From owner-freebsd-ports-bugs@freebsd.org Fri Aug 9 17:01:20 2019 Return-Path: Delivered-To: freebsd-ports-bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D635FCD218 for ; Fri, 9 Aug 2019 17:01:20 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 464s2m5J8rz3J2s for ; Fri, 9 Aug 2019 17:01:20 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id B40E0CD217; Fri, 9 Aug 2019 17:01:20 +0000 (UTC) Delivered-To: ports-bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B3C74CD216 for ; Fri, 9 Aug 2019 17:01:20 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 464s2m4MTFz3J2r for ; Fri, 9 Aug 2019 17:01:20 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 7912B18B8D for ; Fri, 9 Aug 2019 17:01:20 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x79H1Ko3000974 for ; Fri, 9 Aug 2019 17:01:20 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x79H1KHL000973 for ports-bugs@FreeBSD.org; Fri, 9 Aug 2019 17:01:20 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 239746] net-mgmt/zabbix4-server: Unable to stop service since 4.0.11 update Date: Fri, 09 Aug 2019 17:01:19 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: chris@chrullrich.net X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ports-bugs@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter cc flagtypes.name Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Aug 2019 17:01:20 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D239746 Bug ID: 239746 Summary: net-mgmt/zabbix4-server: Unable to stop service since 4.0.11 update Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: ports-bugs@FreeBSD.org Reporter: chris@chrullrich.net CC: pg@pakhom.spb.ru Flags: maintainer-feedback?(pg@pakhom.spb.ru) CC: pg@pakhom.spb.ru Related bug report: https://support.zabbix.com/browse/ZBX-16460 A change in Zabbix 4.0.11 and 4.2.5 is causing trouble when stopping the ag= ent, proxy, and server daemons. These versions changed the way the daemons are stopped, and the new implementation is affected by the security.bsd.conservative_signals sysctl under certain circumstances. Everything below uses the agent as an example, but it applies to the other services as well. The problem occurs when all of the below are true: - zabbix_agentd_user is not set to "zabbix" (it is not set at all by defaul= t). - The rc script provided by the port is used. The net-mgmt/zabbix4{,2}-{agent,proxy,server} ports provide their own rc script. This script has its own implementation of $start_cmd that extends $= PATH (at least for agent and server, the initialization is missing from the proxy ports) with the contents of $zabbix_*_paths. This is a bug because it entirely ignores any potentially set $zabbix_agent_user variable. Even though _user variables are infrequently u= sed, they should still be obeyed. Because of this bug, the services are always started as the user executing = the rc script, i.e. root, even if apparently overridden by setting the _user variable. They then setuid() to the user name their own configuration specifies, which is "zabbix" in the ports. In this situation, stopping the services does not work if the security.bsd.conservative_signals sysctl is enabled, which it has been by default for the entire 14 years of its existence. The Zabbix services each run multiple copies of themselves, with the parent process managing them. To stop the service, this parent process receives a SIGTERM and reacts by sending first SIGUSR2 to its children, followed by SIGABRT. _If_ it setuid()d itself, however, sending SIGABRT to its children fails with EPERM due to the sysctl. A simple workaround for this issue is to set $zabbix_agentd_user to "zabbix= " so the service process does not setuid() itself, except that this is impossible because the rc script ignores the variable. I'm honestly not sure whether the underlying cause isn't a bug in FreeBSD. = The kill(2) man page says that the sysctl prevents signals not on the whitelist from being sent to a setuid process. In this case, the receiving processes apparently inherit the setuid status from their parent through the fork(), = and that may not be entirely correct. On the other hand, it might also be a bug in Zabbix, in that it uses a sign= al not on the whitelist in a situation with setuid processes. Suggested fix: - Remove the $zabbix_agentd_paths rc variable and use $zabbix_agentd_env instead. - Remove the zabbix_agentd_cmd() function from the port-provided rc script. - Default the $zabbix_agentd_user rc variable to "zabbix" (the same user as= in the sample configuration files). --=20 You are receiving this mail because: You are the assignee for the bug.=