Re: [syslog-ng]syslog-ng problem description(again)


From: Balazs Scheidler <bazsi@balabit.hu>
Subject: Re: [syslog-ng]syslog-ng problem description(again)
Date: Fri, 13 Apr 2001 10:05:45 +0200

Next Article (by Subject): Re: [syslog-ng]syslog-ng problem description(again) Bencsath Boldizsar
Previous Article (by Subject): Re: [crispin@WIREX.COM: Linux Security Module Interface] Amon Ott
Next in Thread: Re: [syslog-ng]syslog-ng problem description(again) Bencsath Boldizsar
Articles sorted by: [Date] [Author] [Subject]


> [pid 14144] bind(4, {sin_family=AF_UNIX,
> path="                                                                                                    /dev/log"},
> 110) = -1 EPERM (Operation not permitted)
> 
> (Apr 12 19:02:24 db rsbac_adf_request_rc(): rsbac_get_attr() returned
> error -1017!
> Apr 12 19:02:24 db rsbac_adf_request(): request READ_WRITE_OPEN,
> caller_pid 15361, caller_prog_name syslog-ng, caller_uid 0, target-type
> IPC, tid ???-ID 134521299, attr sockaddr, value 3437575888, result
> NOT_GRANTED by RC)
> 
> Two problems: why has the bind command 110 bytes path attribute, why not
> only "/dev/log".

Thanks for the report. I now applied a fix for the CVS which calculates the
runtime length of the required sockaddr_un structure instead of simply
passing sizeof(struct sockaddr_un), for those interested here's the patch.
It should be applied to the libol source tree.


Index: io.c
===================================================================
RCS file: /var/cvs/libol/src/io.c,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
@@ -927,7 +929,7 @@
 		}
 		unlink(un.sun_path);
 		errno = 0;
-		if (bind(fd, (struct sockaddr *) &un, sizeof(struct sockaddr_un)) == -1) {
+		if (bind(fd, (struct sockaddr *) &un, sizeof(un) - sizeof(un.sun_path) + strlen(un.sun_path) + 1) == -1) {
 			werror("io.c: bind_unix_socket(): bind failed %z (%z)\n", 
 			       un.sun_path, strerror(errno));
 			return 0;


-- 
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
-
To unsubscribe from the rsbac list, send a mail to
majordomo@rsbac.org with
unsubscribe rsbac
as single line in the body.

Next Article (by Subject): Re: [syslog-ng]syslog-ng problem description(again) Bencsath Boldizsar
Previous Article (by Subject): Re: [crispin@WIREX.COM: Linux Security Module Interface] Amon Ott
Next in Thread: Re: [syslog-ng]syslog-ng problem description(again) Bencsath Boldizsar
Articles sorted by: [Date] [Author] [Subject]


Go to Compuniverse LWGate Home Page.