network manager runs dnsmasq as user nobody
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
network-manager (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
Network Manager starts dnsmasq to provide better performing DNS service to the end user; however, it starts dnsmasq as user nobody:
$ ps auwwx | grep [d]nsmasq
nobody 993 0.0 0.1 33072 1120 ? S 12:06 0:00 /usr/sbin/dnsmasq --no-resolv --keep-
Generally it's bad form from a security perspective to run daemons as user nobody because a vulnerability in one daemon will possibly allow it, when compromised, to interfere with another daemon that is also running as nobody. The preferred solution is to run it under a service-specific system user.
ProblemType: Bug
DistroRelease: Ubuntu 12.10
Package: network-manager 0.9.6.0-0ubuntu7
ProcVersionSign
Uname: Linux 3.5.0-22-generic x86_64
ApportVersion: 2.6.1-0ubuntu10
Architecture: amd64
CRDA: Error: command ['iw', 'reg', 'get'] failed with exit code 1: nl80211 not found.
Date: Fri Jan 25 14:17:36 2013
IfupdownConfig:
# interfaces(5) file used by ifup(8) and ifdown(8)
auto lo
iface lo inet loopback
InstallationDate: Installed on 2013-01-25 (0 days ago)
InstallationMedia: Ubuntu 12.10 "Quantal Quetzal" - Release amd64 (20121017.5)
IpRoute:
default via 10.0.2.2 dev eth0 proto static
10.0.2.0/24 dev eth0 proto kernel scope link src 10.0.2.15 metric 1
169.254.0.0/16 dev eth0 scope link metric 1000
IwConfig:
eth0 no wireless extensions.
lo no wireless extensions.
MarkForUpload: True
NetworkManager.
[main]
NetworkingEnab
WirelessEnable
WWANEnabled=true
WimaxEnabled=true
ProcEnviron:
TERM=xterm
PATH=(custom, no user)
XDG_RUNTIME_
LANG=en_US.UTF-8
SHELL=/bin/bash
RfKill:
SourcePackage: network-manager
UpgradeStatus: No upgrade log present (probably fresh install)
nmcli-con:
NAME UUID TYPE TIMESTAMP TIMESTAMP-REAL AUTOCONNECT READONLY DBUS-PATH
Wired connection 1 6065df63-
nmcli-dev:
DEVICE TYPE STATE DBUS-PATH
eth0 802-3-ethernet connected /org/freedeskto
nmcli-nm:
RUNNING VERSION STATE NET-ENABLED WIFI-HARDWARE WIFI WWAN-HARDWARE WWAN
running 0.9.6.0 connected enabled enabled enabled enabled disabled
tags: | added: rls-r-incoming |
Changed in network-manager (Ubuntu): | |
status: | New → Confirmed |
tags: | added: armhf r106 |
Just like to add I see this problem too. My dnsmasq service starts as nobody maybe %20 of the time from a cold boot. And dns forwarding is broken at this time. Killing the process and restarting the service usually results in the dnsmasq service starting as "dnsmasq" like it should. But alas still no DNS forwarding and the only to get it working again is to reboot.
Not working in-foreground --no-hosts --bind-interfaces --pid-file= /var/run/ sendsigs. omit.d/ network- manager. dnsmasq. pid --listen- address= 127.0.0. 1 --conf- file=/var/ run/nm- dns-dnsmasq. conf --cache-size=0 --proxy-dnssec
nobody 1481 1055 0 7205 1240 0 17:23 ? 00:00:00 /usr/sbin/dnsmasq --no-resolv --keep-
Working dnsmasq/ dnsmasq. pid -u dnsmasq -r /var/run/ dnsmasq/ resolv. conf -7 /etc/dnsmasq. d,.dpkg- dist,.dpkg- old,.dpkg- new
dnsmasq 1201 1 0 7205 992 0 17:58 ? 00:00:00 /usr/sbin/dnsmasq -x /var/run/
Xubuntu Server 12.04.2 w/ XFCE
kernel: 3.2.0-45-generic