Bug 7762 - tlstunnel still runs as root on Debian/Ubuntu
Summary: tlstunnel still runs as root on Debian/Ubuntu
Alias: None
Product: ThinLinc
Classification: Unclassified
Component: Misc (show other bugs)
Target Milestone: 4.14.0
Assignee: Pierre Ossman
Keywords: nikle_tester, prosaic
Depends on:
Reported: 2021-09-02 14:51 CEST by Pierre Ossman
Modified: 2021-09-07 16:15 CEST (History)
1 user (show)

See Also:
Acceptance Criteria:


Description Pierre Ossman cendio 2021-09-02 14:51:40 CEST
In bug 5045 we changed tlstunnel to drop root privileges once they were no longer needed. Unfortunately we didn't properly test it as it doesn't work on Debian derived distributions, such as Ubuntu.

The problem is that Debian doesn't have the group "nobody". Instead they have "nogroup". Our code needs to be prepared to deal with both.
Comment 1 Pierre Ossman cendio 2021-09-02 14:53:44 CEST
This is seen in the log if you enable debug logging:

> 2021-09-02 12:48:24 DEBUG tlwebaccess[318576]: [::ffff:] Could not look up 'nobody' group: Success
Comment 4 Pierre Ossman cendio 2021-09-03 11:08:15 CEST
Works well now. Tested on Ubuntu 20.04.
Comment 5 Niko Lehto cendio 2021-09-07 16:15:33 CEST
Tested on Ubuntu 18.04.
I could reproduce the issue on 4.13.0. Works good with build 2263 containing the changes.

Note You need to log in before you can comment on or make changes to this bug.