On Fri, 8 Mar 2024, Andi Vajda wrote:
With this configuration, the build succeeds on netbsd 10.0_rc5, but I get the
same setuid failure as with 7.4.0p1 (but not with 7.3.0p2):
Looking at obvious differences in the 7.3.0p2, 7.4.0p1 and 7.5.0rc1 smtpd
executables. From ldd's standpoint, the only additional thing in 7.4.0 and
7.5.0 is a reference to libtutil.so.7:
$ ldd opensmtpd-7.3.0p2/local/sbin/smtpd
opensmtpd-7.3.0p2/local/sbin/smtpd:
-lz.1 => /usr/pkg/lib/libz.so.1
-lc.12 => /usr/lib/libc.so.12
-lcrypt.1 => /usr/lib/libcrypt.so.1
-levent-2.1.7 => /usr/pkg/lib/libevent-2.1.so.7
-lpthread.1 => /usr/lib/libpthread.so.1
-lssl.55 => /home/vajda/libressl-3.8.2/local/lib/libssl.so.55
-lcrypto.52 => /home/vajda/libressl-3.8.2/local/lib/libcrypto.so.52
$ ldd opensmtpd-7.4.0p1/local/sbin/smtpd
opensmtpd-7.4.0p1/local/sbin/smtpd:
-lz.1 => /usr/pkg/lib/libz.so.1
-lc.12 => /usr/lib/libc.so.12
-lssl.55 => /home/vajda/libressl-3.8.2/local/lib/libssl.so.55
-lcrypto.52 => /home/vajda/libressl-3.8.2/local/lib/libcrypto.so.52
-lpthread.1 => /usr/lib/libpthread.so.1
-lutil.7 => /usr/lib/libutil.so.7
-lcrypt.1 => /usr/lib/libcrypt.so.1
-levent-2.1.7 => /usr/pkg/lib/libevent-2.1.so.7
$ ldd opensmtpd-7.5.0rc1/local/sbin/smtpd
opensmtpd-7.5.0rc1/local/sbin/smtpd:
-lz.1 => /usr/pkg/lib/libz.so.1
-lc.12 => /usr/lib/libc.so.12
-lssl.55 => /home/vajda/libressl-3.8.2/local/lib/libssl.so.55
-lcrypto.52 => /home/vajda/libressl-3.8.2/local/lib/libcrypto.so.52
-lpthread.1 => /usr/lib/libpthread.so.1
-lutil.7 => /usr/lib/libutil.so.7
-lcrypt.1 => /usr/lib/libcrypt.so.1
-levent-2.1.7 => /usr/pkg/lib/libevent-2.1.so.7
I also notice that the 7.3.0 smtpd executable is 3.5x smaller than the 7.4.0
and the 7.5.0 ones. Stripping all three then yields smaller executables for
7.4.0 and 7.5.0:
-rwxr-xr-x 1 vajda users 687160 Mar 8 16:08
opensmtpd-7.3.0p2/local/sbin/smtpd
-rwxr-xr-x 1 vajda users 548128 Mar 8 16:08
opensmtpd-7.4.0p1/local/sbin/smtpd
-rwxr-xr-x 1 vajda users 551816 Mar 8 16:09
opensmtpd-7.5.0rc1/local/sbin/smtpd
Andi..