Re: can't run as root with netbsd-5

To: Jasper Wallace <jasper%pointless.net@localhost>
Subject: Re: can't run as root with netbsd-5
From: Eric Haszlakiewicz <erh%nimenees.com@localhost>
Date: Wed, 4 Mar 2009 21:14:05 -0600

On Wed, Mar 04, 2009 at 10:30:03PM +0000, Jasper Wallace wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Tue, 3 Mar 2009, Eric Haszlakiewicz wrote:
> 
> > I just tried upgrading one of my machines to netbsd-5.  The process seemed 
> > to
> > go ok on a test machine, and when I tried it on another machine it started
> > out ok, but now I can't run things as root.  Specifically:
> >   I copied a netbsd 5 RC2 generic kernel and rebooted. (previously running
> >      netbsd 4)
> >   After rebooting, I was able to login and run stuff as root just fine.
> >   I was going to let it run for a bit and then upgrade userland, but
> >    now when I attempted to su to root to do so I get errors like:
> > 
> > su: /bin/ksh: Resource temporarily unavailable
> > 
> >   I can use sudo to switch to other users, and running most things seems
> > to be fine, but actually executing stuff as root from a setuid process
> > fails.  Things that are already running, like apache, seem to be ok, and
> > the root owned apache process can fire up additional www owned processes.
> 
> I've seen this as well, I got it from upgradeing from
> something->netbsd-5-RC1->netbsd-5-RC2.
> 
> I suspected something to do with login.conf or other per user
> limits stuff. When it wasn't working i had > 80 root owned processes, but
> that wasn't near the 16/128 etc proc limits. It did allow root logins again
> after many root processes had been killed off but i can't remember exact

hmm... well, the problem happened again.  This time around, I left a
root shell logged in, and running things from *that* works fine.
However, doing something like:
  su - erh -c su -
fails when the second su tried to exec the shell:
  8886      1 su       CALL  readlink(0xbbbd4ccb,0xbfbfd467,0x3fb)
  8886      1 su       NAMI  "/tmp"
  8886      1 su       RET   readlink -1 errno 22 Invalid argument
  8886      1 su       CALL  setuid(0)
  8886      1 su       RET   setuid 0
  8886      1 su       CALL  execve(0xbfbfe234,0xbfbfe7a4,0xbfbfe7b0)
  8886      1 su       RET   execve -1 errno 35 Resource temporarily unavailable

That readlink failure looks a bit odd.  Even more odd is that it it 
attempting to exec the shell for erh (tcsh) rather than for root.
(it says: "su: /usr/pkg/bin/tcsh: Resource temporarily unavailable", am
I interpreting error that incorrectly?)

I notice that there are a lot of root "processes" (actually, linux
emulated java threads) running: 179 at last count.

Sure enough, if I kill those I can login/su to root normally.  So it's
definitely some problem with process limits.  The soft/hard limits appear
to be 160/1044.  Are those supposed to apply to root owned processes?

eric

Follow-Ups:
- Re: can't run as root with netbsd-5
  - From: dieter roelants
- Re: can't run as root with netbsd-5
  - From: David Laight

References:
- can't run as root with netbsd-5
  - From: Eric Haszlakiewicz
- Re: can't run as root with netbsd-5
  - From: Jasper Wallace

Prev by Date: daily NetBSD-5 branch CVS update output
Next by Date: Re: Disabling ACPI also implicitly disables SMP support for Intel Atom chips?
Previous by Thread: Re: can't run as root with netbsd-5
Next by Thread: Re: can't run as root with netbsd-5
Indexes:

Home | Main Index | Thread Index | Old Index