Hiromasa YOSHIMOTO <hiromasa.yoshim...@gmail.com> writes: > I wrote small program to reproduce this issue. > Could you check and try the attached code? > The step is: > $ gcc check.c -lcap -omain > $ cp main sub # "sub" corresponds to insmod that > causes EPERM > $ sudo chown 0.0 main > $ sudo chmod u+s main # "main" corresponds to nvidia-modprobe > $ ./main
> This is what I get: > ./main euid: 0 # root privilege > CAP_SYS_MODULE: 1 # has capability > ./sub euid: 1000 # lost root privilege (1000 is my uid) > CAP_SYS_MODULE: 0 # the cap. is removed. > Strictly, I use dash as /bin/sh > but CAP_SYS_MODULE is dropped when system() is used. I believe dash will drop privileges if euid != uid. See: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734869 The workaround is to call setuid(0) in the parent program before you call modprobe, or otherwise arrange for euid == uid. -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>