gwk/.Xauthority, what do you get back? An interesting experiment might be to write a short program invoking access(2) with the same arguments, compiled under both ABIs, and then experimented with and without setuid-root. A glance at the linux_access() implementation looks right to me, but maybe there's something going on relating to preserving real/saved uids/gids and the process credential. Or alternatively, maybe your .Xauthority file isn't readable :-) Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services On Mon, 8 Oct 2001, Georg-W. Koltermann wrote: > No, I wan't using linux_kdump, thanks for the education. >=20 > Today I've installed linux_kdump from the package on > jp.current.freebsd.org, and now I get >=20 > 1207 vmware CALL linux_access(0xbfbff759,0x4) > 1207 vmware NAMI "/compat/linux/home/hunter/gwk/.Xauthority" > 1207 vmware NAMI "/home/hunter/gwk/.Xauthority" > 1207 vmware RET linux_access -1 errno 13 Permission denied >=20 > which looks a little more meaningful (no negative errno any more, and > a linux_* syscall is listed). >=20 > Still needs debugging, which I'll attempt to do when I get a little > time. >=20 > -- > Regards, > Georg. >=20 >=20 > At Sun, 7 Oct 2001 > 19:28:35 -0400 (EDT), Robert Watson wrote: > >=20 > >=20 > > On Sun, 7 Oct 2001, Georg-W. Koltermann wrote: > >=20 > > [...] > > > I ran the vmware command through ktrace(1) (had to do that as root si= nce > > > it won't trace a SUID program for a normal user), and it does get an > > > error return from an access(2) on .Xauthority:=20 > > >=20 > > > 1207 vmware CALL access(0xbfbff759,0x4)=20 > > > 1207 vmware NAMI "/compat/linux/home/hunter/gwk/.Xauthority" > > > 1207 vmware NAMI "/home/hunter/gwk/.Xauthority" > > > 1207 vmware RET access -1 errno -13 Unknown error: -13 > > >=20 > > > It seems I am going to debug the access() call next. > >=20 > > I'm a little surprised that they're calling access(). Are you using th= e > > linux_kdump from the ports collection, btw? Otherwise the system calls > > aren't listed right, due to differences in system call number. > >=20 > > Robert N M Watson FreeBSD Core Team, TrustedBSD Project > > robert@fledge.watson.org NAI Labs, Safeport Network Services > >=20 > >=20 >=20 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message