(Redirecting this thread to the adduser bug #1074567 instead of the
closed autopkgtest bug #1059725 from which it was cloned)
On Sat, 17 Aug 2024 at 10:52:53 +0200, Chris Hofstaedtler wrote:
> On Mon, Jul 01, 2024 at 10:38:55AM +0100, Simon McVittie wrote:
> > It could also be argued that this is a logger (util-linux) bug, because
> > logger(1) says "otherwise the socket credentials are not modified and
> > the problem is silently ignored", but this bug report indicates that
> > the problem is in fact not *silently* ignored.
>
> I have seen this problem with logger in some other context before,
> but I cannot remember where. Ideally I'd like to see this fixed in
> logger.
>
> Is there a reproducer that does not involve podman or adduser?
After a bit of trial and error, I got to this (to be run with "real root"
on a virtual or physical machine, not in a container):
$ sudo -s
# logger -t test --id="$$" 'GOOD: with caps'; echo $?
0
# setpriv --inh-caps -SYS_ADMIN --bounding-set -SYS_ADMIN -- \
logger -t test --id="$$" 'BAD: without CAP_SYS_ADMIN'; echo $?
logger: send message failed: Operation not permitted
0
If you think this is more a logger problem (not behaving as designed)
than an adduser problem (invoking logger wrong), please reassign #1074567
from adduser to util-linux. Please don't reassign #1059725 to util-linux,
though.
Thanks,
smcv
