macOS 12.1 - compiled fails to start

[maverick85]

Hello,

Building from sources on macOS is failing to start. The full output:

% ./configure --prefix=/usr/local
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables... 
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ISO C89... none needed
checking whether gcc understands -c and -o together... yes
checking how to run the C preprocessor... gcc -E
checking for grep that handles long lines and -e... /usr/bin/grep
checking for egrep... /usr/bin/grep -E
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking minix/config.h usability... no
checking minix/config.h presence... no
checking for minix/config.h... no
checking whether it is safe to define __EXTENSIONS__... yes
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a thread-safe mkdir -p... build-aux/install-sh -c -d
checking for gawk... no
checking for mawk... no
checking for nawk... no
checking for awk... awk
checking whether make sets $(MAKE)... yes
checking whether make supports the include directive... yes (GNU style)
checking whether make supports nested variables... yes
checking dependency style of gcc... gcc3
checking whether make supports nested variables... (cached) yes
checking build system type... x86_64-apple-darwin21.2.0
checking host system type... x86_64-apple-darwin21.2.0
checking for gcc... (cached) gcc
checking whether we are using the GNU C compiler... (cached) yes
checking whether gcc accepts -g... (cached) yes
checking for gcc option to accept ISO C89... (cached) none needed
checking whether gcc understands -c and -o together... (cached) yes
checking for pkg-config... no
checking size of unsigned char... 1
checking size of unsigned short... 2
checking size of unsigned int... 4
checking size of unsigned long... 8
checking arpa/nameser_compat.h usability... yes
checking arpa/nameser_compat.h presence... yes
checking for arpa/nameser_compat.h... yes
checking curses.h usability... yes
checking curses.h presence... yes
checking for curses.h... yes
checking cursesX.h usability... no
checking cursesX.h presence... no
checking for cursesX.h... no
checking error.h usability... no
checking error.h presence... no
checking for error.h... no
checking fcntl.h usability... yes
checking fcntl.h presence... yes
checking for fcntl.h... yes
checking linux/icmp.h usability... no
checking linux/icmp.h presence... no
checking for linux/icmp.h... no
checking linux/errqueue.h usability... no
checking linux/errqueue.h presence... no
checking for linux/errqueue.h... no
checking ncurses.h usability... yes
checking ncurses.h presence... yes
checking for ncurses.h... yes
checking ncurses/curses.h usability... no
checking ncurses/curses.h presence... no
checking for ncurses/curses.h... no
checking netinet/in.h usability... yes
checking netinet/in.h presence... yes
checking for netinet/in.h... yes
checking socket.h usability... no
checking socket.h presence... no
checking for socket.h... no
checking sys/cdefs.h usability... yes
checking sys/cdefs.h presence... yes
checking for sys/cdefs.h... yes
checking sys/limits.h usability... no
checking sys/limits.h presence... no
checking for sys/limits.h... no
checking sys/socket.h usability... yes
checking sys/socket.h presence... yes
checking for sys/socket.h... yes
checking stdio_ext.h usability... no
checking stdio_ext.h presence... no
checking for stdio_ext.h... no
checking for sys/types.h... (cached) yes
checking sys/xti.h usability... no
checking sys/xti.h presence... no
checking for sys/xti.h... no
checking values.h usability... no
checking values.h presence... no
checking for values.h... no
checking for __fpending... no
checking for fcntl... yes
checking for error... no
checking for verr... yes
checking for verrx... yes
checking for vwarn... yes
checking for vwarnx... yes
checking for getopt_long... yes
checking for floor in -lm... yes
checking for GTK... no
checking for GTK... no
checking for JANSSON... no
checking for library containing initscr... -lncurses
checking for cap_set_proc in -lcap... no
checking for socket... yes
checking for gethostbyname... yes
checking for res_query... yes
checking for dn_expand in -lresolv... yes
checking whether errno is declared... yes
checking for socklen_t... yes
checking for time_t... yes
checking for C flags to get more warnings... -Wall -Wno-pointer-sign
./configure: line 6709: --exists: command not found
build options:
--------------
libasan :
ipv6    :yes
ipinfo  :yes
ncurses :yes
gtk     :no
jansson :no
cap     :
libs    :-lncurses -lm 
cflags  :-g -O2 -Wall -Wno-pointer-sign
--------------
checking that generated files are newer than configure... done
configure: creating ./config.status
config.status: creating Makefile
config.status: creating config.h
config.status: config.h is unchanged
config.status: executing depfiles commands

mtr-0.94 % make
/Applications/Xcode.app/Contents/Developer/usr/bin/make  all-am
  CC       ui/mtr-mtr.o
  CC       ui/mtr-net.o
  CC       ui/mtr-cmdpipe.o
  CC       ui/mtr-dns.o
  CC       ui/mtr-raw.o
  CC       ui/mtr-split.o
  CC       ui/mtr-display.o
  CC       ui/mtr-report.o
  CC       ui/mtr-select.o
  CC       ui/mtr-utils.o
  CC       packet/mtr-cmdparse.o
  CC       packet/mtr-sockaddr.o
  CC       portability/mtr-error.o
  CC       ui/mtr-asn.o
  CC       ui/mtr-curses.o
  CCLD     mtr
  CC       packet/packet.o
  CC       packet/cmdparse.o
  CC       packet/command.o
  CC       packet/probe.o
  CC       packet/timeval.o
  CC       packet/sockaddr.o
  CC       portability/error.o
  CC       packet/construct_unix.o
  CC       packet/deconstruct_unix.o
  CC       packet/probe_unix.o
  CC       packet/wait_unix.o
  CCLD     mtr-packet

mtr-0.94 % make install
 build-aux/install-sh -c -d '/usr/local/sbin'
  /usr/bin/install -c mtr mtr-packet '/usr/local/sbin'
/Applications/Xcode.app/Contents/Developer/usr/bin/make  install-exec-hook
`setcap cap_net_raw+ep /usr/local/sbin/mtr-packet` \
    || chmod u+s /usr/local/sbin/mtr-packet
/bin/sh: setcap: command not found
 build-aux/install-sh -c -d '/usr/local/share/bash-completion/completions'
 /usr/bin/install -c -m 644 bash-completion/mtr '/usr/local/share/bash-completion/completions'
 build-aux/install-sh -c -d '/usr/local/share/man/man8'
 /usr/bin/install -c -m 644 mtr.8 mtr-packet.8 '/usr/local/share/man/man8'

mtr-0.94 % sudo mtr google.com
Password:
mtr-packet: Failure to open IPv4 sockets
mtr-packet: Failure to open IPv6 sockets
mtr: Failure to start mtr-packet: Invalid argument

I had mtr-0.92 built from the sources working fine. After failing to put 0.94 to work, I used time machine to restore the previous build which is working.

[rewolff]

 `setcap cap_net_raw+ep /usr/local/sbin/mtr-packet` \
 || chmod u+s /usr/local/sbin/mtr-packet

is meant to make mtr-packet setuid-root if the setcap program cannot be found. Your log shows that setcap wasn't found so it should have made the binary "setuid-root".

The runtime errors indicate that this somehow didn't work. Please send the output of "ls -l /usr/local/sbin/mtr-packet"

[maverick85]

Hi @rewolff thank you for your reply.

mtr-0.94 % ls -l /usr/local/sbin/mtr-packet                                 
-rwsr-xr-x  1 maverickws  admin  77192 Dec 20 17:53 /usr/local/sbin/mtr-packet
mtr-0.94 % 

[rewolff]

OK. So it DID become setuid, but has YOUR userid, not that of "root".

Become root ("sudo -s" does that on my system, but not sure about macos). Then chown root.root /usr/local/sbin/mtr-packet

This will change the owner to what we want, but as a security precaution it will probably drop the setuid bit, so we have to set that again: chmod u+s /usr/local/sbin/mtr-packet

Hopefully it'll work after that.

[maverick85]

As I mentioned I restored the previous build using Time Machine simply restored the /usr/local folder. Following on your comment I listed the folder sbin to check for differences. It's owned by the user too, just the permissions are slightly different:

~ % ls -la /usr/local/sbin 
total 7696
drwxr-xr-x   8 maverickws  admin      256 Feb 24  2021 .
drwxr-xr-x  16 root      wheel      512 Dec 20 18:02 ..
-rwxr-xr-x   1 maverickws  admin    81628 Nov 29  2019 mtr
-rwxr-xr-x   1 maverickws  admin    41912 Nov 29  2019 mtr-packet

[maverick85]

@rewolff

I redid the whole thing, then:

chmod u-s /usr/local/mtr-packet

And its fixed, working again. Owned by user/user group and attributes set the same as the previous version.

[rewolff]

Weird. There is certanly something going on that I don't expect.

[maverick85]

I suppose the setuid bit makes the file always be ran with the userid of the file owner ... in this case mine (maverickws:admin). I assume if I changed the ownership to root, that probably would fix it too, but I always use sudo with mtr (well, actually I have an alias for mtr='sudo mtr') so I guess the flag was forcing the executable to be ran with my user instead of root from the sudo.

I figure that changing the ownership to root:admin and adding the setuid flag would also work.

In any case I have done a guide to build mtr from source on the mac, and updated with the method of removing the setuid flag. Hopefully if anyone has the same issue, this thread will help them sort it (one way or the other)! Thank you!

[rewolff]

ohhhh. I thought that it still didn't work after you followed my instructions. That explains everything. The world is consistent again. Thanks for the update.