Bug 171134 - news/inn 2.5 innd/nnrpd semget failures
Summary: news/inn 2.5 innd/nnrpd semget failures
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Dima Panov
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-08-28 08:20 UTC by G. Paul Ziemba
Modified: 2012-09-02 15:00 UTC (History)
0 users

See Also:


Attachments
file.diff (1.56 KB, patch)
2012-08-28 08:20 UTC, G. Paul Ziemba
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description G. Paul Ziemba 2012-08-28 08:20:01 UTC
Upgraded from inn-2.4.6 to inn-2.5.2 today. Built with options:

% make showconfig
===> The following configuration options are available for inn-2.5.2_1:
     BERKELEYDB=on: Enable BerkeleyDB (for ovdb overview method)
     GNUPG=off: GnuPG support (for pgpverify control message)
     KERBEROS=off: Enable Kerberos v5 (for auth_krb5)
     KEYWORDS=on: Automatic keyword generation support
     LARGE_FILES=off: Support for files larger than 2GB
     OPENSSL=off: Enable OpenSSL (for NNTP over TLS/SSL support)
     PYTHON=off: Embedded Python module support
     SASL=off: Enable SASL (for imapfeed authentication)
     TAGGED_HASH=on: Use tagged hash table for history

nnrpd fails upon connect with the following messages in /var/log/news/news.debug:

Aug 27 20:14:00 hairball nnrpd[18237]: cant get semaphore using /var/news/spool/overview/OV1: Permission denied
Aug 27 20:14:00 hairball nnrpd[18237]: failed to create semaphore for /var/news/spool/overview/OV1
Aug 27 20:14:00 hairball nnrpd[18237]: buffindexed: ovinitdisks: cant create shmem for /var/news/spool/overview/OV1 len 16384: Permission denied
Aug 27 20:14:00 hairball nnrpd[18237]: can't open overview Permission denied

Fix: The problem seems to be that unsupported permission bits are being given to semget(2) as in the following snippet (there are several such instances):

storage/buffindexed/shmem.c:

    id = semget(kt, 2, IPC_CREAT|S_IRWXU|S_IRWXG|S_IRWXO);

The semget(2) man page does not indicate that the usual file mode bits may be used. Instead, it allows:

     SEM_R         Read access for user.

     SEM_A         Alter access for user.

     (SEM_R>>3)    Read access for group.

     (SEM_A>>3)    Alter access for group.

     (SEM_R>>6)    Read access for other.

     (SEM_A>>6)    Alter access for other.

The allowed bits correspond to read and write bits of the file mode constants. The execute bit is not among the defined bits for semget.

The fix: do not set any permission bits except for the six allowed  bits.

Note that the documentation for linux semget differs, and seems to allow but ignore the execute bits.

Patch follows.

Patch attached with submission follows:
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2012-08-31 09:07:39 UTC
Responsible Changed
From-To: freebsd-ports-bugs->fluffy

Over to maintainer (via the GNATS Auto Assign Tool)
Comment 2 dfilter service freebsd_committer freebsd_triage 2012-09-02 14:53:27 UTC
Author: fluffy
Date: Sun Sep  2 13:53:16 2012
New Revision: 303548
URL: http://svn.freebsd.org/changeset/ports/303548

Log:
  - Fix innd/nnrpd semget failures
  
  Do not set any shmem permission bits except for the six allowed bits
  
  PR:		171134
  Submitted by:	G. Paul Ziemba

Added:
  head/news/inn/files/patch-storage_buffindexed_shmem.c   (contents, props changed)
Modified:
  head/news/inn/Makefile   (contents, props changed)

Modified: head/news/inn/Makefile
==============================================================================
--- head/news/inn/Makefile	Sun Sep  2 13:08:58 2012	(r303547)
+++ head/news/inn/Makefile	Sun Sep  2 13:53:16 2012	(r303548)
@@ -7,7 +7,7 @@
 
 PORTNAME?=	inn
 PORTVERSION?=	2.5.2
-PORTREVISION?=	2
+PORTREVISION?=	3
 CATEGORIES=	news ipv6
 # Master distribution broken
 #MASTER_SITES?=	${MASTER_SITE_ISC}

Added: head/news/inn/files/patch-storage_buffindexed_shmem.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/news/inn/files/patch-storage_buffindexed_shmem.c	Sun Sep  2 13:53:16 2012	(r303548)
@@ -0,0 +1,73 @@
+The problem seems to be that unsupported permission bits are being given to semget(2) as in the following snippet (there are several such instances):
+
+storage/buffindexed/shmem.c:
+
+    id = semget(kt, 2, IPC_CREAT|S_IRWXU|S_IRWXG|S_IRWXO);
+
+The semget(2) man page does not indicate that the usual file mode bits may be used. Instead, it allows:
+
+     SEM_R         Read access for user.
+
+     SEM_A         Alter access for user.
+
+     (SEM_R>>3)    Read access for group.
+
+     (SEM_A>>3)    Alter access for group.
+
+     (SEM_R>>6)    Read access for other.
+
+     (SEM_A>>6)    Alter access for other.
+
+The allowed bits correspond to read and write bits of the file mode constants. The execute bit is not among the defined bits for semget.
+
+The fix: do not set any permission bits except for the six allowed  bits.
+
+Note that the documentation for linux semget differs, and seems to allow but ignore the execute bits.
+
++
+--- storage/buffindexed/shmem.c.orig	2012-08-27 23:39:42.000000000 -0700
++++ storage/buffindexed/shmem.c	2012-08-27 23:37:50.000000000 -0700
+@@ -26,7 +26,9 @@
+ static int smcGetSemaphore(const char *name)
+ {
+     key_t kt = ftok( (char *)name, 0 );
+-    int   id = semget(kt, 0, S_IRWXU|S_IRWXG|S_IRWXO);
++    int   perm = SEM_R | SEM_A | (SEM_R>>3) | (SEM_A>>3) |
++	    (SEM_R>>6) | (SEM_A>>6);
++    int   id = semget(kt, 0, perm);
+ 
+     if (id < 0) {
+         syswarn("semget failed to get semaphore for %s", name);
+@@ -37,15 +39,17 @@
+ static int smcCreateSemaphore(const char *name)
+ {
+     key_t kt = ftok( (char *)name, 0 );
+-    int   id = semget(kt, 2, IPC_CREAT|S_IRWXU|S_IRWXG|S_IRWXO);
++    int   perm = SEM_R | SEM_A | (SEM_R>>3) | (SEM_A>>3) |
++	    (SEM_R>>6) | (SEM_A>>6);
++    int   id = semget(kt, 2, IPC_CREAT|perm);
+ 
+     if (id < 0) {
+         if (errno == EACCES || errno == EINVAL) {
+             /* looks like a wrong semaphore exists. remove it. */
+-            id = semget(kt, 0, S_IRWXU|S_IRWXG|S_IRWXO);
++            id = semget(kt, 0, perm);
+             if (id < 0) {
+                 /* couldn't even retrieve it. */
+-                syswarn("cant get semaphore using %s", name);
++                syswarn("cant get semaphore using %s (key=%d)", name, kt);
+                 return id;
+             }
+             /* try to remove it */
+@@ -65,7 +69,7 @@
+             }
+ #endif
+             /* and retry creating it */
+-            id = semget(kt, 2, IPC_CREAT|S_IRWXU|S_IRWXG|S_IRWXO);
++            id = semget(kt, 2, IPC_CREAT|perm);
+         }
+     }
+     if (id < 0)
+
+
_______________________________________________
svn-ports-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-ports-all
To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"
Comment 3 Dima Panov freebsd_committer freebsd_triage 2012-09-02 14:53:39 UTC
State Changed
From-To: open->closed

Committed. Thanks!