Bug 734 - Do not log an error when the PID file cannot be chown'ed
Do not log an error when the PID file cannot be chown'ed
Status: RESOLVED FIXED
Product: unbound
Classification: Unclassified
Component: server
1.5.7
x86_64 Linux
: P5 enhancement
Assigned To: unbound team
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-01-12 01:13 CET by Simon Deziel
Modified: 2016-01-26 15:11 CET (History)
3 users (show)

See Also:


Attachments
turn PID chown failure into a debug message (476 bytes, patch)
2016-01-12 01:13 CET, Simon Deziel
Details | Diff
Only chown PID if inside the chroot (1.57 KB, patch)
2016-01-26 05:42 CET, Simon Deziel
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Simon Deziel 2016-01-12 01:13:32 CET
Created attachment 313 [details]
turn PID chown failure into a debug message

Hello,

Since some version in 1.5.x, Unbound attempts to chown the PID file to the low priv user. As I understand it, this is to allow the low priv user to attempt a deletion when the daemon stops. This deletion can fail (PID outside of chroot for example) and this is not fatal, so far so good.

On Debian/Ubuntu, the PID always resides outside of the chroot so it's moot to chown it because it can never be deleted. As such, I would like the PID chown'ing failure to be turned into a debug log instead of an error.

This would make it possible to deny chown/dac_override caps to the daemon completely even when running as root. This is what https://code.launchpad.net/~sdeziel/apparmor-profiles/unbound-refresh/+merge/282230 is about.

Please consider the attached patch.

Best regards,
Simon
Comment 1 Wouter Wijngaards 2016-01-12 09:05:23 CET
Hi Simon,

Thank you for the patch.  That makes sense, not log an error for this.  I have committed the patch to the code repository.

Best regards, Wouter
Comment 2 Simon Deziel 2016-01-26 05:42:37 CET
Created attachment 322 [details]
Only chown PID if inside the chroot

Wouter, sorry for the delay. Would you mind considering this follow-up patch?

It changes the behavior to only chown the PID if it resides inside the chroot or if no chroot is defined. This has the benefit of not using CAP_CHOWN on a default Ubuntu setup.

Best regards,
Simon
Comment 3 Wouter Wijngaards 2016-01-26 09:05:27 CET
Hi Simon,

Yes of course, thank you for the patch.  I have committed it.

Best regards, Wouter
Comment 4 Simon Deziel 2016-01-26 15:11:37 CET
Thank you!