dhcpd tells it is running as user/group dhcpd/dhcpd, but can't open files
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| dhcp3 (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
Bug Description
dhcpd tells it is running als user:dhcpd, group:dhcpd, but it can't open files for reading owned by group dhcpd:
/etc/named:
-rw-r----- 1 bind bind 77 2011-01-04 10:49 rndc.key
In /etc/groups:
bind:x:108:dhcpd
Thus dhcpd is part of group bind and allowed to read the file.
For sure apparmor doesn't disallow reading --- in /etc/apparmor.
/etc/named/rndc.key r,
Now starting dhcpd3:
dhcpd: Can't open /etc/named/
As soon as I allow all others to read rndc.key (isn't a good idea) dhcpd can read the file. Looks a lot like bind not running under group dhcpd at this point in time. But what is it running under then???
It is at least bad behavior not telling it!
ProblemType: Bug
DistroRelease: Ubuntu 10.10
Package: dhcp3-server 3.1.3-2ubuntu6
ProcVersionSign
Uname: Linux 2.6.35-
Architecture: i386
Date: Wed Jan 5 11:17:24 2011
InstallationMedia: Ubuntu-Server 10.10 "Maverick Meerkat" - Release i386 (20101007)
ProcEnviron:
LANG=de_DE.UTF-8
SHELL=/bin/bash
SourcePackage: dhcp3
| Thomas Schweikle (tps) wrote | #1 |
| Marc Deslauriers (mdeslaur) wrote | #2 |
| security vulnerability: | yes → no |
| visibility: | private → public |
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.