#47 "Could not change to UID" caused by changes in 1.4.2

[Christian Ullrich]

Between 1.4 and 1.4.2, the way snmptt changes its uid/gid to the configured daemon_uid and its groups changed:

• $) = $daemon_gid;
• $( = $);
  +
  $> = $daemon_uid;
• $< = $>;

This change breaks snmptt on at least FreeBSD, most likely other platforms. What happens above is that the assignment to $> sets the effective UID, dropping root privileges. The subsequent assignment to $< is supposed to set the real UID, but fails with EPERM because root privileges are required to change the real UID.

While the order of the GID assignments does not matter because the process is running as root at the time, the UID changes must be done in the opposite order:

$< = $daemon_uid;
$> = $<;

When it fails to start, snmptt produces this output in the system log file on pfSense 2.4.5, which is FreeBSD 11.3:

19:57:48 2021/02/19 SNMPTT v1.4.2 started
19:57:48 2021/02/19 Loading /usr/local/etc/snmp/snmptt.conf
19:57:48 2021/02/19 Finished loading ... lines from /usr/local/etc/snmp/snmptt.conf
19:57:49 2021/02/19 Changing to UID: snmptt (895), GID: snmptt (895)
19:57:49 2021/02/19 Could not change to UID: 895, GID: 895
19:57:49 2021/02/19 SNMPTT v1.4.2 shutdown

[Alex Burger]

Thanks for the bug report and fix. This has been added to 1.5beta1.