From owner-freebsd-current@FreeBSD.ORG Sat Dec 16 11:25:55 2006 Return-Path: X-Original-To: current@freebsd.org Delivered-To: freebsd-current@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id B83AB16A407; Sat, 16 Dec 2006 11:25:55 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6B26A43C9E; Sat, 16 Dec 2006 11:25:55 +0000 (GMT) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [209.31.154.41]) by cyrus.watson.org (Postfix) with ESMTP id 2143C46EA9; Sat, 16 Dec 2006 06:25:55 -0500 (EST) Date: Sat, 16 Dec 2006 11:25:55 +0000 (GMT) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: Andrey Chernov In-Reply-To: <20061216111656.GA7501@nagual.pp.ru> Message-ID: <20061216112117.P72986@fledge.watson.org> References: <20061216055903.GA2712@nagual.pp.ru> <20061216111656.GA7501@nagual.pp.ru> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: dinoex@freebsd.org, umq@ueo.co.jp, current@freebsd.org Subject: Re: sysv_ipc.c broken in v1.30 (was Re: sysvshm appearse broken in -current) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 16 Dec 2006 11:25:55 -0000 On Sat, 16 Dec 2006, Andrey Chernov wrote: > The only place where EACCES may come is ipcperm() which was significally > touched last time at: > > revision 1.30 > date: 2006/11/06 13:42:01; author: rwatson; state: Exp; lines: +65 -37 > Sweep kernel replacing suser(9) calls with priv(9) calls, assigning > specific privilege names to a broad range of privileges. These may > require some future tweaking. > > Sponsored by: nCircle Network Security, Inc. > Obtained from: TrustedBSD Project > Discussed on: arch@ > Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri, > Alex Lyashkov , > Skip Ford , > Antoine Brodin Yes, you can find the details in kern/106078. The thrust of the problem is that applications apparently pass access mode arguments to shmget() in situations other than file creation, which isn't documented in the spec. I've been doing a bit of on-and-off research on this, but need to do some more before I'm ready to change our implementation to simply ignore the argument. I hope to look at it again this week sometime; it's unclear to me what applications are trying to accomplish with the mode field in the non-IPC_CREAT case, and none of the man pages and documentation I've found on various UNIX systems to date suggest anything in particular. Robert N M Watson Computer Laboratory University of Cambridge > > > On Sat, Dec 16, 2006 at 08:59:03AM +0300, Andrey Chernov wrote: >> It seems shm is broken in very recent -current. >> Trying to build dkim-milter or dk-milter port (from root, of course) I >> got: >> >> ./t-shm >> shmget: Permission denied >> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ >> shminit failed: Permission denied >> 1..bad! t-shm.c:260 r == 0 >> add -DSM_CONF_SHM=0 to confENVDEF in devtools/Site/site.config.m4 >> and start over. >> 0 of 1 tests completed successfully >> *** 1 error in test! *** >> 2..bad! t-shm.c:177 cnt <= MAX_CNT >> add -DSM_CONF_SHM=0 to confENVDEF in devtools/Site/site.config.m4 >> and start over. >> 4 of 5 tests completed successfully >> *** 1 error in test! *** > > > -- > http://ache.pp.ru/ >