Marco, > It segfaults because ensure_news_user() fails and tries to access > innconf->runasuser before inn.conf has been read.
It is a regression introduced with commit https://inn.eyrie.org/trac/changeset/9854 Previously, rnews called get_news_uid_gid() that handled the possibility of inn.conf not having been read. Since that commit, rnews has been calling ensure_news_user() that does not handle that case. Suggestion of fix, in the same idea of what get_news_uid_gid() does. RUNASUSER and RUNASGROUP values are "news" --- lib/newsuser.c (révision 9953) +++ lib/newsuser.c (copie de travail) @@ -69,14 +69,16 @@ if (geteuid() == 0) { if (! may_setuid) { /* NB: mustn't be run as root, unless "may_setuid" is true. */ - die("must be run as %s, not as root", innconf->runasuser); + die("must be run as %s, not as root", + innconf != NULL ? innconf->runasuser : RUNASUSER); } if (setuid(uid) < 0) { sysdie("failed to setuid"); } } if (geteuid() != uid || getuid() != uid) { - die("must be run as %s", innconf->runasuser); + die("must be run as %s", + innconf != NULL ? innconf->runasuser : RUNASUSER); } } @@ -95,7 +97,8 @@ } } if (getegid() != gid || getgid() != gid) { - die ("must be run as %s group", innconf->runasgroup); + die ("must be run as %s group", + innconf != NULL ? innconf->runasgroup : RUNASGROUP); } } > I still need to figure out why the ensure_news_user() logic fails when > it is run as root. Perhaps because of --enable-uucp-rnews that installs rnews setuid news? Then the effective UID returned by geteuid() is not root, and the logic fails. I bet it explains why rnews previously did not use the existing ensure_news_user() function. Setuid programs are not supposed to use it. Suggestion of patch: --- frontends/rnews.c (révision 9953) +++ frontends/rnews.c (copie de travail) @@ -861,7 +861,14 @@ other setups where rnews might be setuid news or be run by other processes in the news group. */ if (getuid() == 0 || geteuid() == 0) { - ensure_news_user(true); + uid_t uid; + + /* Do not use ensure_news_user() because it will fail to deal + * with the case of rnews being setuid news. */ + get_news_uid_gid(&uid, false, true); + if (setuid(uid) < 0) { + sysdie("failed to setuid"); + } } if (!innconf_read(NULL)) I believe it will fix Marcus' issue. If confirmed, I can commit it upstream for INN 2.6.1. -- Julien ÉLIE « – Il est parti comme il est venu… – Il ne faisait que passer… » (Astérix)
