Ubuntu
boinc package

Change /etc/boinc-client/gui_rpc_auth.cfg to 0644

Bug #1248715 reported by Githlar on 2013-11-06

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	boinc (Debian)	Fix Released	Unknown	debbugs #407678
	boinc (Ubuntu)	Invalid	Undecided	Unassigned

Bug Description

Upon installation, the config files /etc/boinc-client/gui_rpc_auth.cfg is mode 0640. This file contains a randomly generated password by boincmgr on first start. Since boincmgr is unlikely to be run as root, this means that it cannot store the password in the file. Changing the permissions to 0666 doesn't really seem feasible, so boincmgr will have to be run once as root or the install scripts need to write a random password into the file. However, once written all users running boincmgr need to be able to read the file and this isn't possible the way it installs. This leads to boincmgr loading in an "empty" state and it's a backflip to get it to connect to the running client. In order to do so you have to tell boincmcgr to connect to 127.0.0.1 (localhost doesn't work). It should "just work."

Updating the permissions of the files in /etc/boinc-client fixes this issue.

ProblemType: Bug
DistroRelease: Ubuntu 13.10
Package: boinc-manager 7.2.7+dfsg-1
ProcVersionSignature: Ubuntu 3.11.0-12.19-generic 3.11.3
Uname: Linux 3.11.0-12-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 2.12.5-0ubuntu2.1
Architecture: amd64
Date: Wed Nov 6 14:43:13 2013
EcryptfsInUse: Yes
ExecutablePath: /usr/bin/boincmgr
InstallationDate: Installed on 2013-10-19 (18 days ago)
InstallationMedia: Ubuntu 13.10 "Saucy Salamander" - Release amd64 (20131016.1)
MarkForUpload: True
ProcEnviron:
TERM=xterm
SHELL=/bin/bash
PATH=(custom, user)
LANG=en_US.UTF-8
XDG_RUNTIME_DIR=<set>
SourcePackage: boinc
UpgradeStatus: No upgrade log present (probably fresh install)

See original description

Tags:

Revision history for this message

Githlar (githlar-deactivatedaccount) wrote on 2013-11-06:

Dependencies.txt Edit (6.2 KiB, text/plain; charset="utf-8")
ProcMaps.txt Edit (45.8 KiB, text/plain; charset="utf-8")
ProcStatus.txt Edit (826 bytes, text/plain; charset="utf-8")

Changed in boinc (Ubuntu):
status:	New → Invalid

Githlar (githlar-deactivatedaccount) on 2013-11-06

Changed in boinc (Ubuntu):
status:	Invalid → New
description:	updated

Githlar (githlar-deactivatedaccount) on 2013-11-06

summary:

- Config files in /etc/boinc-client are not owned by boinc user
+ Change /etc/boinc-client/gui_rpc_auth.cfg to 0644

Revision history for this message

Gianfranco Costamagna (costamagnagianfranco) wrote on 2013-11-06:

Sorry but this has been changed for fixing debian bug http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=407678

Can you please follow up on the debian bug?

Would be nice to fix this bug, but I don't want to fix it by reopening the old debian one

Revision history for this message

MestreLion (mestrelion) wrote on 2013-11-07:

"randomly generated password by boincmgr on first start" ?

IIRC, this is windows-only behavior. In Debian/Ubuntu, the default password is blank, /etc/boinc-client/gui_rpc_auth.cfg is created by package install, and boincmgr never tries to write it, only read it, as this file is supposed to be changed by the local administrator only.

Has this behavior changed since 7.0.28?

Revision history for this message

Ken Sharp (kennybobs) wrote on 2013-11-22:

The Debian bug reports this fixed six years ago?

-rw-r----- 1 root boinc 8 Feb 7 2013 /etc/boinc-client/gui_rpc_auth.cfg

Bug #347651 is logged for the manager looking in the wrong place (and hence it shouldn't need to connect to 127.0.0.1).

Is THIS bug fixed?

Bug Watch Updater (bug-watch-updater) on 2013-11-23

Changed in boinc (Debian):
status:	Unknown → Fix Released

Revision history for this message

Githlar (githlar-deactivatedaccount) wrote on 2013-11-23:

You may be correct about the blank default password, however I was under the impression that the reason the file was blank was because a user running boincmgr wouldn't be able to write gui_rpc_auth.cfg as it's set to root perms.

No, this bug is not fixed. With the default permissions of /etc/boinc-client/gui_rpc_auth.cfg (0640) the manager starts up and simply doesn't connect to the running boinc-client. Closing boincmgr, stopping boinc-client, changing the permissions of /etc/boinc-client/gui_rpc_auth.cfg to 0644 and restarting the client and manager makes it work.

In my tests I cleared the value I had stored in gui_rpc_auth.xml as it was in the default installation and the case still holds.

Revision history for this message

Githlar (githlar-deactivatedaccount) wrote on 2013-11-23:

Not related to Debian #407678. That bug refers to ownership and not octal permissions.

Revision history for this message

Githlar (githlar-deactivatedaccount) wrote on 2013-11-23:

Sorry to hammer this so many times so quickly. The fact of the matter is that boincmgr running as an arbitrary user needs to be able to read that gui_rpc_auth.xml, otherwise it won't/can't connect. It's very possible that things could have changed since that bug report 6 years go so that the client can't connect if it can't read the file. That does, indeed, seem to be the case. I attempted to read the boinc source so I could build a custom version that defaults --datadir to /usr/lib/boinc-client, but wasn't even able to figure that one out. So, I don't necessarily know that I'd even be able to find this aspect in the code to be able to determine if that is, in fact, the case.

Revision history for this message

MestreLion (mestrelion) wrote on 2013-11-24:

In my previous comment, I was refering to boinc *client*, not manager. Sorry about the confusion

The manager does not, and should not, read /etc/boinc-client/gui_rpc_auth.cfg at all.

For local connections, boinc-client does not require password, so boincmgr connects fine. And for remote connections, the user must manually provide the password (via GUI or --passwd), and that's the whole point of a password authentication.

The *client* is the only one that needs to read /etc/boinc-client/gui_rpc_auth.cfg , and only when authenticating remote connections. As per http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=407678 , perms root:boinc 640 are correct IMHO. Password files should not be world-readable.

Maybe the problem you're experiencing has another cause: somehow your client may think the local connection from manager is a remote one instead of local. This can happen if boincmgr is started via terminal outside the /var/lib/boinc-client dir and without --datadir arguments (that's what bug #347651 is about). Notice the expected datadir is inside /var, not /usr as you mentioned

Gianfranco Costamagna (costamagnagianfranco) on 2017-08-22