Bug#333066: start stop daemon doesn't work with chroot nor path support (patch joined)
Package: dpkg Version: 1.13.11 When I run : start-stop-daemon --start --chroot /var/chroot/somewhere -c someuser:somegroup --exec /bin/somebin And I get a start-stop-daemon: stat /bin/somebin: No such file or directory Because the /bin/somebin doesn't exist in my real tree, only in chroot, and start-stop-daemon does the stat on file before the chroot... I made a previous patch (not take in care and lot tested) to do the check after chroot. This time I make a new bug report with attached patch and new improvement. My patch support now to search the binary in the PATH. Please apply this patch I have tested it a lot, if you don't want PATH support, just reduce the execstat() fuction to this (as it was before): if (execname && stat(execname, &exec_stat)) fatal("stat %s: %s", execname, strerror(errno)); This bug is related to (but this bug report, only complain about stat in chroot without path support): http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318771 diff -urNp dpkg-1.13.11/utils/start-stop-daemon.c.orig dpkg-1.13.11/utils/start-stop-daemon.c --- dpkg-1.13.11/utils/start-stop-daemon.c.orig 2005-10-10 09:42:06.196042944 +0200 +++ dpkg-1.13.11/utils/start-stop-daemon.c 2005-10-10 09:45:38.539761792 +0200 @@ -1166,6 +1166,46 @@ x_finished: } } +static int +execstat(void) +{ + if (execname && stat(execname, &exec_stat)) + { + char* tmp; + char* path = strdup((const char *)getenv("PATH")); + if (path[0] == 0) + return 1; + else + { + if (strchr(path, ':') != NULL) + { +while ((tmp = strsep(&path, ":"))) +{ + char* buf = malloc((strlen(tmp)+strlen(execname)+2)*sizeof(char)); + sprintf(buf, "%s/%s", tmp, execname); + if (execname && !stat(buf, &exec_stat)) + { + startas = buf; + return 0; + } +} + } + else + { +char* buf = malloc((strlen(path)+strlen(execname)+2)*sizeof(char)); +sprintf(buf, "%s/%s", path, execname); +if (execname && !stat(buf, &exec_stat)) +{ + startas = buf; + return 0; +} +return 1; + } + } + } + + return 0; +} int main(int argc, char **argv) @@ -1180,7 +1220,7 @@ main(int argc, char **argv) argc -= optind; argv += optind; - if (execname && stat(execname, &exec_stat)) + if (changeroot == NULL && execstat()) fatal("stat %s: %s", execname, strerror(errno)); if (userspec && sscanf(userspec, "%d", &user_id) != 1) { @@ -1283,6 +1323,8 @@ main(int argc, char **argv) fatal("Unable to chdir() to %s", changeroot); if (chroot(changeroot) < 0) fatal("Unable to chroot() to %s", changeroot); + if (execstat()) + fatal("stat %s: %s", execname, strerror(errno)); } if (chdir(changedir) < 0) fatal("Unable to chdir() to %s", changedir);
Bug#318771: I try the patch and it work perfect!!!
You could merge it, it's perfectly working -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#318771: Stupid check in start-stop-daemon that make it impossible to use for chroot
Package: dpkg Version: 1.10.28 architecture : i386 I have notice a case where start-stop daemon is blocking what should work. I have to start a service called for example : dangerous So i build a chroot in something like /var/chroot/dangerous Then I build the tree : dangerous |-- bin | |-- false | `-- dangerous |-- etc | |-- resolv.conf | `-- dangerous | |-- dbconfig | |-- logs | | `-- net_out.log | |-- plugins | | `-- libluaplugin.so | |-- scripts | | |-- start.lua | | |-- sometext.txt | `-- triggers | |-- happy | |-- linux | |-- lol | |-- moon | |-- house | |-- mouse | `-- wazzup |-- lib | |-- ld-linux.so.2 | |-- libGeoIP.so.1 | |-- libc.so.6 | |-- libcrypt.so.1 | |-- libcrypto.so.0.9.7 | |-- libdl.so.2 | |-- libgcc_s.so.1 | |-- liblua50.so.5.0 | |-- liblualib50.so.5.0 | |-- libluasocket.so.2.0 | |-- libm.so.6 | |-- libmysqlclient.so.12 | |-- libnsl.so.1 | |-- libnss_dns.so.2 | |-- libpcre.so.3 | |-- libpthread.so.0 | |-- libresolv.so.2 | |-- libssl.so.0.9.7 | |-- libstdc++.so.5 | |-- libverlihub.so.0 | |-- libvhapi.so.0 | `-- libz.so.1 `-- usr `-- share |-- GeoIP | `-- GeoIP.dat `-- lua50 `-- luasocket.lua Then I try to start my program with a : start-stop-daemon --start --chroot /var/chroot/dangerous -c verlihub:nogroup --exec /bin/dangerous And I get a start-stop-daemon: stat /bin/dangerous: No such file or directory It'a a few stupid no ? I strace it ans see that the check if binary exist is done before the chroot and it will never works if the binary is not present at same place in the system... I made a small change, if it could be included in next release of dpkg it would be great --- utils/start-stop-daemon.c.bak 2004-11-11 04:16:35.0 +0100 +++ utils/start-stop-daemon.c 2005-07-17 17:27:43.633164200 +0200 @@ -1156,8 +1156,10 @@ main(int argc, char **argv) argc -= optind; argv += optind; - if (execname && stat(execname, &exec_stat)) - fatal("stat %s: %s", execname, strerror(errno)); + if (changeroot == NULL) { + if (execname && stat(execname, &exec_stat)) + fatal("stat %s: %s", execname, strerror(errno)); + } if (userspec && sscanf(userspec, "%d", &user_id) != 1) { struct passwd *pw; @@ -1259,6 +1261,8 @@ main(int argc, char **argv) fatal("Unable to chdir() to %s", changeroot); if (chroot(changeroot) < 0) fatal("Unable to chroot() to %s", changeroot); + if (execname && stat(execname, &exec_stat)) + fatal("stat %s: %s", execname, strerror(errno)); } if (chdir(changedir) < 0) fatal("Unable to chdir() to %s", changedir); ps : I don't wan't to try braking my sarge by upgrading my version of dpkg to a personal one, so if an updated package with could be avaible on (even if) an unofficial mirror I would be happy... ps2 : maybe a nocheck option that avoid check of process and so on could avoid such trouble in future... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]