Re: [hylafax-users] login error 550 cannot set privileges

[Aidan Van Dyk <aidan@xxxxxxxx>]

* Giuseppe Sacco <giuseppe@xxxxxxxxxxxxxxxxxxxxxxxxx> [080216 04:40]:
> Ciao Gianluca,
> 
> On Fri, 15 Feb 2008 18:20:43 +0100 GianLuca Sarto <glsarto@xxxxxxxxxx> wrote:
> > Aidan Van Dyk wrote:
> > > * GianLuca Sarto <glsarto@xxxxxxxxxx> [080215 04:24]:
> [...]
> > > Now, we are running as "uucp (uid 10), so we need to go back to root
> > > temporarily to chroot and lock ourself up:
> > >   
> > >> 10:12:14.341270 geteuid()               = 10 <0.000008>
> > >> 10:12:14.341320 setresuid(-1, 0, -1)    = 0 <0.000012>
> > >
> > > So going back to euid of root worked, but:
> > >   
> > >> 10:12:14.341377 chroot(".")             = -1 EPERM (Operation not permitted) <0.000013>
> > >
> > > chroot failed, as well as trying to back to uucp again:
> [...]
> 
> could you please display how your /var/spool/hylafax filesystem is mounted?

The interesting thin is that if it does a "hylafax restart", it all
starts working again.

So, I'm not familar with "Capability LSM" that Ubuntu seems to be using,
but I had pick something from nowhere, I would guess that when it's
started via the normal system stuff, it's got some "capability" limit on
it, but when "started" from an "unrestricted" root ssh/shell session,
that limit isn't enforced...


-- 
Aidan Van Dyk                                             aidan@xxxxxxxx
Senior Software Developer                          +1 215 825-8700 x8103
iFAX Solutions, Inc.                                http://www.ifax.com/

Attachment: signature.asc
Description: Digital signature