LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (https://www.linuxquestions.org/questions/slackware-14/)
-   -   VirtualBox 6 SlackBuild (x86_64 current) QT Fatal - setuid (https://www.linuxquestions.org/questions/slackware-14/virtualbox-6-slackbuild-x86_64-current-qt-fatal-setuid-4175646221/)

ricky_cardo 01-14-2019 07:45 PM

VirtualBox 6 SlackBuild (x86_64 current) QT Fatal - setuid
 
I managed to modify ponce's slackbuild to build VirtualBox 6 on current(kernel 4.19.15).

First I modified "vboxdrv.sh-setup.diff" just to take into account the slightly different vboxdrv.sh in VirtualBox 6.

Next I added these patches (from arch I believe)(think they may be overkill)
https://github.com/archlinuxcn/repo/...virtualbox-svn
Tweaked the slackbuild slightly to read them from a folder and ran the build.

Here is a complete Slackbuild version minus the sources to download from Oracle.
http://lehcar.no-ip.org:8080/~rich/virtualbox.tar.gz
(sources needed: SDKRef.pdf UserManual.pdf VBoxGuestAdditions_6.0.0.iso VirtualBox-6.0.0.tar.bz2)

Then I use virtualbox-kernel-mksrctarball.sh in the virtualbox-kernel build from ponce, modify version to 6.0.0 and build.
Note: "I did add vboxusers group and my user to the group"

The issue I have is if I use the HARDENING=yes
when I run virtualbox as normal (non-root) user I get:
Code:

Qt FATAL: FATAL: The application binary appears to be running setuid, this is a security hole.
Aborted

((HARDENING=no)) build works fine, no complaints as non-root.

I tried a couple commands suggested like:
Code:

cd /usr/lib64/virtualbox/VBox; chmod 4755 {VBox{Headless,Net{AdpCtl,DHCP,NAT},SDL,VolInfo},VirtualBoxVM}
(It set -s (setuid) on a few more files, but no help)

I also found one suggestion to add this: (but I did not know which file to add this to...)
Code:

QCoreApplication::setSetuidAllowed(true);
QCoreApplication app(argc, argv);


-- Of Note if I use the binary from Oracle it does work, guessing they compile with a static Qt5.
(https://download.virtualbox.org/virt...inux_amd64.run)

Anybody have any fix suggestion, or suggest the file to patch to add the QCoreApplication commands?
Would really like to use the HARDEDED version and prefer the SlackBuild to binary.
--Not critical as the binary really works ok, just more of a learning thing.

ehartman 01-15-2019 01:58 AM

Quote:

Originally Posted by ricky_cardo (Post 5949144)
I tried a couple commands suggested like:
Code:

cd /usr/lib64/virtualbox/VBox; chmod 4755 {VBox{Headless,Net{AdpCtl,DHCP,NAT},SDL,VolInfo},VirtualBoxVM}
(It set -s (sticky) on a few more files, but no help)

Just a remark: 4755 is not "sticky" but "setuid", so you're creating some more files with the setuid bit set: -rxsr-xr-x.
The sticky bit is the t bit, with numeric value 1xxx and shown as a t as the LAST char of the mode.
Symbolic (in chmod) you set setuid with u+s, setgid (group) with g+s and sticky with +t - as there's only one t-bit you do not need a prefix (and you can remove them again with the same letters but a - inbetween, so u-s etc).

ricky_cardo 01-15-2019 05:35 AM

Quote:

Originally Posted by ehartman (Post 5949235)
Just a remark: 4755 is not "sticky" but "setuid", so you're creating some more files with the setuid bit set: -rxsr-xr-x.
The sticky bit is the t bit, with numeric value 1xxx and shown as a t as the LAST char of the mode.
Symbolic (in chmod) you set setuid with u+s, setgid (group) with g+s and sticky with +t - as there's only one t-bit you do not need a prefix (and you can remove them again with the same letters but a - inbetween, so u-s etc).

Thanks that's a good correction I had the setuid / setgid concept reversed with sticky bit.

Geremia 01-16-2019 11:47 AM

I get:
Code:

***** Checking iasl *****
** iasl (variable IASL) not found!

I'm using an AMD chip. Does VirtualBox only work with Intel chips?

Edit: I needed to install the recent acpica (🎩 to ppr:kut).

bitfuzzy 01-16-2019 03:44 PM

Quote:

Originally Posted by Geremia (Post 5949878)
I'm using an AMD chip. Does VirtualBox only work with Intel chips?

Nope, VBox works just fine on AMD

I tried the SlackBuild a while back and found downloading and installing directly from Virtualbox.org (in your case, VirtualBox-6.0.2-128162-Linux_amd64.run) to be simplest.

Though I am still using 5.2 and haven't tried 6.0

Ken

Geremia 01-16-2019 05:16 PM

making vboxdrv: "no such file or directory"s
 
I get this issue:
Code:

=== Building 'vboxdrv' module ===
make[1]: Entering directory '/tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv'
make V= CONFIG_MODULE_SIG= -C /lib/modules/4.19.15/build SUBDIRS=/tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv SRCROOT=/tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv -j64 modules
make[2]: Entering directory '/tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv'
make[2]: warning: -jN forced in submake: disabling jobserver mode.
  CC [M]  /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/linux/SUPDrv-linux.o
  CC [M]  /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/SUPDrv.o
  CC [M]  /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/SUPDrvGip.o
  CC [M]  /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/SUPDrvSem.o
  CC [M]  /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/alloc-r0drv.o
  CC [M]  /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/SUPDrvTracer.o
  CC [M]  /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/SUPLibAll.o
  CC [M]  /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/initterm-r0drv.o
  CC [M]  /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/memobj-r0drv.o
  CC [M]  /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/mpnotification-r0drv.o
  CC [M]  /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/powernotification-r0drv.o
  CC [M]  /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/linux/assert-r0drv-linux.o
  CC [M]  /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/linux/alloc-r0drv-linux.o
cc1: fatal error: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/vboxdrv/include/VBox/SUPDrvMangling.h: No such file or directory
compilation terminated.
  CC [M]  /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/linux/initterm-r0drv-linux.o
  CC [M]  /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/linux/memobj-r0drv-linux.o
  CC [M]  /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/linux/memuserkernel-r0drv-linux.o
make[3]: *** [scripts/Makefile.build:303: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/linux/SUPDrv-linux.o] Error 1
make[3]: *** Waiting for unfinished jobs....
  CC [M]  /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/linux/mp-r0drv-linux.o
  CC [M]  /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/linux/rtStrFormatKernelAddress-r0drv-linux.o
  CC [M]  /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/linux/mpnotification-r0drv-linux.o
  CC [M]  /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/linux/process-r0drv-linux.o
cc1: fatal error: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/vboxdrv/include/VBox/SUPDrvMangling.h: No such file or directory
compilation terminated.
cc1: fatal error: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/vboxdrv/include/VBox/SUPDrvMangling.h: No such file or directory
compilation terminated.
cc1: fatal error: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/vboxdrv/include/VBox/SUPDrvMangling.h: No such file or directory
compilation terminated.
  CC [M]  /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/linux/semevent-r0drv-linux.o
make[3]: *** [scripts/Makefile.build:303: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/SUPDrvGip.o] Error 1
cc1: fatal error: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/vboxdrv/include/VBox/SUPDrvMangling.h: No such file or directory
compilation terminated.
make[3]: *** [scripts/Makefile.build:303: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/SUPDrv.o] Error 1
make[3]: *** [scripts/Makefile.build:303: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/SUPDrvSem.o] Error 1
cc1: fatal error: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/vboxdrv/include/VBox/SUPDrvMangling.h: No such file or directory
compilation terminated.
cc1: fatal error: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/vboxdrv/include/VBox/SUPDrvMangling.h: No such file or directory
compilation terminated.
make[3]: *** [scripts/Makefile.build:303: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/SUPLibAll.o] Error 1
make[3]: *** [scripts/Makefile.build:303: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/alloc-r0drv.o] Error 1
cc1: fatal error: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/vboxdrv/include/VBox/SUPDrvMangling.h: No such file or directory
cc1: fatal error: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/vboxdrv/include/VBox/SUPDrvMangling.h: No such file or directory
compilation terminated.
compilation terminated.
make[3]: *** [scripts/Makefile.build:303: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/memobj-r0drv.o] Error 1
make[3]: *** [scripts/Makefile.build:303: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/SUPDrvTracer.o] Error 1
make[3]: *** [scripts/Makefile.build:303: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/initterm-r0drv.o] Error 1
cc1: fatal error: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/vboxdrv/include/VBox/SUPDrvMangling.h: No such file or directory
compilation terminated.
cc1: fatal error: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/vboxdrv/include/VBox/SUPDrvMangling.h: No such file or directory
compilation terminated.
cc1: fatal error: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/vboxdrv/include/VBox/SUPDrvMangling.h: No such file or directory
compilation terminated.
cc1: fatal error: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/vboxdrv/include/VBox/SUPDrvMangling.h: No such file or directory
compilation terminated.
cc1: fatal error: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/vboxdrv/include/VBox/SUPDrvMangling.h: No such file or directory
compilation terminated.
make[3]: *** [scripts/Makefile.build:303: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/linux/assert-r0drv-linux.o] Error 1
make[3]: *** [scripts/Makefile.build:303: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/linux/alloc-r0drv-linux.o] Error 1
cc1: fatal error: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/vboxdrv/include/VBox/SUPDrvMangling.h: No such file or directory
make[3]: *** [scripts/Makefile.build:303: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/linux/memobj-r0drv-linux.o] Error 1
compilation terminated.
make[3]: *** [scripts/Makefile.build:303: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/powernotification-r0drv.o] Error 1
make[3]: *** [scripts/Makefile.build:303: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/mpnotification-r0drv.o] Error 1
cc1: fatal error: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/vboxdrv/include/VBox/SUPDrvMangling.h: No such file or directory
compilation terminated.
cc1: fatal error: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/vboxdrv/include/VBox/SUPDrvMangling.h: No such file or directory
compilation terminated.
cc1: fatal error: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/vboxdrv/include/VBox/SUPDrvMangling.h: No such file or directory
compilation terminated.
cc1: fatal error: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/vboxdrv/include/VBox/SUPDrvMangling.h: No such file or directory
compilation terminated.
make[3]: *** [scripts/Makefile.build:303: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/linux/initterm-r0drv-linux.o] Error 1
make[3]: *** [scripts/Makefile.build:303: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/linux/process-r0drv-linux.o] Error 1
make[3]: *** [scripts/Makefile.build:303: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/linux/mp-r0drv-linux.o] Error 1
cc1: fatal error: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/vboxdrv/include/VBox/SUPDrvMangling.h: No such file or directory
compilation terminated.
cc1: fatal error: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/vboxdrv/include/VBox/SUPDrvMangling.h: No such file or directory
compilation terminated.
make[3]: *** [scripts/Makefile.build:303: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/linux/memuserkernel-r0drv-linux.o] Error 1
make[3]: *** [scripts/Makefile.build:303: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/linux/rtStrFormatKernelAddress-r0drv-linux.o] Error 1
make[3]: *** [scripts/Makefile.build:303: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/linux/mpnotification-r0drv-linux.o] Error 1
make[3]: *** [scripts/Makefile.build:303: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/r0drv/linux/semevent-r0drv-linux.o] Error 1
make[2]: *** [Makefile:1520: _module_/tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv] Error 2
make[2]: Leaving directory '/usr/src/linux-4.19.15'
make[1]: *** [/tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/Makefile.include.footer:106: vboxdrv] Error 2
make[1]: Leaving directory '/tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv'
make: *** [Makefile:58: vboxdrv] Error 2

virtualbox-kernel:
Would you like to continue processing the rest of the
queue or would you like to abort?  If this failed
package is a dependency of another package in the queue
then it may not make sense to continue.

(Y)es to continue, (N)o to abort, (R)etry the build?:


ricky_cardo 01-16-2019 06:56 PM

I got those errors when I tried the to tweak this for virtualbox-kernel-6.0.2 ((related SUPDrvMangling.h: No such file or directory)) let me go back and see if I can still build virtualbox-kernel-6.0.0 (I believe it worked for me)
(although it barked about Qt FATAL: FATAL:)

DEPS: I've got all the deps SlackBuilds.org for virtualbox says + JDK and QT5 and QT5web

building virtualbox using:
Code:

JAVA=yes WEBSERVICE=yes ./virtualbox.SlackBuild
installpkg virtualbox-6.0.0-x86_64-3_rah.tgz

- next change to virtualbox-kernel dir
Code:

./virtualbox-kernel-mksrctarball.sh
./virtualbox-kernel.SlackBuild

put the virtualbox-kernel i used here:
http://lehcar.no-ip.org:8080/~rich/v...-kernel.tar.gz

test build running again now...

ricky_cardo 01-16-2019 08:00 PM

you are 100% correct:
fatal error: /tmp/SBo/virtualbox-kernel-6.0.0/vboxdrv/vboxdrv/include/VBox/SUPDrvMangling.h

--I'll see if I can hash it out

--google suggests installing dkms? (not sure about that idea)

ricky_cardo 01-17-2019 06:46 AM

Installing dkms from slackbuilds.org seems to have helped.
- bumped to version 6.0.2. (commented out a couple patches that seem no longer needed)
--I saw a couple patches to build without installing dkms but did not test them yet

here is a set of 3 builds:
http://lehcar.no-ip.org:8080/~rich/v..._builds.tar.gz

there is a downloads_needed.txt file in each folder giving needed downloads from virtualbox.

It seems to work flawlessly for root, but still gives non-root user the Qt5 error.
Code:

Qt FATAL: FATAL: The application binary appears to be running setuid, this is a security hole.
Aborted


Geremia 01-17-2019 11:44 AM

Quote:

Originally Posted by ricky_cardo (Post 5950139)
commented out a couple patches that seem no longer needed

I had to comment out all these few:
Code:

# We don't want an init-script building kernel modules.
# Use virtualbox-kernel.SlackBuild for this.
patch -d src/VBox/Installer/linux -i $CWD/vboxdrv.sh-setup.diff

# Fix wrong path to rdesktop-vrdp-keymaps
#patch -p1 -i $CWD/006-rdesktop-vrdp-keymap-path.patch
patch -p1 -i $CWD/patch/002-dri-driver-path.patch
patch -p1 -i $CWD/patch/005-gsoap-build.patch
#patch -p1 -i $CWD/patch/006-rdesktop-vrdp-keymap-path.patch
#patch -p1 -i $CWD/patch/008-no-vboxvideo.patch
#patch -p1 -i $CWD/patch/009-include-path.patch
#patch -p1 -i $CWD/patch/010-qt-5.11.patch
#patch -p1 -i $CWD/patch/011-python-3-7.patch
#patch -p1 -i $CWD/patch/012-vboxsf-automount.patch

Also, I can confirm I don't get the vboxdrv "No such file or directory" fatal error with 6.0.2.

But with HARDENING=no, I still get the Qt security hole error.

Solution:
Code:

chmod -s /usr/lib64/virtualbox/VirtualBox

ricky_cardo 01-17-2019 06:04 PM

Awesome, I was going the other way did not realize "chmod -s /usr/lib64/virtualbox/VirtualBox" was the fix...
Thank you so much!!!

ricky_cardo 01-17-2019 08:39 PM

Here is a final product for anyone interested:
http://lehcar.no-ip.org:8080/~rich/v..._builds.tar.gz

Disclaimer: I only modified existing work from ponce and Heinz Wiesinger and others, along with suggestions from folks on this forum.

For my build I had slackware64-current (multilib)
The following SlackBuilds from slackbuilds.org
acpica
jdk
dkms

Qt5
qt5-webkit


(used these options on build:)
Code:

HARDENING=yes JAVA=yes WEBSERVICE=yes ./virtualbox.SlackBuild
Check out the readme there for additional information regarding users and groups as well, as I said these are just modified versions really.

Enjoy, and thanks all :)

Geremia 01-18-2019 01:29 PM

When I click the "Show" button for a running box, a fullscreen view of the desktop doesn't pop up. I see the live thumbnail preview, however.
Anyone else experience this with 6.0.2?

ricky_cardo 01-19-2019 11:02 AM

Interesting It seems to behave correctly for me, I wonder if it is the WM. I'm using i3 window manager. (sometimes I use xfce) I'll switch to that and try.
I should correct the file /etc/rc.d/rc.vboxdrv (to remove some of the non-slackware options) (start,stop,restart work fine)

-seems correct in xfce and i3 windows managers. Which one you are you using?

Geremia 01-19-2019 05:25 PM

Quote:

Originally Posted by ricky_cardo (Post 5951045)
Interesting It seems to behave correctly for me, I wonder if it is the WM. I'm using i3 window manager. (sometimes I use xfce) I'll switch to that and try.
I should correct the file /etc/rc.d/rc.vboxdrv (to remove some of the non-slackware options) (start,stop,restart work fine)

-seems correct in xfce and i3 windows managers. Which one you are you using?

I'm using Plasma and tested three Vagrant boxes. Perhaps it's an issue with Plasma?

ricky_cardo 01-21-2019 11:48 AM

cosmetic fixes in virtualbox.info, and corrections in vboxdrv.sh-setup.diff (minor)
http://lehcar.no-ip.org:8080/~rich/v..._builds.tar.gz

Geremia 03-22-2019 06:34 PM

Quote:

Originally Posted by Geremia (Post 5950697)
When I click the "Show" button for a running box, a fullscreen view of the desktop doesn't pop up. I see the live thumbnail preview, however.
Anyone else experience this with 6.0.2?

I don't get this issue anymore with 6.0.4.

Drakeo 03-22-2019 07:59 PM

have not had this issue also with 6.0.4

ricky_cardo 03-23-2019 08:43 AM

me neither, I did see this in dmesg with 6.0.4
Code:

  5.612629] udevd[368]: failed to execute '/usr/share/virtualbox/VBoxCreateUSBNode.sh' '/usr/share/virtualbox/VBoxCreateUSBNode.sh 189 2 e0': No such file or directory
[    5.613509] udevd[369]: failed to execute '/usr/share/virtualbox/VBoxCreateUSBNode.sh' '/usr/share/virtualbox/VBoxCreateUSBNode.sh 189 1 00': No such file or directory
[    5.613719] udevd[370]: failed to execute '/usr/share/virtualbox/VBoxCreateUSBNode.sh' '/usr/share/virtualbox/VBoxCreateUSBNode.sh 189 3 ef': No such file or directory

I have not seen any side effects, but that could be due to my low USB usage in virtualbox... likely a bug here...

here's a 6.04 link
http://lehcar.no-ip.org:8080/~rich/v..._builds.tar.gz

hellocruelworld 07-09-2019 01:59 AM

Quote:

Originally Posted by Geremia (Post 5950236)

Solution:
Code:

chmod -s /usr/lib64/virtualbox/VirtualBox

Thanks!
It's helpful for me too.

For history:
OpenSUSE 42.3,
Kernel 4.15.2-12,
VirtualBox-6.0-6.0.4_128413_openSUSE132-1.x86_64

rogan 07-18-2019 09:15 PM

I didn't have any particular issue with the application itself.
After upgrading the acpica, jdk and dkms slackbuilds it built just fine
and seems to work very well.
However: the 6.04 link points to a package which name ends in "tar.gz".
That usually means it's a _gzip_ _compressed_ archive file.
I could not make with webservices enabled. The compile halted blaming
gsoap; I tried the current SBo version, and after some tweaking the
latest also, no luck sofar...


All times are GMT -5. The time now is 01:12 PM.