Re: Potential regression in -git15: can't resume stopped rootshell?

From: Theodore Tso
Date: Sun Oct 21 2007 - 20:58:43 EST

Next message: Roel Kluin: "[PATCH] return hidden bug"
Previous message: Randy Dunlap: "Re: tristate and bool not enogh for Kconfig anymore"
In reply to: Theodore Tso: "Potential regression in -git15: can't resume stopped root shell?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Oct 20, 2007 at 02:58:06PM -0400, Theodore Tso wrote:
> I was testing 2.6.23-git15, and I'm noticing that if I su to root, then
> suspend the root shell, and try continue it via "fg", it hangs. The ps
> command reports:
>
> 15806 6386 19 0 4012 wait Ss pts/0 00:00:00 bash
> 0 6444 19 0 1232 finish_stop T+ pts/0 00:00:00 /bin/su -p
> 0 6445 19 0 3696 finish_stop T pts/0 00:00:00 bash
> 15806 6571 19 0 776 pipe_wait S+ pts/1 00:00:00 grep pts/0
>
> This works under 2.6.23. I am running Ubuntu Gutsy running in a
> gnome-terminal, with bash as my login shell. I can suspend a zsh or
> bash shell where I haven't su'ed to root. But if the shell is started
> using either su or sudo, when I try to resume it after suspending
> using the "suspend" command via "fg", I get a hung shell.
>
> I haven't had time to bisect it yet, but I thought I'd throw it out
> there in case this rings a bell with anybody...

OK, I bisected, and it turns out to be a bug, but not a regression.
Turns out the responsible commit is:

commit b53767719b6cd8789392ea3e7e2eb7b8906898f0
Author: Serge E. Hallyn <serue@xxxxxxxxxx>
Date: Tue Oct 16 23:31:36 2007 -0700

Implement file posix capabilities

Implement file posix capabilities. This allows programs to be given a
subset of root's powers regardless of who runs them, without having to use
setuid and giving the binary all of root's powers.....

Once I turned this up, I turned went back to -git15, and turned off
CONFIG_SECURITY_FILE_CAPABILITIES, and the problem went away. Oh,
well, I had wanted to try out file capabilities, which is why I had
turned the option on, but being able to resume suspended root shells
is more important. :-)

Serge, can you take a look at this, please? Thanks!!

- Ted
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Roel Kluin: "[PATCH] return hidden bug"
Previous message: Randy Dunlap: "Re: tristate and bool not enogh for Kconfig anymore"
In reply to: Theodore Tso: "Potential regression in -git15: can't resume stopped root shell?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]