Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 24 Oct 2006 02:27:02 -0700
From:      Maxim Sobolev <sobomax@FreeBSD.org>
To:        Ruslan Ermilov <ru@FreeBSD.org>
Cc:        cvs-src@FreeBSD.org, src-committers@FreeBSD.org, Robert Watson <rwatson@FreeBSD.org>, cvs-all@FreeBSD.org
Subject:   Re: cvs commit: src/usr.bin/su su.c
Message-ID:  <453DDC66.9020501@FreeBSD.org>
In-Reply-To: <20061024084753.GA65029@rambler-co.ru>
References:  <200610240818.k9O8IATH022313@repoman.freebsd.org> <20061024084753.GA65029@rambler-co.ru>

next in thread | previous in thread | raw e-mail | index | archive | help
I am trying to run ia32 su(8) binary on amd64 kernel.

-Maxim

Ruslan Ermilov wrote:
> On Tue, Oct 24, 2006 at 08:18:10AM +0000, Maxim Sobolev wrote:
>> sobomax     2006-10-24 08:18:10 UTC
>>
>>   FreeBSD src repository
>>
>>   Modified files:
>>     usr.bin/su           su.c 
>>   Log:
>>   Ignore SIGSYS when BSM is compiled in. Otherwise, attempt to invoke su on
>>   system that don't have audit framefork compiled into kernel or ia32 binary
>>   on amd64 system will result in SIGSYS. There is one place in su.c itself
>>   where it tries to check for errno != ENOSYS, but it has been a nop since su
>>   does not catch SIGSYS anyway. There are few other places in libbsm,
>>   where attempt to invoke audit syscal would result in SIGSYS if no audit
>>   support is present in the kernel, so that the only reliable method for
>>   now is to disable SIGSYS completely in the case when BSM is compiled in.
>>   
>>   In the long run, both direct invocation of audit-related syscalls and
>>   libbsm should be made more intellegent to handle the case when BSM is not
>>   compiled into the kernel gracefully.
>>   
>>   MFC after: 3 days
>>              (provided re@ approval)
>>   
>>   Revision  Changes    Path
>>   1.82      +2 -0      src/usr.bin/su/su.c
>>
> I don't have "options AUDIT" compiled into my amd64/i386 kernels, and
> "truss su" shows this (on amd64):
> 
> : geteuid()                                        = 0 (0x0)
> : getauid(0x7fffffffe4fc)                          ERR#78 'Function not implemented'
> 
> The audit_syscalls.c is always compiled in:
> 
> : # grep audit_syscalls /sys/conf/files
> : security/audit/audit_syscalls.c standard
> 
> And in the "#else /* !AUDIT *" case, it just returns ENOSYS:
> 
> : int
> : getauid(struct thread *td, struct getauid_args *uap)
> : {
> : 
> :         return (ENOSYS);
> : }
> 
> How that could result in SIGSYS, I don't get it?
> 
> 
> Cheers,




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?453DDC66.9020501>