From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: * X-Spam-Status: No, score=1.0 required=5.0 tests=DKIM_ADSP_DISCARD,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI autolearn=no autolearn_force=no version=3.4.4 Received: from tb-ob0.topicbox.com (tb-ob0.topicbox.com [64.147.108.117]) by inbox.vuxu.org (Postfix) with ESMTP id 5DDF02CA59 for ; Wed, 2 Oct 2024 13:52:21 +0200 (CEST) Received: from tb-mx1.topicbox.com (tb-mx1.nyi.icgroup.com [10.90.30.61]) by tb-ob0.topicbox.com (Postfix) with ESMTP id 7978C31383 for ; Wed, 2 Oct 2024 07:52:20 -0400 (EDT) (envelope-from bounce.mM282a14adec97c116c82111a3.r81958daa-7202-11ef-bbf2-18142b2d11b0@illumos.bounce.topicbox.com) Received: by tb-mx1.topicbox.com (Postfix, from userid 1132) id 741BA237A98A; Wed, 2 Oct 2024 07:52:20 -0400 (EDT) ARC-Authentication-Results: i=2; topicbox.com; arc=pass; dkim=pass (1024-bit rsa key sha256) header.d=fiddaman.net header.i=@fiddaman.net header.b=h6UiZZdp header.a=rsa-sha256 header.s=boomer x-bits=1024; dmarc=none policy.published-domain-policy=none policy.applied-disposition=none policy.evaluated-disposition=none (p=none,d=none,d.eval=none) policy.policy-from=p header.from=fiddaman.net; spf=pass smtp.mailfrom="prvs=100553a015=illumos@fiddaman.net" smtp.helo=mail.citrus-it.net; x-internal-arc=fail (as.1.topicbox.com=pass, ams.1.topicbox.com=fail (message has been altered)) (Message modified while forwarding at Topicbox) ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d= topicbox.com; h=date:from:to:message-id:mime-version :content-type:list-help:list-id:list-post:list-subscribe :reply-to:subject:content-transfer-encoding:list-unsubscribe; s= sysmsg-1; t=1727869940; bh=QJDdLytuJTfYEgP2V/u3MQCvuHbc6aJxeoDgp RRm0HQ=; b=HztfHh1iBwPSmMYF7D8wZ4+sToO5dQPnELNEZpXhDY4rF8fmLVq41 0U+fP3kFikcXpYh/aqlsgDOFsuCWCnqF1xAbcOMZcSkm7lArZ7rsCPNy6kjkaHyK fTkAqC9LFh3irpWTDNeFHD2j7QbFcJ/ZWELmPF5Nh1biMP4b8186hg= ARC-Seal: i=2; a=rsa-sha256; cv=pass; d=topicbox.com; s=sysmsg-1; t= 1727869940; b=i+TEZ9HKuwKc7WMZa9dpSeobhrtVONQ2AdvD8XM0L9zm6NS6k3 bidgN+TdJqpqblKK/faVwKsz6XuB59DzC9lQOBNhFgO/g8SUhmhIM89Hog5lkagY 5iVOSuJioojLpg7xC+DeBMibKcJHiUFGRAM1sdUAes3bdPIZS/nI1qjdk= Authentication-Results: topicbox.com; arc=pass; dkim=pass (1024-bit rsa key sha256) header.d=fiddaman.net header.i=@fiddaman.net header.b=h6UiZZdp header.a=rsa-sha256 header.s=boomer x-bits=1024; dmarc=none policy.published-domain-policy=none policy.applied-disposition=none policy.evaluated-disposition=none (p=none,d=none,d.eval=none) policy.policy-from=p header.from=fiddaman.net; spf=pass smtp.mailfrom="prvs=100553a015=illumos@fiddaman.net" smtp.helo=mail.citrus-it.net; x-internal-arc=fail (as.1.topicbox.com=pass, ams.1.topicbox.com=fail (message has been altered)) (Message modified while forwarding at Topicbox) X-Received-Authentication-Results: citrusmail; dkim=pass header.i=@fiddaman.net X-Received-Authentication-Results: tb-mx0.topicbox.com; arc=none (no signatures found); bimi=skipped (DMARC did not pass); dkim=pass (1024-bit rsa key sha256) header.d=fiddaman.net header.i=@fiddaman.net header.b=h6UiZZdp header.a=rsa-sha256 header.s=boomer x-bits=1024; dmarc=none policy.published-domain-policy=none policy.applied-disposition=none policy.evaluated-disposition=none (p=none,d=none,d.eval=none) policy.policy-from=p header.from=fiddaman.net; iprev=pass smtp.remote-ip=89.248.55.103 (mail.citrus-it.net); spf=pass smtp.mailfrom="prvs=100553a015=illumos@fiddaman.net" smtp.helo=mail.citrus-it.net; x-aligned-from=domain_pass (Domain match); x-me-sender=none; x-ptr=pass smtp.helo=mail.citrus-it.net policy.ptr=mail.citrus-it.net; x-return-mx=pass header.domain=fiddaman.net policy.is_org=yes (MX Records found: mail21.citrus-it.net,mail30.citrus-it.net,mail98.citrus-it.net,mail99.citrus-it.net); x-return-mx=pass smtp.domain=fiddaman.net policy.is_org=yes (MX Records found: mail21.citrus-it.net,mail30.citrus-it.net,mail98.citrus-it.net,mail99.citrus-it.net); x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES256-GCM-SHA384 smtp.bits=256/256; x-vs=clean score=0 state=0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=lists.illumos.org; h= date:from:to:message-id:mime-version:content-type:list-help :list-id:list-post:list-subscribe:reply-to:subject :content-transfer-encoding:list-unsubscribe; s=dkim-1; t= 1727869940; x=1727956340; bh=w+JX+bUFOQEPeM/ME4dVA+m95YrY5wdW3sM N8Fv9lYM=; b=DVORK0qptPJvzAvPrUxs7EV7cp+d5VN0OzGkUHKigc/XE4JmTir CmYcRoVzZXY85Bki+yO9ASU/KpORrrHe+Zn+Vp+VccjHJAZzAoc40t7TJw1qI+DO AGhtBQNwOSdIqGQotn9F5ir/Uooc8zTrrBV/fG+WxBFJfSqBRieYat4k= Received: from tb-mx0.topicbox.com (localhost.local [127.0.0.1]) by tb-mx0.topicbox.com (Postfix) with ESMTP id 4886E27EE7AC for ; Wed, 2 Oct 2024 07:50:14 -0400 (EDT) (envelope-from prvs=100553a015=illumos@fiddaman.net) Received: from tb-mx0.topicbox.com (localhost [127.0.0.1]) by tb-mx0.topicbox.com (Authentication Milter) with ESMTP id 11A2C39EB10; Wed, 2 Oct 2024 07:50:14 -0400 ARC-Seal: i=1; a=rsa-sha256; cv=none; d=topicbox.com; s=arcseal; t= 1727869814; b=f5E5mNAPPoQsrO/6O2XdMqYYeEZPlcMedhZ9jLbI3ovAUnemye +EXWXaRSWMVwrg5WChh2xPB5uCprPxhesUfAgfd7gj87yU06UKa7rHHv+weLN7Wv RqjQt2h3oYhxhhL8YHXrn8yb4sJex1oZvG5hazJe7tGubuQ+m+RKow+b5uUAn7ai 1t5X7iLE1clgxDrMuD3YihTEI43oRyBAK/LeEVjPfKfwoZpBogy1u5IW2C/tib5T KdYZXrlJuXtgH08D5xXrXm2eGzfXNs2oqZ4UgO+gfwjzoKeHZXzuwYoaWsK1D97d sDvkZQK8UsHHn9ZK5/NDsJXfBWcjvD+jdONQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d= topicbox.com; h=date:from:to:subject:message-id:mime-version :content-type; s=arcseal; t=1727869814; bh=5VPv7+eJ1Gy8aKa/gc9u7 BIV2gdslW+i2QPY6e2CgZw=; b=b6Vo7cXqkl76Q8u9U7QjreS/onD4M4Px2W7Cz G4GosrmDQWuqNIWq61vmOlYi5rnl+NNgI1lLKD8HfscsLvi8XH99tx7C1oI7OVAY BLOrol5ynPKHqVmomzF2aNJmJKDkt1KOBiBylNc31kmBIf8u46PcJMpmSaUys0EW VbkmhFxpmY/PsSfAYjbpKvcGqZWxMC5jSH1A4UfOQ+YNCpWIrWi+TgP8SoFVvq1I fjAhJRZz2V39RpBsSN+PReCO9NPxp54pLbGSe6ZQVzc8+NljudHZQ/X+jVRckIl2 4GcJ4N7m4/feN7HbxktAeuIBRC3DpG56Vtt2dAYJHdjod2jFg== ARC-Authentication-Results: i=1; tb-mx0.topicbox.com; arc=none (no signatures found); bimi=skipped (DMARC did not pass); dkim=pass (1024-bit rsa key sha256) header.d=fiddaman.net header.i=@fiddaman.net header.b=h6UiZZdp header.a=rsa-sha256 header.s=boomer x-bits=1024; dmarc=none policy.published-domain-policy=none policy.applied-disposition=none policy.evaluated-disposition=none (p=none,d=none,d.eval=none) policy.policy-from=p header.from=fiddaman.net; iprev=pass smtp.remote-ip=89.248.55.103 (mail.citrus-it.net); spf=pass smtp.mailfrom="prvs=100553a015=illumos@fiddaman.net" smtp.helo=mail.citrus-it.net; x-aligned-from=domain_pass (Domain match); x-me-sender=none; x-ptr=pass smtp.helo=mail.citrus-it.net policy.ptr=mail.citrus-it.net; x-return-mx=pass header.domain=fiddaman.net policy.is_org=yes (MX Records found: mail21.citrus-it.net,mail30.citrus-it.net,mail98.citrus-it.net,mail99.citrus-it.net); x-return-mx=pass smtp.domain=fiddaman.net policy.is_org=yes (MX Records found: mail21.citrus-it.net,mail30.citrus-it.net,mail98.citrus-it.net,mail99.citrus-it.net); x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES256-GCM-SHA384 smtp.bits=256/256; x-vs=clean score=0 state=0 X-ME-VSCause: gggruggvucftvghtrhhoucdtuddrgeeftddrvdduledggedvucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggvpdfu rfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpeffhffvuf fkgggtugesthdtredttddtvdenucfhrhhomheptehnugihucfhihguuggrmhgrnhcuoehi lhhluhhmohhssehfihguuggrmhgrnhdrnhgvtheqnecuggftrfgrthhtvghrnhepteeuff duieehuedugefhgedulefhheeuheehieeiuddukeejjedvfeduvefhkeeunecuffhomhgr ihhnpehilhhluhhmohhsrdhorhhgnecukfhppeekledrvdegkedrheehrddutdefpdekle drvdegkedrheehrdejleenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepihhn vghtpeekledrvdegkedrheehrddutdefpdhhvghlohepmhgrihhlrdgtihhtrhhushdqih htrdhnvghtpdhmrghilhhfrhhomhepoehprhhvshepuddttdehheefrgdtudehpehilhhl uhhmohhssehfihguuggrmhgrnhdrnhgvtheqpdhnsggprhgtphhtthhopedupdhrtghpth htohepoeguvghvvghlohhpvghrsehlihhsthhsrdhilhhluhhmohhsrdhorhhgqe X-ME-VSScore: 0 X-ME-VSCategory: clean Received-SPF: pass (fiddaman.net: 89.248.55.103 is authorized to use 'prvs=100553a015=illumos@fiddaman.net' in 'mfrom' identity (mechanism 'ip4:89.248.55.64/26' matched)) receiver=tb-mx0.topicbox.com; identity=mailfrom; envelope-from="prvs=100553a015=illumos@fiddaman.net"; helo=mail.citrus-it.net; client-ip=89.248.55.103 Received: from mail.citrus-it.net (mail.citrus-it.net [89.248.55.103]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by tb-mx0.topicbox.com (Postfix) with ESMTPS for ; Wed, 2 Oct 2024 07:50:12 -0400 (EDT) (envelope-from prvs=100553a015=illumos@fiddaman.net) Received: from reaper.citrus-it.net (reaper.citrus-it.net [89.248.55.79]) by mail.citrus-it.net with ESMTP id 492BoBL9019023 for ; Wed, 2 Oct 2024 11:50:11 GMT Date: Wed, 2 Oct 2024 11:50:10 +0000 From: Andy Fiddaman To: developer@lists.illumos.org Message-ID: <20241002115010.GA24845@reaper.citrus-it.net> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Disposition: inline X-Citrus-Version: 6.0.3ba253c X-Citrus-ID: 5492BoBL9019023 X-Citrus-Virus-Scanned: Clean X-Citrus-Spam: Whitelisted X-Citrus-Trust: Trusted Topicbox-Policy-Reasoning: allow: sender is a member Topicbox-Message-UUID: 7fcb0c82-80b4-11ef-a541-b07e018c7b06 Archived-At: =?UTF-8?B?PGh0dHBzOi8vaWxsdW1vcy50b3BpY2JveC5jb20vZ3JvdXBz?= =?UTF-8?B?L2RldmVsb3Blci9UYjlkOWNkNGNlN2ZlY2EwNC1NMjgyYTE0YWRlYzk3YzEx?= =?UTF-8?B?NmM4MjExMWEzPg==?= List-Help: List-Id: "illumos-developer" List-Post: List-Software: Topicbox v0 List-Subscribe: Precedence: list Reply-To: illumos-developer Subject: [developer] Review - 16806 Some services unexpectedly start in /root Content-Transfer-Encoding: quoted-printable List-Unsubscribe: , Topicbox-Delivery-ID: 2:illumos:a901537c-2aea-11e7-965f-d98f9f16e227:81958daa-7202-11ef-bbf2-18142b2d11b0:M282a14adec97c116c82111a3:1:kdPMqqfOeS7ccOx2n4baHLezrNU-UTzVSe7VB9qhk8w I've been looking into why some daemons are running with the working direct= ory set to /root, for example: bloody% fuser /root /root: 516c 467c 364c 322c 320c bloody% ps -p 516,467,364,322,320 PID TTY TIME CMD 320 ? 0:00 pfexecd 322 ? 0:00 zonestat 364 console 0:00 ttymon 467 ? 0:00 rpcbind 516 ? 0:50 zrepl but not all: bloody% pfexec pwdx `pgrep utmpd` 359: / This turns out to be due to something that I couldn't find documented in the manual. By default, SMF will start a service using the old `init` defaults of UID/GID 0 and in /. However, if the SMF method has a non-empty , then it will start it with the smf_method(7) defaults of UID/GID 0, in UID 0's home directory (typically /root), having explicitly set the privilege limit set to `zone`, etc. Obviously if the overrides any of these then those values are used instead. I think this is a bit of a gotcha. `zrepl', for example, uses a to enable ASLR and falls foul of this as you can see in the process list above. I went back and forth on a way to improve the situation here and reduce the surprise factor and have so far settled on the following: - As now, if there's no use the old init defaults; - if there is a but it does not specify uid, gid or working directory, use the smf_method(7) defaults but explicitly reset the start directory to /; - update the smf_method(7) man page. This assumes that anyone who adds a kno= ws what they're doing and expects to start in the specified user's home direct= ory. For several services in gate, this meant that I have had to go through and add an explicit working_directory attribute to the to get it to start in /. There are a number of services, like svc:/system/hal which define a that could probably just be removed: I have elected NOT to do that in this change because the resulting start context would be subtly different without that element there. hald, like many daemons does a chdir("/") early, but it would still be better for SMF to start it in / -- one of drivers for this change is to more easily allow /root to be a separate ZFS dataset. With all that said, here's the change so far. Please can you take a look? 16806 Some services unexpectedly start in /root https://www.illumos.org/issues/16806 https://code.illumos.org/c/illumos-gate/+/3720 Thanks, Andy ------------------------------------------ illumos: illumos-developer Permalink: https://illumos.topicbox.com/groups/developer/Tb9d9cd4ce7feca04-= M282a14adec97c116c82111a3 Delivery options: https://illumos.topicbox.com/groups/developer/subscription