BIND 10 #2595: cmdctl with chusr crashes due to permission issue

BIND 10 Development do-not-reply at isc.org
Thu Jan 3 17:30:51 UTC 2013 

#2595: cmdctl with chusr crashes due to permission issue
-------------------------------------+-------------------------------------
                   Reporter:         |                 Owner:
  jinmei                             |                Status:  new
                       Type:         |             Milestone:  Next-Sprint-
  defect                             |  Proposed
                   Priority:         |              Keywords:
  medium                             |             Sensitive:  0
                  Component:  cmd-   |           Sub-Project:  Core
  ctl                                |  Estimated Difficulty:  0
               CVSS Scoring:         |           Total Hours:  0
            Defect Severity:  N/A    |
Feature Depending on Ticket:         |
        Add Hours to Ticket:  0      |
                  Internal?:  0      |
-------------------------------------+-------------------------------------
 Assume you install BIND 10 as a super user, start bind10 with "-u someone"
 ("someone" doesn't have full root privilege), and assume that the
 permission issues for the lock file and UNIX domain socket for msgq are
 resolved (see #711).  If you try to control it via bindctl, it fails
 as follows:

 {{{
 % /usr/local/bin/bindctl
 Socket error while sending login information: [Errno 8] _ssl.c:392: EOF
 occurred in violation of protocol
 [1]    88494 exit 1     /usr/local/bin/bindctl
 }}}

 And b10-cmdctl crashed:
 {{{
 Traceback (most recent call last):
   File "/usr/local/libexec/bind10/b10-cmdctl", line 626, in <module>
     run(options.addr, options.port, options.idle_timeout, options.verbose)
   File "/usr/local/libexec/bind10/b10-cmdctl", line 587, in run
     httpd.serve_forever()
   File "/usr/local/lib/python3.2/site-
 packages/isc/util/socketserver_mixin.py", line 81, in serve_forever
     self._handle_request_noblock();
   File "/usr/local/lib/python3.2/socketserver.py", line 279, in
 _handle_request_noblock
     request, client_address = self.get_request()
   File "/usr/local/libexec/bind10/b10-cmdctl", line 554, in get_request
     ssl_sock = self._wrap_socket_in_ssl_context(newsocket, key, cert)
   File "/usr/local/libexec/bind10/b10-cmdctl", line 541, in
 _wrap_socket_in_ssl_context
     ssl_version = ssl.PROTOCOL_SSLv23)
   File "/usr/local/lib/python3.2/ssl.py", line 521, in wrap_socket
     ciphers=ciphers)
   File "/usr/local/lib/python3.2/ssl.py", line 221, in __init__
     self.context.load_cert_chain(certfile, keyfile)
 IOError: [Errno 13] Permission denied
 }}}

 Operationally this can/should be fixed by making all of the following
 files readable to user "someone":
 - cmdctl-accounts.csv
 - cmdctl-certfile.pem
 - cmdctl-keyfile.pem

 but there are a few things to be fixed in the implementation, too:

 - b10-cmdctl shouldn't crash anyway.  It should provide more
   useful/helpful log message about what's wrong and how it should be
   fixed.
 - the error message from bindctl isn't helpful at all.  ideally this
   should also suggest that it may be a permission problem.

-- 
Ticket URL: <https://bind10.isc.org/ticket/2595>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development

More information about the bind10-tickets mailing list