radmin - infinite loop

Mon Jul 4 18:09:00 CEST 2011

Also, I think I found another problem: in command.c, I believe that

                if (getpeereid(listener->fd, &uid, &gid) < 0) {
should be
                if (getpeereid(newfd, &uid, &gid) < 0) {

Because right now, it reports that connections are always from uid 0, even
if the caller is definitely a different uid.

Client window:

$ sudo su - www-data
$ id
uid=33(www-data) gid=33(www-data) groups=33(www-data)
$ ruby -e 'puts Process.euid, Process.uid'
33
33
$ strace /usr/sbin/radmin
(same infinite loop as before)

Server output shows the following:

Ready to process requests.
 ... new connection request on command socket.
Unauthorized connection to /var/run/freeradius/freeradius.sock from gid 0
Ready to process requests.

(But it's not gid 0, it's gid 33!)

strace on the freeradius -X:

write(1, "Ready to process requests.\n", 27Ready to process requests.
) = 27
select(211, [203 205 206 207 208 209 210], NULL, NULL, NULL) = 1 (in [207])
write(1, " ... new connection request on c"..., 47 ... new connection request on command socket.
) = 47
accept(207, {sa_family=AF_FILE, NULL}, [2]) = 211
getsockopt(207, SOL_SOCKET, SO_PEERCRED, "\231%\0\0\0\0\0\0\0\0\0\0", [12]) = 0
write(1, "Unauthorized connection to /var/"..., 74Unauthorized connection to /var/run/freeradius/freeradius.sock from uid 0
) = 74
close(211)                              = 0
write(1, "Ready to process requests.\n", 27Ready to process requests.
) = 27
select(211, [203 205 206 207 208 209 210], NULL, NULL, NULL

So getsockopt returns 0, which is success. I just think it's asking about
the wrong socket.

Regards,

Brian.