[pmg-devel] [PATCH pmg-api v2] Fix setresuid to 'postgres' error handling

Stoiko Ivanov s.ivanov at proxmox.com
Tue Apr 16 16:28:29 CEST 2019 

PMG::DBTools::postgres_admin_cmd switches the euid to postgres. The error
handling expected that the setresuid (2) call failed if $! was != 0, without
explicitly setting it to 0 beforehand. This lead to a false positive if errno
was set from a previous library call.

This patch changes the code to explicitly call the setresuid syscall (exposed
via a separate patch to pve-common) and checks for an error (return code !=0).

Steps to reproduce:
* install nscd on a system
* try installing pmg-api (the postinst script invokes `pmgdb init`)

The issue was further discussed in [0].

[0] https://pve.proxmox.com/pipermail/pmg-devel/2019-April/000362.html

Reported-By: Patrick Fogarty <patrick.fogarty at patanne.com>
Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
---
NOTE: this patch requires a bump to the versioned dependency on
libpve-common-perl (to a version containing PVE::Syscall::setresuid)!

Changes v1 -> v2:
* basically incorporated Thomas' feedback - Thanks!
* changed from a local override of $> (EUID) to 2 explicit calls of setresuid.

 PMG/DBTools.pm | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/PMG/DBTools.pm b/PMG/DBTools.pm
index 24a692a..24eb25e 100644
--- a/PMG/DBTools.pm
+++ b/PMG/DBTools.pm
@@ -4,12 +4,13 @@ use strict;
 use warnings;
 
 use POSIX ":sys_wait_h";
-use POSIX ':signal_h';
+use POSIX qw(:signal_h getuid);
 use DBI;
 use Time::Local;
 
 use PVE::SafeSyslog;
 use PVE::Tools;
+use PVE::Syscall;
 
 use PMG::Utils;
 use PMG::RuleDB;
@@ -80,12 +81,17 @@ sub postgres_admin_cmd {
     my ($cmd, $options, @params) = @_;
 
     $cmd = ref($cmd) ? $cmd : [ $cmd ];
-    my $uid = getpwnam('postgres') || die "getpwnam postgres failed\n";
 
-    local $> = $uid;
-    $! &&  die "setuid postgres ($uid) failed - $!\n";
+    my $cur_uid = POSIX::getuid();
+    my $pg_uid = getpwnam('postgres') || die "getpwnam postgres failed\n";
+
+    syscall(PVE::Syscall::setresuid, -1, $pg_uid, -1) &&
+	die "setresuid postgres ($pg_uid) failed - $!\n";
 
     PVE::Tools::run_command([@$cmd, '-U', 'postgres', @params], %$options);
+
+    syscall(PVE::Syscall::setresuid, -1, $cur_uid, -1) &&
+	die "setresuid back failed - $!\n";
 }
 
 sub delete_ruledb {
-- 
2.11.0

More information about the pmg-devel mailing list