at/batch broken

Thomas E. Spanjaard tgen at netphreax.net
Sun Jan 7 01:26:22 PST 2007


YONETANI Tomokazu wrote:
The problem: at or batch command fails to accept a new schedule
because it fails to create a lock file /var/at/jobs/.lockfile.
The bug exists in 1.4/1.6 releases too.
I remember having to touch the .lockfile and .SEQ before being able to 
use at(1) as well, on at least as early as 1.3.

The root cause is, as I posted in that thread, second call to setreuid()
fails if you don't close a file descriptor you opened right after the
first call to setreuid(real_uid, effective_uid) with the same argument
fails, whether you close the descriptor or not.  I'm attaching the sample
code again.  It fails on DragonFly, but succeeds on FreeBSD.  I looked
around in the kernel code but I couldn't find any description that it's
a security feature specific to DragonFly.
No idea, but I also haven't looked at any code...

Cheers,
--
        Thomas E. Spanjaard
        tgen at netphreax.net
Attachment:
signature.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pgp00005.pgp
Type: application/octet-stream
Size: 186 bytes
Desc: "Description: OpenPGP digital signature"
URL: <http://lists.dragonflybsd.org/pipermail/bugs/attachments/20070107/a283527a/attachment-0018.obj>


More information about the Bugs mailing list