starting at-daemon using 2.4.18-1.9.4:
--8<--
Mar 18 18:23:47 prometheus atd[30853]: Can't link execution file: Permission denied
--8<--
grsecurity issue? ideas? TIA.
atd
12 posts
• Page 1 of 1
by wschlich » Tue Mar 19, 2002 11:05 am
well, it works with grsecurity disabled, so.. :-)
http://wolfram.schlich.org/tmp/atd.strace
I've no idea why it exits... :-/
http://wolfram.schlich.org/tmp/atd.strace
I've no idea why it exits... :-/
- wschlich
- Posts: 17
- Joined: Sun Mar 03, 2002 8:25 pm
by wschlich » Tue Mar 19, 2002 11:22 am
permissions of /usr/bin/at is now 4750, with user at being member of the corresponding group "trusted" (just added it to this one), perm of /usr/bin is 744, now it says:
--8<--
[...]
munmap(0x45ed7000, 4096) = 0
geteuid32() = 0
write(2, "Garbled time\n", 13Garbled time
) = 13
_exit(1)
--8<--
any ideas?
--8<--
[...]
munmap(0x45ed7000, 4096) = 0
geteuid32() = 0
write(2, "Garbled time\n", 13Garbled time
) = 13
_exit(1)
--8<--
any ideas?
- wschlich
- Posts: 17
- Joined: Sun Mar 03, 2002 8:25 pm
by wschlich » Thu Mar 28, 2002 5:39 pm
argh.... this caused the problems:
[root@prometheus:do-conf]$ ls -la /var/spool/atjobs
/var/spool/atjobs:
total 17k
drwx------ 2 at at 144 Mar 19 16:07 .
drwxr-xr-x 18 root root 395 Mar 28 09:24 ..
-rw------- 1 at at 6 Mar 18 18:28 .SEQ
-rw------- 1 at at 186 Mar 19 16:14 .bash_history
-rwx------ 1 root root 2.5k Mar 18 18:23 a0000601028093
-rwx------ 1 root root 1.9k Mar 18 18:28 a0000701028098
[root@prometheus:do-conf]$
the last two files had to be removed in order to make atd run again...
you were right again :-)
[root@prometheus:do-conf]$ ls -la /var/spool/atjobs
/var/spool/atjobs:
total 17k
drwx------ 2 at at 144 Mar 19 16:07 .
drwxr-xr-x 18 root root 395 Mar 28 09:24 ..
-rw------- 1 at at 6 Mar 18 18:28 .SEQ
-rw------- 1 at at 186 Mar 19 16:14 .bash_history
-rwx------ 1 root root 2.5k Mar 18 18:23 a0000601028093
-rwx------ 1 root root 1.9k Mar 18 18:28 a0000701028098
[root@prometheus:do-conf]$
the last two files had to be removed in order to make atd run again...
you were right again :-)
- wschlich
- Posts: 17
- Joined: Sun Mar 03, 2002 8:25 pm
by dss » Sun Jul 21, 2002 11:09 am
IMHO it *is* related to grsecurity patch. I can't run atd on any of my patched systems.
But I have no problems to run atd on unpatched ones. atd starts up on system boot,
I can add a task by using at. When execution time comes atd crashes with "Can't link execution file: Permission denied" in syslog.
As execution file is meant /var/spool/at/aXXXXX... file with the job - according to strace.
The file (created by at) has 700 permissions and is owned by job owner and his group.
I have tested it on 3 patched and 3 unpatched systems, all are Mandrake 8.2
Anyone have a solution?
But I have no problems to run atd on unpatched ones. atd starts up on system boot,
I can add a task by using at. When execution time comes atd crashes with "Can't link execution file: Permission denied" in syslog.
As execution file is meant /var/spool/at/aXXXXX... file with the job - according to strace.
The file (created by at) has 700 permissions and is owned by job owner and his group.
I have tested it on 3 patched and 3 unpatched systems, all are Mandrake 8.2
Anyone have a solution?
- dss
- Posts: 2
- Joined: Sun Jul 21, 2002 10:50 am
12 posts
• Page 1 of 1