Mailinglist Archive: opensuse-bugs (14006 mails)
| < Previous | Next > |
[Bug 378648] New: NetworkManager non-functional ...
- From: bugzilla_noreply@xxxxxxxxxx
- Date: Thu, 10 Apr 2008 02:04:22 -0600 (MDT)
- Message-id: <bug-378648-21960@xxxxxxxxxxxxxxxxxxxxxxxxx/>
https://bugzilla.novell.com/show_bug.cgi?id=378648
Summary: NetworkManager non-functional ...
Product: openSUSE 11.0
Version: Factory
Platform: Other
OS/Version: Other
Status: NEW
Severity: Blocker
Priority: P5 - None
Component: Network
AssignedTo: bnc-team-screening@xxxxxxxxxxxxxxxxxxxxxx
ReportedBy: mmeeks@xxxxxxxxxx
QAContact: qa@xxxxxxx
Found By: ---
My NetworkManager was simply not working, wrt. Wireless.
The logs said:
Apr 8 15:24:42 t60p NetworkManager: <info> Deactivating device wlan0.
Apr 8 15:24:42 t60p NetworkManager: <info> (wlan0): exported as
/org/freedesktop/Hal/devices/net_00_13_02_3a_ba_ad
Apr 8 15:24:42 t60p NetworkManager: <info> Trying to start the supplicant...
Apr 8 15:24:42 t60p NetworkManager: <info> Trying to start the system
settings daemon...
Apr 8 15:26:42 t60p NetworkManager: <info> Trying to start the supplicant...
Apr 8 15:26:42 t60p NetworkManager: <info> Trying to start the system
settings daemon...
Apr 8 15:28:42 t60p NetworkManager: <info> Trying to start the supplicant...
Which looked like the cause:
The strace of dbus showed:
7179 1207741931.507213 execve("/lib/dbus-1/dbus-daemon-launch-helper",
["/lib/dbus-1/dbus-daemon-launch-helper", "fi.epitest.hostap.WPASupplicant"],
[/* 25 vars */] <unfinished ...>
7179 1207741931.512115 <... execve resumed> ) = 0
7179 1207741931.512163 brk(0) = 0x8083000
7179 1207741931.512223 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such
file or directory)
7179 1207741931.512288 open("/etc/ld.so.cache", O_RDONLY) = 3
7179 1207741931.512335 fstat64(3, {st_mode=S_IFREG|0644, st_size=129163, ...})
= 0
7179 1207741931.512403 mmap2(NULL, 129163, PROT_READ, MAP_PRIVATE, 3, 0) =
0xb808e000
7179 1207741931.512441 close(3) = 0
7179 1207741931.512489 open("/lib/libexpat.so.1", O_RDONLY) = 3
7179 1207741931.512541 read(3,
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\260\"\0\0004\0\0\0\30R\2\0\0\0\0\0004\0
\0\6\0(\0\34\0\33\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\3004\2\0\3004\2\0\5\0\0\0\0\20\0\0\1\0\0\0\0248\2\0\24H\2\0\24H\2\0@\30\0\0H\30\0\0\6\0\0\0\0\20\0\0\2\0\0\0\340N\2\0\340^\2\0\340^\2\0\320\0\0\0\320\0\0\0\6\0\0\0\4\0\0\0P\345tdt\33\2\0t\33\2\0t\33\2\0004\5\0\0004\5\0\0\4\0\0\0\4\0\0\0Q\345td\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\6\0\0\0\4\0\0\0R\345td\0248\2\0\24H\2\0\24H\2\0\354\27\0\0\354\27\0\0\4\0\0\0\1\0\0\0C\0\0\0a\0\0\0\0\0\0\0:\0\0\0002\0\0\0\n\0\0\0E\0\0\0\30\0\0\0\0\0\0\0*\0\0\0007\0\0\0`\0\0\0N\0\0\0W\0\0\0\31\0\0\0\34\0\0\0D\0\0\0\0\0\0\0\32\0\0\0\0\0\0\0J\0\0\0004\0\0\0009\0\0\0)\0\0\0M\0\0\0\0\0\0\0=\0\0\0\21\0\0\0000\0\0\0\r\0\0\0\0\0\0\0;\0\0\0\0\0\0\0\0\0\0\0^\0\0\0\27\0\0\0F\0\0\0>\0\0\0\v\0\0\0<\0\0\0\22\0\0\0H\0\0\0\\\0\0\0V\0\0\0\37\0\0\0\0\0\0\0O\0\0\0\0\0\0\0$\0\0\0001\0\0\0\33\0\0\0_\0\0\0\0\0\0\0?\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\7\0\0\0Z\0\0\0\"\0\0\0@\0\0\0\0\0\0\0!\0\0\0\10\0\0\0,\0\0\0\t\0\0\0",
512) = 512
7179 1207741931.512864 mmap2(NULL, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb808d000
7179 1207741931.512905 fstat64(3, {st_mode=S_IFREG|0755, st_size=153208, ...})
= 0
7179 1207741931.512972 mmap2(NULL, 155740, PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb8066000
7179 1207741931.513010 fadvise64(3, 0, 155740, POSIX_FADV_WILLNEED) = 0
7179 1207741931.513046 mmap2(0xb808a000, 12288, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x23) = 0xb808a000
7179 1207741931.513100 close(3) = 0
7179 1207741931.513139 open("/lib/libc.so.6", O_RDONLY) = 3
7179 1207741931.513184 read(3,
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000e\1\0004\0\0\0@Z\24\0\0\0\0\0004\0
\0\n\0(\0F\0E\0\6\0\0\0004\0\0\0004\0\0\0004\0\0\0@\1\0\0@\1\0\0\5\0\0\0\4\0\0\0\3\0\0\0\240c\22\0\240c\22\0\240c\22\0\23\0\0\0\23\0\0\0\4\0\0\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\354\246\23\0\354\246\23\0\5\0\0\0\0\20\0\0\1\0\0\0\350\261\23\0\350\261\23\0\350\261\23\0\264\'\0\0hT\0\0\6\0\0\0\0\20\0\0\2\0\0\0|\315\23\0|\315\23\0|\315\23\0\360\0\0\0\360\0\0\0\6\0\0\0\4\0\0\0\4\0\0\0t\1\0\0t\1\0\0t\1\0\0008\0\0\0008\0\0\0\4\0\0\0\4\0\0\0\7\0\0\0\350\261\23\0\350\261\23\0\350\261\23\0\10\0\0\0@\0\0\0\4\0\0\0\4\0\0\0P\345td\264c\22\0\264c\22\0\264c\22\0\\,\0\0\\,\0\0\4\0\0\0\4\0\0\0Q\345td\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\6\0\0\0\4\0\0\0R\345td\350\261\23\0\350\261\23\0\350\261\23\0\30\36\0\0\30\36\0\0\4\0\0\0\1\0\0\0\4\0\0\0\20\0\0\0\1\0\0\0GNU\0\0\0\0\0\2\0\0\0\6\0\0\0\4\0\0\0\5\0\0\0\4\0\0\0SuSESuSE\0\0\0\0\1\0\n\2\363\3\0\0\n\0\0\0\0\2\0\0\16\0\0\0\2400\20D\200
\2\1\214\3\346\220AE\210\0\204\0\10\0A\200\0@\300\200\0\f\2\f\0\0010\0\10@\"\10\246\4\210H6l\240\0260\0&\204\200\216\4\10B$\2\f\246\244\32\6c\310\0\302
\1", 512) = 512
7179 1207741931.513482 fstat64(3, {st_mode=S_IFREG|0755, st_size=1336624,
..}) = 0
7179 1207741931.513550 mmap2(NULL, 1312336, PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7f25000
7179 1207741931.513587 fadvise64(3, 0, 1312336, POSIX_FADV_WILLNEED) = 0
7179 1207741931.513632 mmap2(0xb8060000, 12288, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x13b) = 0xb8060000
7179 1207741931.513680 mmap2(0xb8063000, 9808, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb8063000
7179 1207741931.513723 close(3) = 0
7179 1207741931.513776 mmap2(NULL, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f24000
7179 1207741931.513815 set_thread_area({entry_number:-1 -> 6,
base_addr:0xb7f246c0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0,
limit_in_pages:1, seg_not_present:0, useable:1}) = 0
7179 1207741931.513940 mprotect(0xb8060000, 8192, PROT_READ) = 0
7179 1207741931.513990 mprotect(0xb808a000, 8192, PROT_READ) = 0
7179 1207741931.514036 mprotect(0x8081000, 4096, PROT_READ) = 0
7179 1207741931.514074 mprotect(0xb80c9000, 4096, PROT_READ) = 0
7179 1207741931.514108 munmap(0xb808e000, 129163) = 0
7179 1207741931.514241 brk(0) = 0x8083000
7179 1207741931.514273 brk(0x80a4000) = 0x80a4000
7179 1207741931.514350 open("/etc/dbus-1/system.conf", O_RDONLY) = 3
7179 1207741931.514400 fstat64(3, {st_mode=S_IFREG|0644, st_size=2518, ...}) =
0
7179 1207741931.514484 read(3, "<!-- This configuration file controls the
systemwide message bus.\n Add a system-local.conf and edit that rather than
changing this \n file directly. -->\n\n<!-- Note that there are any number
of ways you can hose yourself\n security-wise by screwing up this file; in
particular, you\n probably don\'t want to listen on any more addresses, add
any more\n auth mechanisms, run as a different user, etc. -->\n\n<!DOCTYPE
busconfig PUBLIC \"-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN\"\n
\"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd\";>\n<busconfig>\n\n
<!-- Our well-known bus type, do not change this -->\n
<type>system</type>\n\n <!-- Run as special user -->\n
<user>messagebus</user>\n\n <!-- Fork into daemon mode -->\n <fork/>\n\n
<!-- We use system service launching using a helper -->\n
<standard_system_servicedirs/>\n\n <!-- This is a setuid helper that is used
to launch system services -->\n
<servicehelper>/lib/dbus-1/dbus-daemon-launch-helper</servicehelper>\n\n <!--
Write a pid file -->\n <pidfile>/var/run/dbus/pid</pidfile>\n\n <!-- Only
allow socket-credentials-based authentication -->\n <auth>EXTERNAL</auth>\n\n
<!-- Only listen on a local socket. (abstract=/path/to/socket \n means
use abstract namespace, don\'t really create filesystem \n file; only
Linux supports this. Use path=/whatever on other \n systems.) -->\n
<listen>unix:path=/var/run/dbus/system_bus_socket</listen>\n\n <policy
context=\"default\">\n <!-- Deny everything then punch holes -->\n <deny
send_interface=\"*\"/>\n <deny receive_interface=\"*\"/>\n <deny
own=\"*\"/>\n <!-- But allow all users to connect -->\n <allow
user=\"*\"/>\n <!-- Allow anyone to talk to the message bus -->\n <!--
FIXME I think currently these allow rules are always implicit \n even
if they aren\'t in here -->\n <allow
send_destination=\"org.freedesktop.DBus\"/>\n <allow
receive_sender=\"org.freedesktop.DBus\"/>\n <!-- valid replies are always
allowed -->\n <allow send_requested_reply=\"true\"/>\n <allow
receive_requested_reply=\"true\"/>\n </policy>\n\n <!-- Config files are
placed here that among other things, punch \n holes in the above policy
for specific services. -->\n <includedir>system.d</includedir>\n\n <!-- This
is included last so local configuration can override what\'s \n in this
standard file -->\n <include
ignore_missing=\"yes\">system-local.conf</include>\n\n <include
if_selinux_enabled=\"yes\"
selinux_root_relative=\"yes\">contexts/dbus_contexts</include>\n\n</busconfig>\n",
2518) = 2518
7179 1207741931.515315 close(3) = 0
7179 1207741931.515499 socket(PF_FILE, SOCK_STREAM, 0) = 3
7179 1207741931.515547 fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
7179 1207741931.515585 connect(3, {sa_family=AF_FILE,
path="/var/run/nscd/socket"}, 110) = 0
7179 1207741931.515675 send(3, "\2\0\0\0\v\0\0\0\7\0\0\0passwd\0", 19,
MSG_NOSIGNAL) = 19
7179 1207741931.515726 poll([{fd=3, events=POLLIN|POLLERR|POLLHUP,
revents=POLLIN}], 1, 5000) = 1
7179 1207741931.515835 recvmsg(3, {msg_name(0)=NULL, msg_iov(2)=[{"passwd\0",
7}, {"\270O\3\0\0\0\0\0", 8}], msg_controllen=16, {cmsg_len=16,
cmsg_level=SOL_SOCKET, cmsg_type=SCM_RIGHTS, {6}}, msg_flags=0x40000000 /*
MSG_??? */}, 0x40000000 /* MSG_??? */) = 15
7179 1207741931.515985 mmap2(NULL, 217016, PROT_READ, MAP_SHARED, 6, 0) =
0xb7eef000
7179 1207741931.516051 close(6) = 0
7179 1207741931.516108 close(3) = 0
7179 1207741931.516182 getuid32() = 100
7179 1207741931.516209 geteuid32() = 100
7179 1207741931.516259 exit_group(7) = ?
ie. not launching anything.
Eventually we chased this down to:
[ /etc/sysconfig/security ]
## Type: string
## Default: "easy local"
#
# SuSE Linux contains two different configurations for
# chkstat. The differences can be found in /etc/permissions.secure
# and /etc/permissions.easy. If you create your own configuration
# (e.g. permissions.foo), you can enter the extension here as well.
#
# (easy/secure local foo whateveryouwant).
#
PERMISSION_SECURITY="secure local"
Apparently "secure" means - "pre-break networking" ;-)
Of course, this makes the system more secure - but, is this the intention ? ;-)
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
Summary: NetworkManager non-functional ...
Product: openSUSE 11.0
Version: Factory
Platform: Other
OS/Version: Other
Status: NEW
Severity: Blocker
Priority: P5 - None
Component: Network
AssignedTo: bnc-team-screening@xxxxxxxxxxxxxxxxxxxxxx
ReportedBy: mmeeks@xxxxxxxxxx
QAContact: qa@xxxxxxx
Found By: ---
My NetworkManager was simply not working, wrt. Wireless.
The logs said:
Apr 8 15:24:42 t60p NetworkManager: <info> Deactivating device wlan0.
Apr 8 15:24:42 t60p NetworkManager: <info> (wlan0): exported as
/org/freedesktop/Hal/devices/net_00_13_02_3a_ba_ad
Apr 8 15:24:42 t60p NetworkManager: <info> Trying to start the supplicant...
Apr 8 15:24:42 t60p NetworkManager: <info> Trying to start the system
settings daemon...
Apr 8 15:26:42 t60p NetworkManager: <info> Trying to start the supplicant...
Apr 8 15:26:42 t60p NetworkManager: <info> Trying to start the system
settings daemon...
Apr 8 15:28:42 t60p NetworkManager: <info> Trying to start the supplicant...
Which looked like the cause:
The strace of dbus showed:
7179 1207741931.507213 execve("/lib/dbus-1/dbus-daemon-launch-helper",
["/lib/dbus-1/dbus-daemon-launch-helper", "fi.epitest.hostap.WPASupplicant"],
[/* 25 vars */] <unfinished ...>
7179 1207741931.512115 <... execve resumed> ) = 0
7179 1207741931.512163 brk(0) = 0x8083000
7179 1207741931.512223 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such
file or directory)
7179 1207741931.512288 open("/etc/ld.so.cache", O_RDONLY) = 3
7179 1207741931.512335 fstat64(3, {st_mode=S_IFREG|0644, st_size=129163, ...})
= 0
7179 1207741931.512403 mmap2(NULL, 129163, PROT_READ, MAP_PRIVATE, 3, 0) =
0xb808e000
7179 1207741931.512441 close(3) = 0
7179 1207741931.512489 open("/lib/libexpat.so.1", O_RDONLY) = 3
7179 1207741931.512541 read(3,
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\260\"\0\0004\0\0\0\30R\2\0\0\0\0\0004\0
\0\6\0(\0\34\0\33\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\3004\2\0\3004\2\0\5\0\0\0\0\20\0\0\1\0\0\0\0248\2\0\24H\2\0\24H\2\0@\30\0\0H\30\0\0\6\0\0\0\0\20\0\0\2\0\0\0\340N\2\0\340^\2\0\340^\2\0\320\0\0\0\320\0\0\0\6\0\0\0\4\0\0\0P\345tdt\33\2\0t\33\2\0t\33\2\0004\5\0\0004\5\0\0\4\0\0\0\4\0\0\0Q\345td\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\6\0\0\0\4\0\0\0R\345td\0248\2\0\24H\2\0\24H\2\0\354\27\0\0\354\27\0\0\4\0\0\0\1\0\0\0C\0\0\0a\0\0\0\0\0\0\0:\0\0\0002\0\0\0\n\0\0\0E\0\0\0\30\0\0\0\0\0\0\0*\0\0\0007\0\0\0`\0\0\0N\0\0\0W\0\0\0\31\0\0\0\34\0\0\0D\0\0\0\0\0\0\0\32\0\0\0\0\0\0\0J\0\0\0004\0\0\0009\0\0\0)\0\0\0M\0\0\0\0\0\0\0=\0\0\0\21\0\0\0000\0\0\0\r\0\0\0\0\0\0\0;\0\0\0\0\0\0\0\0\0\0\0^\0\0\0\27\0\0\0F\0\0\0>\0\0\0\v\0\0\0<\0\0\0\22\0\0\0H\0\0\0\\\0\0\0V\0\0\0\37\0\0\0\0\0\0\0O\0\0\0\0\0\0\0$\0\0\0001\0\0\0\33\0\0\0_\0\0\0\0\0\0\0?\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\7\0\0\0Z\0\0\0\"\0\0\0@\0\0\0\0\0\0\0!\0\0\0\10\0\0\0,\0\0\0\t\0\0\0",
512) = 512
7179 1207741931.512864 mmap2(NULL, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb808d000
7179 1207741931.512905 fstat64(3, {st_mode=S_IFREG|0755, st_size=153208, ...})
= 0
7179 1207741931.512972 mmap2(NULL, 155740, PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb8066000
7179 1207741931.513010 fadvise64(3, 0, 155740, POSIX_FADV_WILLNEED) = 0
7179 1207741931.513046 mmap2(0xb808a000, 12288, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x23) = 0xb808a000
7179 1207741931.513100 close(3) = 0
7179 1207741931.513139 open("/lib/libc.so.6", O_RDONLY) = 3
7179 1207741931.513184 read(3,
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000e\1\0004\0\0\0@Z\24\0\0\0\0\0004\0
\0\n\0(\0F\0E\0\6\0\0\0004\0\0\0004\0\0\0004\0\0\0@\1\0\0@\1\0\0\5\0\0\0\4\0\0\0\3\0\0\0\240c\22\0\240c\22\0\240c\22\0\23\0\0\0\23\0\0\0\4\0\0\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\354\246\23\0\354\246\23\0\5\0\0\0\0\20\0\0\1\0\0\0\350\261\23\0\350\261\23\0\350\261\23\0\264\'\0\0hT\0\0\6\0\0\0\0\20\0\0\2\0\0\0|\315\23\0|\315\23\0|\315\23\0\360\0\0\0\360\0\0\0\6\0\0\0\4\0\0\0\4\0\0\0t\1\0\0t\1\0\0t\1\0\0008\0\0\0008\0\0\0\4\0\0\0\4\0\0\0\7\0\0\0\350\261\23\0\350\261\23\0\350\261\23\0\10\0\0\0@\0\0\0\4\0\0\0\4\0\0\0P\345td\264c\22\0\264c\22\0\264c\22\0\\,\0\0\\,\0\0\4\0\0\0\4\0\0\0Q\345td\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\6\0\0\0\4\0\0\0R\345td\350\261\23\0\350\261\23\0\350\261\23\0\30\36\0\0\30\36\0\0\4\0\0\0\1\0\0\0\4\0\0\0\20\0\0\0\1\0\0\0GNU\0\0\0\0\0\2\0\0\0\6\0\0\0\4\0\0\0\5\0\0\0\4\0\0\0SuSESuSE\0\0\0\0\1\0\n\2\363\3\0\0\n\0\0\0\0\2\0\0\16\0\0\0\2400\20D\200
\2\1\214\3\346\220AE\210\0\204\0\10\0A\200\0@\300\200\0\f\2\f\0\0010\0\10@\"\10\246\4\210H6l\240\0260\0&\204\200\216\4\10B$\2\f\246\244\32\6c\310\0\302
\1", 512) = 512
7179 1207741931.513482 fstat64(3, {st_mode=S_IFREG|0755, st_size=1336624,
..}) = 0
7179 1207741931.513550 mmap2(NULL, 1312336, PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7f25000
7179 1207741931.513587 fadvise64(3, 0, 1312336, POSIX_FADV_WILLNEED) = 0
7179 1207741931.513632 mmap2(0xb8060000, 12288, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x13b) = 0xb8060000
7179 1207741931.513680 mmap2(0xb8063000, 9808, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb8063000
7179 1207741931.513723 close(3) = 0
7179 1207741931.513776 mmap2(NULL, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f24000
7179 1207741931.513815 set_thread_area({entry_number:-1 -> 6,
base_addr:0xb7f246c0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0,
limit_in_pages:1, seg_not_present:0, useable:1}) = 0
7179 1207741931.513940 mprotect(0xb8060000, 8192, PROT_READ) = 0
7179 1207741931.513990 mprotect(0xb808a000, 8192, PROT_READ) = 0
7179 1207741931.514036 mprotect(0x8081000, 4096, PROT_READ) = 0
7179 1207741931.514074 mprotect(0xb80c9000, 4096, PROT_READ) = 0
7179 1207741931.514108 munmap(0xb808e000, 129163) = 0
7179 1207741931.514241 brk(0) = 0x8083000
7179 1207741931.514273 brk(0x80a4000) = 0x80a4000
7179 1207741931.514350 open("/etc/dbus-1/system.conf", O_RDONLY) = 3
7179 1207741931.514400 fstat64(3, {st_mode=S_IFREG|0644, st_size=2518, ...}) =
0
7179 1207741931.514484 read(3, "<!-- This configuration file controls the
systemwide message bus.\n Add a system-local.conf and edit that rather than
changing this \n file directly. -->\n\n<!-- Note that there are any number
of ways you can hose yourself\n security-wise by screwing up this file; in
particular, you\n probably don\'t want to listen on any more addresses, add
any more\n auth mechanisms, run as a different user, etc. -->\n\n<!DOCTYPE
busconfig PUBLIC \"-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN\"\n
\"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd\";>\n<busconfig>\n\n
<!-- Our well-known bus type, do not change this -->\n
<type>system</type>\n\n <!-- Run as special user -->\n
<user>messagebus</user>\n\n <!-- Fork into daemon mode -->\n <fork/>\n\n
<!-- We use system service launching using a helper -->\n
<standard_system_servicedirs/>\n\n <!-- This is a setuid helper that is used
to launch system services -->\n
<servicehelper>/lib/dbus-1/dbus-daemon-launch-helper</servicehelper>\n\n <!--
Write a pid file -->\n <pidfile>/var/run/dbus/pid</pidfile>\n\n <!-- Only
allow socket-credentials-based authentication -->\n <auth>EXTERNAL</auth>\n\n
<!-- Only listen on a local socket. (abstract=/path/to/socket \n means
use abstract namespace, don\'t really create filesystem \n file; only
Linux supports this. Use path=/whatever on other \n systems.) -->\n
<listen>unix:path=/var/run/dbus/system_bus_socket</listen>\n\n <policy
context=\"default\">\n <!-- Deny everything then punch holes -->\n <deny
send_interface=\"*\"/>\n <deny receive_interface=\"*\"/>\n <deny
own=\"*\"/>\n <!-- But allow all users to connect -->\n <allow
user=\"*\"/>\n <!-- Allow anyone to talk to the message bus -->\n <!--
FIXME I think currently these allow rules are always implicit \n even
if they aren\'t in here -->\n <allow
send_destination=\"org.freedesktop.DBus\"/>\n <allow
receive_sender=\"org.freedesktop.DBus\"/>\n <!-- valid replies are always
allowed -->\n <allow send_requested_reply=\"true\"/>\n <allow
receive_requested_reply=\"true\"/>\n </policy>\n\n <!-- Config files are
placed here that among other things, punch \n holes in the above policy
for specific services. -->\n <includedir>system.d</includedir>\n\n <!-- This
is included last so local configuration can override what\'s \n in this
standard file -->\n <include
ignore_missing=\"yes\">system-local.conf</include>\n\n <include
if_selinux_enabled=\"yes\"
selinux_root_relative=\"yes\">contexts/dbus_contexts</include>\n\n</busconfig>\n",
2518) = 2518
7179 1207741931.515315 close(3) = 0
7179 1207741931.515499 socket(PF_FILE, SOCK_STREAM, 0) = 3
7179 1207741931.515547 fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
7179 1207741931.515585 connect(3, {sa_family=AF_FILE,
path="/var/run/nscd/socket"}, 110) = 0
7179 1207741931.515675 send(3, "\2\0\0\0\v\0\0\0\7\0\0\0passwd\0", 19,
MSG_NOSIGNAL) = 19
7179 1207741931.515726 poll([{fd=3, events=POLLIN|POLLERR|POLLHUP,
revents=POLLIN}], 1, 5000) = 1
7179 1207741931.515835 recvmsg(3, {msg_name(0)=NULL, msg_iov(2)=[{"passwd\0",
7}, {"\270O\3\0\0\0\0\0", 8}], msg_controllen=16, {cmsg_len=16,
cmsg_level=SOL_SOCKET, cmsg_type=SCM_RIGHTS, {6}}, msg_flags=0x40000000 /*
MSG_??? */}, 0x40000000 /* MSG_??? */) = 15
7179 1207741931.515985 mmap2(NULL, 217016, PROT_READ, MAP_SHARED, 6, 0) =
0xb7eef000
7179 1207741931.516051 close(6) = 0
7179 1207741931.516108 close(3) = 0
7179 1207741931.516182 getuid32() = 100
7179 1207741931.516209 geteuid32() = 100
7179 1207741931.516259 exit_group(7) = ?
ie. not launching anything.
Eventually we chased this down to:
[ /etc/sysconfig/security ]
## Type: string
## Default: "easy local"
#
# SuSE Linux contains two different configurations for
# chkstat. The differences can be found in /etc/permissions.secure
# and /etc/permissions.easy. If you create your own configuration
# (e.g. permissions.foo), you can enter the extension here as well.
#
# (easy/secure local foo whateveryouwant).
#
PERMISSION_SECURITY="secure local"
Apparently "secure" means - "pre-break networking" ;-)
Of course, this makes the system more secure - but, is this the intention ? ;-)
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
| < Previous | Next > |