Open Harald-U opened 3 years ago
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
This bug is a bit mysterious, I'd expect suid root binary to be able to able to write to a 644 root.root file. Any idea if linux Mint is doing anything specific in that regard?
I don't think so, it should be pretty much the same as Ubuntu 20.04 on which it is based
I just tested this on a stock 20.04 install with crc 1.26. After crc setup
:
$ ls -al /etc/hosts
-rw-r--r-- 1 root root 253 mai 17 16:41 /etc/hosts
$ ls -al ~/.crc/bin/admin-helper-linux
-r-s--x--- 1 root teuf 3295016 mai 17 16:39 /home/teuf/.crc/bin/admin-helper-linux
$ ~/.crc/bin/admin-helper-linux add 192.168.130.11 foo.crc.testing
$ cat /etc/hosts | grep foo.crc.testing
192.168.130.11 foo.crc.testing
(in other words, this worked as expected on this system)
I have no clue what could be different and I can't think of any changes they made to Mint that would explain what happens. Why would they change SUID behaviour?
Thanks for taking the time to test this, Christophe! I guess I'll get used to changing permissions on the hosts file :-)
Unless you have another idea please go ahead and close this issue. And thanks again for your help!
FYI I'm running Ubuntu with an encrypted home directory and it has the nosuid
mount option set -- triggering this problem
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
FYI: I have nosuid
set for the /home filesystem, too. I am using an encrypted /home:
/home/.ecryptfs/harald/.Private on /home/harald type ecryptfs (rw,nosuid,nodev,relatime,...)
Since we need sudo to make admin-helper suid, we could detect such situation and fallback to /usr/local/libexec/crc/crc-admin-helper
or such to install it, which hopefully won't block suid.
workaround : https://github.com/crc-org/crc/issues/3915#issuecomment-1820934635 +1 for suggestion of @cfergeau to move the file outside home to /usr/local
General information
crc setup
before starting it (Yes/No)? YesCRC version
CRC status
CRC config
Host Operating System
Steps to reproduce
Expected
CRC should start but doesn't
Actual
crc start
terminates with INFO CodeReady Containers VM is runningINFO Starting network time synchronization in CodeReady Containers VM Error running post start: exit status 1
Logs
IMHO relevant part of the log is:
Trying to run the command manually:
admin-helper-linux has SUID flag set:
If I modify permissions of /etc/hosts from 644 to 666 it works ...