Ubuntu
network-manager package

network manager runs dnsmasq as user nobody

Bug #1105493 reported by Steve Beattie
282
This bug affects 7 people
Affects Status Importance Assigned to Milestone
network-manager (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

Network Manager starts dnsmasq to provide better performing DNS service to the end user; however, it starts dnsmasq as user nobody:

  $ ps auwwx | grep [d]nsmasq
  nobody 993 0.0 0.1 33072 1120 ? S 12:06 0:00 /usr/sbin/dnsmasq --no-resolv --keep-in-foreground --no-hosts --bind-interfaces --pid-file=/var/run/sendsigs.omit.d/network-manager.dnsmasq.pid --listen-address=127.0.1.1 --conf-file=/var/run/nm-dns-dnsmasq.conf --cache-size=0 --proxy-dnssec --enable-dbus=org.freedesktop.NetworkManager.dnsmasq --conf-dir=/etc/NetworkManager/dnsmasq.d

Generally it's bad form from a security perspective to run daemons as user nobody because a vulnerability in one daemon will possibly allow it, when compromised, to interfere with another daemon that is also running as nobody. The preferred solution is to run it under a service-specific system user.

ProblemType: Bug
DistroRelease: Ubuntu 12.10
Package: network-manager 0.9.6.0-0ubuntu7
ProcVersionSignature: Ubuntu 3.5.0-22.34-generic 3.5.7.2
Uname: Linux 3.5.0-22-generic x86_64
ApportVersion: 2.6.1-0ubuntu10
Architecture: amd64
CRDA: Error: command ['iw', 'reg', 'get'] failed with exit code 1: nl80211 not found.
Date: Fri Jan 25 14:17:36 2013
IfupdownConfig:
 # interfaces(5) file used by ifup(8) and ifdown(8)
 auto lo
 iface lo inet loopback
InstallationDate: Installed on 2013-01-25 (0 days ago)
InstallationMedia: Ubuntu 12.10 "Quantal Quetzal" - Release amd64 (20121017.5)
IpRoute:
 default via 10.0.2.2 dev eth0 proto static
 10.0.2.0/24 dev eth0 proto kernel scope link src 10.0.2.15 metric 1
 169.254.0.0/16 dev eth0 scope link metric 1000
IwConfig:
 eth0 no wireless extensions.

 lo no wireless extensions.
MarkForUpload: True
NetworkManager.state:
 [main]
 NetworkingEnabled=true
 WirelessEnabled=true
 WWANEnabled=true
 WimaxEnabled=true
ProcEnviron:
 TERM=xterm
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_US.UTF-8
 SHELL=/bin/bash
RfKill:

SourcePackage: network-manager
UpgradeStatus: No upgrade log present (probably fresh install)
nmcli-con:
 NAME UUID TYPE TIMESTAMP TIMESTAMP-REAL AUTOCONNECT READONLY DBUS-PATH
 Wired connection 1 6065df63-d4a5-4426-bf03-4b938adcdf28 802-3-ethernet 1359152173 Fri 25 Jan 2013 02:16:13 PM PST yes no /org/freedesktop/NetworkManager/Settings/0
nmcli-dev:
 DEVICE TYPE STATE DBUS-PATH
 eth0 802-3-ethernet connected /org/freedesktop/NetworkManager/Devices/0
nmcli-nm:
 RUNNING VERSION STATE NET-ENABLED WIFI-HARDWARE WIFI WWAN-HARDWARE WWAN
 running 0.9.6.0 connected enabled enabled enabled enabled disabled

Revision history for this message
Steve Beattie (sbeattie) wrote :
Marc Deslauriers (mdeslaur)
tags: added: rls-r-incoming
Jamie Strandboge (jdstrand)
Changed in network-manager (Ubuntu):
status: New → Confirmed
Revision history for this message
Jared Taylor (swiftness-jared) wrote :

Just like to add I see this problem too. My dnsmasq service starts as nobody maybe %20 of the time from a cold boot. And dns forwarding is broken at this time. Killing the process and restarting the service usually results in the dnsmasq service starting as "dnsmasq" like it should. But alas still no DNS forwarding and the only to get it working again is to reboot.

Not working
nobody 1481 1055 0 7205 1240 0 17:23 ? 00:00:00 /usr/sbin/dnsmasq --no-resolv --keep-in-foreground --no-hosts --bind-interfaces --pid-file=/var/run/sendsigs.omit.d/network-manager.dnsmasq.pid --listen-address=127.0.0.1 --conf-file=/var/run/nm-dns-dnsmasq.conf --cache-size=0 --proxy-dnssec

Working
dnsmasq 1201 1 0 7205 992 0 17:58 ? 00:00:00 /usr/sbin/dnsmasq -x /var/run/dnsmasq/dnsmasq.pid -u dnsmasq -r /var/run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new

Xubuntu Server 12.04.2 w/ XFCE
kernel: 3.2.0-45-generic

Seth Arnold (seth-arnold)
tags: added: armhf r106
Revision history for this message
Seth Arnold (seth-arnold) wrote :

This issue is still unfixed on Ubuntu touch image r106.

Revision history for this message
Marius Nuennerich (mwrius) wrote :

I still see the in 16.04 Alpha.

Revision history for this message
Dr. Jochen Blödorn (jochen-bloedorn) wrote :

still unfixed in 16.04 LTS.

Revision history for this message
nivlac (carndt) wrote :

DNSMASQ runs as user nobody per design of dnsmasq devs.
from the manpage:

-u, --user=<username>
    Specify the userid to which dnsmasq will change after startup. Dnsmasq must normally be started as root, but it will drop root privileges after startup by changing id to another user. Normally this user is "nobody" but that can be over-ridden with this switch.

Revision history for this message
Seth Arnold (seth-arnold) wrote :

nivlac, 'nobody' is a poor choice: the intended use of user 'nobody' (and group 'nogroup') is for NFS.

If daemons start using 'nobody' (or 'nogroup') then they can interfere with the proper operation of NFS or other daemons that also use 'nobody' (or 'nogroup').

Thanks

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.