Subject: bin/13665: savecore(8) doesn't work with non-root owned kernels
To: None <>
From: None <>
List: netbsd-bugs
Date: 08/09/2001 16:13:05
>Number:         13665
>Category:       bin
>Synopsis:       savecore(8) doesn't work with non-root owned kernels
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Aug 08 23:10:00 PDT 2001
>Originator:     Simon Burge
>Release:        NetBSD-current after June 13, 2001.
Wasabi Systems
System: NetBSD euclid 1.5X NetBSD 1.5X (EUCLID_SWAPFS) #1:
Thu Aug 9 15:27:05 EST 2001
simonb@euclid:/usr/obj/usr/src/sys/arch/i386/compile/EUCLID_SWAPFS i386
Architecture: i386
Machine: i386
	Savecore(8) now calls getbootfile(3) to get the booted kernel name
	via sysctl(3) if available, which is a Good Thing.  However,
	getbootfile(3) calls secure_path(3) to check the "secureness" of
	the file, which means that kernels that aren't called "/netbsd"
	must be owned by root for savecore(8) to work, with no way
	of overriding this unless you include the kernel name on the
	savecore command line.

	Boot from a kernel not called "netbsd" and not owned by root.

	euclid:~ 4> sysctl machdep.booted_kernel
	machdep.booted_kernel = net
	euclid:~ 5> priv /etc/rc.d/savecore start
	Checking for core dump...
	savecore: /net: not owned by root
	savecore: can't find device 2479/787228

	None given.  A flag to say "use what the machdep.booted_kernel
	sysctl returns even if it isn't secure" would be nice, but there's
	a couple of layers of library calls between savecore(8) and
	secure_path(3) with no options to pass any flags.

	A work-around is to have something like:
		savecore_flags="-z -N `sysctl -n machdep.booted_kernel`"
	in /etc/rc.conf.