Re: [chrony-dev] Seccomp issue on Alpine linux

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-dev Archives ]

To: chrony-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [chrony-dev] Seccomp issue on Alpine linux
From: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date: Wed, 31 May 2023 16:42:56 +0200
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1685544179; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=zMuPZRdJZwyQWli47f/tz+okMZYvurBG2o/1ONcsfR4=; b=JYiwtRZcDYXdobgdjypiAhMFVYuSVu+3h02vBDMgtr+3Te1Y5mqPRwCGVlQJY3c41/qo0B fCzzbB+n3OvvKiY40EOattVzCbNzkmH5sRwnDsRENHnm9zzZ3WckgpqORJGkOoVuPJccpm c98p/fVY+HejkCc6UTO1wet3O0w1w+c=

On Wed, May 31, 2023 at 04:28:51PM +0200, jvoisin wrote:
> alpine:/home/jvoisin/chrony/test/system# cat tmp/chronyd.log
> 2023-05-31T14:28:33Z chronyd version DEVELOPMENT starting (+CMDMON +NTP
> +REFCLOCK +RTC -PRIVDROP +SCFILTER +SIGND +ASYNCDNS -NTS -SECHASH +IPV6
> -DEBUG)
> 2023-05-31T14:28:33Z Wrong owner of /home/jvoisin/chrony/test/system/tmp
> (GID != 0)
> 2023-05-31T14:28:33Z Disabled command socket
> /home/jvoisin/chrony/test/system/tmp/chronyd.sock

It seems the tmp directory is being created with a different group than 0
(root). Is it a wheel group?

Can you please try it again with this patch?

diff --git a/test/system/test.common b/test/system/test.common
index 7005c9e1..aa48ac67 100644
--- a/test/system/test.common
+++ b/test/system/test.common
@@ -42,6 +42,8 @@ test_start() {
                su "$user" -s /bin/sh -c "touch $TEST_DIR/test" 2> /dev/null || \
                        test_skip "$user cannot access $TEST_DIR"
                rm "$TEST_DIR/test"
+       else
+               chown 0:0 "$TEST_DIR" || test_skip "could not chown $TEST_DIR"
        fi
 
        echo "Testing $*:"

-- 
Miroslav Lichvar


-- 
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.

Follow-Ups:
- Re: [chrony-dev] Seccomp issue on Alpine linux
  - From: jvoisin

References:
- [chrony-dev] Seccomp issue on Alpine linux
  - From: jvoisin
- Re: [chrony-dev] Seccomp issue on Alpine linux
  - From: Miroslav Lichvar
- Re: [chrony-dev] Seccomp issue on Alpine linux
  - From: jvoisin
- Re: [chrony-dev] Seccomp issue on Alpine linux
  - From: Miroslav Lichvar
- Re: [chrony-dev] Seccomp issue on Alpine linux
  - From: jvoisin
- Re: [chrony-dev] Seccomp issue on Alpine linux
  - From: jvoisin
- Re: [chrony-dev] Seccomp issue on Alpine linux
  - From: Miroslav Lichvar
- Re: [chrony-dev] Seccomp issue on Alpine linux
  - From: jvoisin

Messages sorted by: [ date | thread ]
Prev by Date: Re: [chrony-dev] Seccomp issue on Alpine linux
Next by Date: [chrony-dev] libchrony
Previous by thread: Re: [chrony-dev] Seccomp issue on Alpine linux
Next by thread: Re: [chrony-dev] Seccomp issue on Alpine linux

Mail converted by MHonArc 2.6.19+

http://listengine.tuxfamily.org/