Bug#462110: tor: Fails to install because fails to start because calls initgroups() after setuid()

Tue, 22 Jan 2008 08:05:50 -0800 

Package: tor
Version: 0.1.2.19-1

[EMAIL PROTECTED]:~$ sudo dpkg --configure tor
Setting up tor (0.1.2.19-1) ...
debian-tor uid check: ok
debian-tor homedir check: ok
Raising maximum number of filedescriptors (ulimit -n) to 8192.
Starting tor daemon: tor...
start-stop-daemon: Unable to set initgroups() with gid 114 (Operation not 
permitted)
invoke-rc.d: initscript tor, action "start" failed.
dpkg: error processing tor (--configure):
 subprocess post-installation script returned error exit status 2
Errors were encountered while processing:
 tor
[EMAIL PROTECTED]:~$ sudo /etc/init.d/tor start
Raising maximum number of filedescriptors (ulimit -n) to 8192.
Starting tor daemon: tor...
start-stop-daemon: Unable to set initgroups() with gid 114 (Operation not 
permitted)

strace extract:

[pid 14502] open("/var/run/tor/tor.pid", O_RDONLY|O_LARGEFILE) = -1 ENOENT (No 
such file or directory)
[pid 14502] chdir("/")                  = 0
[pid 14502] getuid32()                  = 0
[pid 14502] setuid32(114)               = 0
[pid 14502] getgid32()                  = 0
[pid 14502] getgroups32(0, NULL)        = 1
[pid 14502] getgroups32(1, [0])         = 1
[pid 14502] open("/proc/sys/kernel/ngroups_max", O_RDONLY) = 3
[pid 14502] read(3, "65536\n", 31)      = 6
[pid 14502] close(3)                    = 0
[pid 14502] open("/etc/group", O_RDONLY|0x80000 /* O_??? */) = 3
(...)
[pid 14502] close(3)                    = 0
[pid 14502] setgroups32(1, [114])       = -1 EPERM (Operation not permitted)

I think it is customary to call initgroups() _before_ calling setuid
precisely because only root can call setuid().

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.22-2-686 (SMP w/1 CPU core)
Locale: LANG=fr_LU.UTF-8, LC_CTYPE=fr_LU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages tor depends on:
ii  adduser                3.105             add and remove users and groups
ii  libc6                  2.7-6             GNU C Library: Shared libraries
ii  libevent1              1.3e-1            An asynchronous event notification
ii  libssl0.9.8            0.9.8g-4          SSL shared libraries
ii  tsocks                 1.8beta5-6        transparent network access through
ii  zlib1g                 1:1.2.3.3.dfsg-11 compression library - runtime

Versions of packages tor recommends:
ii  privoxy                       3.0.7-1    Privacy enhancing HTTP Proxy
ii  socat                         1.6.0.0-1  multipurpose relay for bidirection

-- no debconf information



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to