Source: ejabberd
Severity: important
Dear Maintainer,
I've configured ejabberd on my Debian server with PAM authentication. I'm
running Debian Stretch on my VPS (though bug is filed from my laptop). I
followed the README.Debian and added setuid bit on epam ond restarted the
service. On checking the process epam was still running as ejabberd user and
group and not honoring the setuid bit on epam, and because of this
authentication fails.
To check I stopped the systemd service of ejabberd and manually started ejabberd
using ejabberdctl
ejabberdctl start && ejabberdctl started
And after this epam is honoring the setuid bit and runs as root:ejabberd and
also authentication works fine.
I tried overriding few things in systemd service file of ejabberd like
ProtectSystemFull=false but that did not change the behavior. If you think
problem is not in the service file of ejabberd please consider reassigning bug
to systemd.
Best Regards,
Vasudev
-- System Information:
Debian Release: 9.0
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental')
Architecture: i386 (x86_64)
Foreign Architectures: amd64
Kernel: Linux 4.9.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
