|
From: Curran, J. \(GE Healthcare\) <Jos...@ge...> - 2005-05-22 18:16:29
|
I have a program that has SUID and SGID root :: -rwsrwsr-x 1 root root =
4320143 May 20 16:43 bin/myBinary
When I try to run it with valgrind I get this error:
valgrind: do_exec(bin/myBinary) failed: Permission denied
strace valgrind bin/myBinary=20
---------------------------------------------
execve("/usr/local/bin/valgrind", ["valgrind", "bin/ImChain.lnx"], [/* =
20 vars */]) =3D 0
uname({sys=3D"Linux", node=3D"magic", ...}) =3D 0
brk(0) =3D 0x80c9000
brk(0x80ea000) =3D 0x80ea000
getrlimit(RLIMIT_AS, {rlim_cur=3DRLIM_INFINITY, =
rlim_max=3DRLIM_INFINITY}) =3D 0
setrlimit(RLIMIT_AS, {rlim_cur=3DRLIM_INFINITY, =
rlim_max=3DRLIM_INFINITY}) =3D 0
open("/usr/local/lib/valgrind/stage2", O_RDONLY|O_LARGEFILE) =3D 3
fstat64(3, {st_mode=3DS_IFREG|0755, st_size=3D2399710, ...}) =3D 0
geteuid32() =3D 500
getegid32() =3D 500
open("/proc/sys/kernel/ngroups_max", O_RDONLY) =3D 4
read(4, "65536\n", 31) =3D 6
close(4) =3D 0
getgroups32(32, [500]) =3D 1
pread(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0@|\1\000"..., =
4096, 0) =3D 4096
pread(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0@|\1\000"..., =
52, 0) =3D 52
pread(3, "\6\0\0\0004\0\0\0004\0\0\0004\0\0\0\0\1\0\0\0\1\0\0\5\0"..., =
256, 52) =3D 256
pread(3, "/lib/ld-linux.so.2\0", 19, 308) =3D 19
open("/lib/ld-linux.so.2", O_RDONLY|O_LARGEFILE) =3D 4
pread(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300\347"..., =
52, 0) =3D 52
pread(4, "\1\0\0\0\0\0\0\0\0\340\303H\0\340\303HpA\1\0pA\1\0\5\0"..., =
192, 52) =3D 192
mmap2(0xb0000000, 663552, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, =
0) =3D 0xb0000000
mmap2(0xb00a2000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, =
0xa2) =3D 0xb00a2000
mmap2(0xb00a4000, 1368064, PROT_READ|PROT_WRITE, =
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) =3D 0xb00a4000
mmap2(0xb1000000, 91340, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, =
-1, 0) =3D 0xb1000000
mmap2(0xb1000000, 86016, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 4, =
0) =3D 0xb1000000
mmap2(0xb1015000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 4, =
0x14) =3D 0xb1015000
close(4) =3D 0
close(3) =3D 0
getpid() =3D 12690
open("/tmp/.pad.12690.1", O_RDWR|O_CREAT|O_EXCL|O_LARGEFILE, 0) =3D 3
unlink("/tmp/.pad.12690.1") =3D 0
open("/proc/self/maps", O_RDONLY|O_LARGEFILE) =3D 4
read(4, "08048000-080a4000 r-xp 00000000 "..., 10240) =3D 602
close(4) =3D 0
mmap2(NULL, 134512640, PROT_NONE, MAP_PRIVATE|MAP_FIXED, 3, 0) =3D 0
mmap2(0x80ea000, 2817613824, PROT_NONE, MAP_PRIVATE|MAP_FIXED, 3, 0) =3D =
0x80ea000
mmap2(0xb01f2000, 14737408, PROT_NONE, MAP_PRIVATE|MAP_FIXED, 3, 0) =3D =
0xb01f2000
open("/proc/self/exe", O_RDONLY|O_LARGEFILE) =3D 4
uname({sys=3D"Linux", node=3D"magic", ...}) =3D 0
brk(0) =3D 0x80ea000
open("/etc/ld.so.preload", O_RDONLY) =3D -1 ENOENT (No such file or =
directory)
open("/etc/ld.so.cache", O_RDONLY) =3D 5
fstat64(5, {st_mode=3DS_IFREG|0644, st_size=3D83667, ...}) =3D 0
old_mmap(NULL, 83667, PROT_READ, MAP_PRIVATE, 5, 0) =3D 0xb1017000
close(5) =3D 0
open("/lib/libdl.so.2", O_RDONLY) =3D 5
read(5, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300\270"..., =
512) =3D 512
fstat64(5, {st_mode=3DS_IFREG|0755, st_size=3D16708, ...}) =3D 0
old_mmap(NULL, 12412, PROT_READ|PROT_EXEC, MAP_PRIVATE, 5, 0) =3D =
0xb102c000
old_mmap(0xb102e000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, =
5, 0x1000) =3D 0xb102e000
close(5) =3D 0
open("/lib/tls/libc.so.6", O_RDONLY) =3D 5
read(5, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300\273"..., =
512) =3D 512
fstat64(5, {st_mode=3DS_IFREG|0755, st_size=3D1459344, ...}) =3D 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, =
-1, 0) =3D 0xb1030000
old_mmap(NULL, 1162188, PROT_READ|PROT_EXEC, MAP_PRIVATE, 5, 0) =3D =
0xb1031000
old_mmap(0xb1147000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, =
5, 0x116000) =3D 0xb1147000
old_mmap(0xb114b000, 7116, PROT_READ|PROT_WRITE, =
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) =3D 0xb114b000
close(5) =3D 0
mprotect(0xb1147000, 4096, PROT_READ) =3D 0
mprotect(0xb102e000, 4096, PROT_READ) =3D 0
mprotect(0xb0000000, 663552, PROT_READ|PROT_WRITE) =3D 0
mprotect(0xb0000000, 663552, PROT_READ|PROT_EXEC) =3D 0
mprotect(0xb1015000, 4096, PROT_READ) =3D 0
set_thread_area({entry_number:-1 -> 6, base_addr:0xb1030880, =
limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, =
limit_in_pages:1, seg_not_present:0, useable:1}) =3D 0
munmap(0xb1017000, 83667) =3D 0
getrlimit(RLIMIT_DATA, {rlim_cur=3DRLIM_INFINITY, =
rlim_max=3DRLIM_INFINITY}) =3D 0
setrlimit(RLIMIT_DATA, {rlim_cur=3D0, rlim_max=3DRLIM_INFINITY}) =3D 0
getrlimit(RLIMIT_STACK, {rlim_cur=3D8192*1024, =
rlim_max=3DRLIM_INFINITY}) =3D 0
open("/magichome/xruser/.valgrindrc", O_RDONLY) =3D -1 ENOENT (No such =
file or directory)
open("./.valgrindrc", O_RDONLY) =3D -1 ENOENT (No such file or =
directory)
brk(0) =3D 0x80ea000
brk(0x810b000) =3D 0x80ea000
mmap2(NULL, 1048576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, =
-1, 0) =3D 0xb114d000
open("/usr/local/lib/valgrind/vgskin_memcheck.so", O_RDONLY) =3D 5
read(5, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0$\215\0"..., =
512) =3D 512
fstat64(5, {st_mode=3DS_IFREG|0755, st_size=3D602149, ...}) =3D 0
old_mmap(NULL, 1434272, PROT_READ|PROT_EXEC, MAP_PRIVATE, 5, 0) =3D =
0xb124d000
old_mmap(0xb12ab000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, =
5, 0x5e000) =3D 0xb12ab000
old_mmap(0xb12ac000, 1045152, PROT_READ|PROT_WRITE, =
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) =3D 0xb12ac000
close(5) =3D 0
mprotect(0xb124d000, 385024, PROT_READ|PROT_WRITE) =3D 0
mprotect(0xb124d000, 385024, PROT_READ|PROT_EXEC) =3D 0
access("/usr/local/lib/valgrind/vgpreload_memcheck.so", R_OK) =3D 0
mmap2(0x52c00000, 1048576, PROT_NONE, =
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0) =3D 0x52c00000
munmap(0, 1388314624) =3D 0
mmap2(0x52d00000, 1563426816, PROT_NONE, =
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0) =3D 0x52d00000
open("bin/myBinary", O_RDONLY) =3D 5
open("bin/myBinary", O_RDONLY|O_LARGEFILE) =3D 6
fstat64(6, {st_mode=3DS_IFREG|S_ISUID|S_ISGID|0775, st_size=3D4320143, =
...}) =3D 0
close(6) =3D 0
write(2, "valgrind: do_exec(bin/myBinary"..., 61valgrind: =
do_exec(bin/myBinary) failed: Permission denied
) =3D 61
exit_group(127) =3D ?
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
The only way I found to get the program to run is to drop the SUID/SGID =
and run the program as root. I would like to avoid that. Program runs =
fine as root or normal user until I try using valgrind.
Any suggestions or explainations of why I get Permission denied?
thanks,
joe
|
|
From: Jeremy F. <je...@go...> - 2005-05-25 19:32:41
|
Curran, Joseph (GE Healthcare) wrote:
>The only way I found to get the program to run is to drop the SUID/SGID and run the program as root. I would like to avoid that. Program runs fine as root or normal user until I try using valgrind.
>
>Any suggestions or explainations of why I get Permission denied?
>
Valgrind doesn't (can't) support suid/sgid executables, because it does
execve() in userspace. Rather than ignoring the suid/gid, and
potentially causing a malfunction by running the program with the wrong
identity, it refuses to run suid executables.
To fix this, you need to have an suid wrapper program, which invokes
your real program under valgrind.
J
|