From owner-cvs-src@FreeBSD.ORG Tue Oct 24 09:28:06 2006 Return-Path: X-Original-To: cvs-src@FreeBSD.org Delivered-To: cvs-src@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9946616A407; Tue, 24 Oct 2006 09:28:06 +0000 (UTC) (envelope-from sobomax@FreeBSD.org) Received: from sippysoft.com (gk.360sip.com [72.236.70.226]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1050543D5E; Tue, 24 Oct 2006 09:28:05 +0000 (GMT) (envelope-from sobomax@FreeBSD.org) Received: from [192.168.1.47] ([204.244.149.125]) (authenticated bits=0) by sippysoft.com (8.13.8/8.13.6) with ESMTP id k9O9S1Ct020250 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 24 Oct 2006 02:28:03 -0700 (PDT) (envelope-from sobomax@FreeBSD.org) Message-ID: <453DDC66.9020501@FreeBSD.org> Date: Tue, 24 Oct 2006 02:27:02 -0700 From: Maxim Sobolev Organization: Sippy Software, Inc. User-Agent: Thunderbird 1.5.0.7 (Windows/20060909) MIME-Version: 1.0 To: Ruslan Ermilov References: <200610240818.k9O8IATH022313@repoman.freebsd.org> <20061024084753.GA65029@rambler-co.ru> In-Reply-To: <20061024084753.GA65029@rambler-co.ru> Content-Type: text/plain; charset=KOI8-U; format=flowed Content-Transfer-Encoding: 7bit Cc: cvs-src@FreeBSD.org, src-committers@FreeBSD.org, Robert Watson , cvs-all@FreeBSD.org Subject: Re: cvs commit: src/usr.bin/su su.c X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Oct 2006 09:28:06 -0000 I am trying to run ia32 su(8) binary on amd64 kernel. -Maxim Ruslan Ermilov wrote: > On Tue, Oct 24, 2006 at 08:18:10AM +0000, Maxim Sobolev wrote: >> sobomax 2006-10-24 08:18:10 UTC >> >> FreeBSD src repository >> >> Modified files: >> usr.bin/su su.c >> Log: >> Ignore SIGSYS when BSM is compiled in. Otherwise, attempt to invoke su on >> system that don't have audit framefork compiled into kernel or ia32 binary >> on amd64 system will result in SIGSYS. There is one place in su.c itself >> where it tries to check for errno != ENOSYS, but it has been a nop since su >> does not catch SIGSYS anyway. There are few other places in libbsm, >> where attempt to invoke audit syscal would result in SIGSYS if no audit >> support is present in the kernel, so that the only reliable method for >> now is to disable SIGSYS completely in the case when BSM is compiled in. >> >> In the long run, both direct invocation of audit-related syscalls and >> libbsm should be made more intellegent to handle the case when BSM is not >> compiled into the kernel gracefully. >> >> MFC after: 3 days >> (provided re@ approval) >> >> Revision Changes Path >> 1.82 +2 -0 src/usr.bin/su/su.c >> > I don't have "options AUDIT" compiled into my amd64/i386 kernels, and > "truss su" shows this (on amd64): > > : geteuid() = 0 (0x0) > : getauid(0x7fffffffe4fc) ERR#78 'Function not implemented' > > The audit_syscalls.c is always compiled in: > > : # grep audit_syscalls /sys/conf/files > : security/audit/audit_syscalls.c standard > > And in the "#else /* !AUDIT *" case, it just returns ENOSYS: > > : int > : getauid(struct thread *td, struct getauid_args *uap) > : { > : > : return (ENOSYS); > : } > > How that could result in SIGSYS, I don't get it? > > > Cheers,