LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (https://www.linuxquestions.org/questions/slackware-14/)
-   -   ZFS on Linux - Slackware 14.1 and setuid problems (https://www.linuxquestions.org/questions/slackware-14/zfs-on-linux-slackware-14-1-and-setuid-problems-4175484746/)

re_nelson 11-15-2013 11:37 PM
ZFS on Linux - Slackware 14.1 and setuid problems
 
This is probably a niche topic but perhaps someone has run into this strangeness. On real (not virtualized) hardware, I have two identical instances of Slackware64-current at my disposal.

The primary system is good old ext4 and my playpen system is ZFS-0.6.2. I don't spend much time in the latter experimental system but tonight I encountered something odd. As a regular user, I executed this command:

sudo ls /root

Here's the result:
Code:
sudo: unable to stat /etc/sudoers: Permission denied
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin
And running strace, more detail emerges:

Code:
sudo: effective uid is not 0, is /usr/bin/sudo on a file system with the 'nosuid' option set or an NFS file system without root privileges?
Yet these things show no indication of suid being disabled:

Code:
zducky/slack on / type zfs (rw,relatime,xattr)
zducky/slack setuid  on  default
I think a handful of forum participants are using ZFS on Linux and any troubleshooting tips would be appreciated.

AlucardZero 11-16-2013 07:26 PM
What are the permissions on /etc/sudoers? Should be 440.
What are the permissions on `which sudo`? Should be 4755.

re_nelson 11-16-2013 07:36 PM
Quote:
Originally Posted by AlucardZero (Post 5065906)
What are the permissions on /etc/sudoers? Should be 440.
What are the permissions on `which sudo`? Should be 4755.
Code:
-r--r----- 1 root root  3012 Nov  9 13:50 /etc/sudoers
-rwsr-xr-x 1 root root 134128 Nov  8 12:11 /usr/bin/sudo
The playpen experimental system using ZFS is a replica (via rsync -xHDa) of the main system, so all perms and ownership are preserved. Another oddity, perhaps related, is that using ncsd on the ZFS-based system returns nothing for all of the service definitions it maintains. On those occasions when I boot into the ZFS Slackware system, I just disable that glibc-provided name service caching daemon.


All times are GMT -5. The time now is 12:25 PM.