Once upon a time Bob Proulx said... > Cameron Hutchison wrote: > > I'm running unstable and the latest libc upgrade has caused me problems > > with vmware 3.2 (see bug report #205328). The problem is with libc6 > > 2.3.2. Vmware runs fine with 2.3.1. > > You may need to downgrade.
That's what I've done, but clearly thats not a permanent solution. A suggestion by R Ransbottom in a private email was to patch the binary. I did this, and after getting all references to libraries, finally got it working. I changed all references to *.so.* to *.vm.* in the vmware binary, and again in my private copy of libc-2.3.1 (libnss_%s.so.n was the tricky one to find), put symlinks in /lib/libxxx.vm.n to my private library directory. Quite an ugly hack, but it worked. > > This does not work, because vmware is setuid root, and LD_LIBRARY_PATH > > is ignored for setuid programs. > > If you create a C program wrapper that sets the real uid to the > effective user id then doesn't LD_LIBRARY_PATH work again? If so then > you could do that as an option. When I first read this idea in your email, I dismissed it because I didn't want a special setuid wrapper that I'd have to maintain, since it would have to change if I moved vmware or upgraded the version. I thought of a generic wrapper, but that just screams hugh security hole. I figured I'd need to implemented some sort of security management, ala sudo, when it hit me - just use sudo. My first (failed) attempt that prompted my initial email was to put a LD_LIBRARY_PATH in my vmware script (I had already wrapped the binary for other reasons). This didn't work because setuid programs ignore LD_LIBRARY_PATH. However, just running the script with sudo worked. No other messing around. I'm pleased to have discovered this, as it should be a solution to using LD_LIBRARY_PATH for any setuid program. Summary. 1. Write wrapper script for setuid binary that sets LD_LIBRARY_PATH to whatever you want. 2. visudo and add permissions for the user to run the wrapper script. 3. sudo <wrapper_script> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
