[SOLVED] local extns cause /usr/local/tce.installed permissions issue?

[aus9]

On 4.7.6 I got some funny permissions errors saying could not touch  /usr/local/tce.installed/packagename

so I rebooted in 4.7.5 and result is.....bottom line is reboot into 4.7.6.................I only run 32 bit kernels

Code: [Select]

drwxrwsr-x  2 root staff  3280 Apr 14 22:45 tce.installed/
drwxrwxr-x  2 root staff 1680 Apr 14 22:47 tce.installed/

Is it me, I hope, or umm is there an issue with 4.7.6?

thanks for reading

In case you can't spot it.....there appears to be a suid bit set? drwxrwsr-x

[curaga]

That's usually a bug in an extension. Please boot with "showapps pause", and tell us after which extension the error is shown.

[aus9]

EDIT

Now we know I have a bad extension, that method would only work if the bad extension is onboot?

so in the meantime, I first downgraded all my extensions using the apps  -> maintenance -> check for updates and rebooted OK

as I know what I am working on.....I found one culprit, there may be more

foomatic-rip.......the one in the repo is good for s bit but bad for some other features I want it to have.
next replace it with local build (testing)

assuming s bit is good

Code: [Select]

tce-load -i foomatic-rip
blah blah
drwxrwxr-x  2 root staff  3500 Apr 15 07:29 tce.installed/

Pls move this post to tce talk if you agree?

cheers

And I have one more thing to add to a checklist for tcz building

I loaded new epdfview and its good, I have more to check later

cool, I can unload and test next extension without a full reboot

Code: [Select]

sudo rm -rf /usr/local/tce.installed/foomatic-rip
ls -al /usr/local/
drwxrwsr-x  2 root staff  3360 Apr 15 07:57 tce.installed/

ahhh firefox17 is also bad

I can see why, the wiki says  for tce.installed

sudo chown -R root:staff /tmp/package/usr/local/tce.installed
sudo chmod -R 775 /tmp/package/usr/local/tce.installed

maybe that should read

sudo chown -R root:staff /tmp/package/usr/local/tce.installed
sudo chmod 775 /tmp/package/usr/local/tce.installed/package

[aus9]

this may be a setgid issue?

so lets load dbus which we know is not mine so must be good build

Code: [Select]

pwd
/tmp/tcloop/dbus/usr/local

ls -al | grep tce
drwxrwxr-x 2 root staff  27 Jan 31  2010 tce.installed/

ls -al tce.installed/
total 1
drwxrwxr-x 2 root staff  27 Jan 31  2010 ./
drwxr-xr-x 8 root root   97 Jul 28  2012 ../
-rwxr-xr-x 1 tc   staff 532 Feb  8  2010 dbus

hmmm

ok try LXDE2

Code: [Select]

rwxrwxr-x 1 root staff 47 Nov 11  2009 LXDE2

thats better.....none attempt setuid or setgid, but something is happening to my local extn to disrupt world peace!

[aus9]

thinking out load again, to prove I am still the local village idiot maybe
http://www.tuxation.com/setuid-on-shell-scripts.html

so we might have

Code: [Select]

sudo chmod -R 4775 /tmp/package/usr/local/tce.installed

I shall await your decisons kind Sirs and Madams

[roberts]

If you are using typical mounted extensions then you should be able to see which extensions have this issue by using:

find /tmp/tcloop -type d -perm 4755

[aus9]

roberts

Thanks for looking into this, so is it a bad thing?

Code: [Select]

find /tmp/tcloop -perm 4755
/tmp/tcloop/polkit/usr/local/bin/pkexec
/tmp/tcloop/polkit/usr/local/libexec/polkit-agent-helper-1
/tmp/tcloop/Linux-PAM/usr/local/sbin/pam_timestamp_check
/tmp/tcloop/Linux-PAM/usr/local/sbin/unix_chkpwd
/tmp/tcloop/util-linux/usr/local/bin/mount
/tmp/tcloop/util-linux/usr/local/bin/umount
/tmp/tcloop/chromium-browser/usr/local/chromium-browser/chromium-browser-sandbox
/tmp/tcloop/dbus/usr/local/libexec/dbus-daemon-launch-helper
/tmp/tcloop/Xorg-7.6/usr/local/bin/Xorg
/tmp/tcloop/Xvesa/usr/local/bin/Xvesa

maybe its not my build of firefox17?

Code: [Select]

tce-load -i firefox17
libnotify.tcz: OK
curl.tcz: OK
firefox17.tcz: OK
tc@box:~$ find /tmp/tcloop -perm 4755
/tmp/tcloop/polkit/usr/local/bin/pkexec
/tmp/tcloop/polkit/usr/local/libexec/polkit-agent-helper-1
/tmp/tcloop/Linux-PAM/usr/local/sbin/pam_timestamp_check
/tmp/tcloop/Linux-PAM/usr/local/sbin/unix_chkpwd
/tmp/tcloop/util-linux/usr/local/bin/mount
/tmp/tcloop/util-linux/usr/local/bin/umount
/tmp/tcloop/chromium-browser/usr/local/chromium-browser/chromium-browser-sandbox
/tmp/tcloop/dbus/usr/local/libexec/dbus-daemon-launch-helper
/tmp/tcloop/Xorg-7.6/usr/local/bin/Xorg
/tmp/tcloop/Xvesa/usr/local/bin/Xvesa

In other words, which of these 2 outputs is the correct one please?

drwxrwsr-x  2 root staff  3280 Apr 14 22:45 tce.installed/
drwxrwxr-x  2 root staff 1680 Apr 14 22:47 tce.installed/

I have been assuming the top line but now I am confused....well more confused

2) Finally did a true base norestore boot for 475 and 476 and both have the bottom line.

So I am now thinking its those  4755's that have changed my system?

[roberts]

See: http://wiki.tinycorelinux.net/wiki:creating_extensions

For proper permissions, generally not use sgid unless required by a specific application as noted in the wiki.
If you are getting permission denied then that is bad, as startup scripts and test for already installed would likely fail.

Since sgid on directories propagates then I would suspect that the first find is the one that stated it all.
Try to not load polkit and recheck. Or check the order loaded via your onboot.lst or use boot code showapps pause.

[aus9]

Hi

well some general results for you, when you have time to peruse

onboot list did not name any of those 4755 by tcz name so had to look at the depends

1) culprit for polkit is my baby = SpaceFM.tcz.
----loading polkit will pull in depend of Linux-PAM

2) As the wiki specifically mentions that Xorg is ok to have setgid, I can ignore my onboot list for LXDE2, lxterminal and leafpad

3) some of  the others in no particular order appear to be  Xvesa, but this is your baby so one would assume you know about it
I was able to load just vesa setting to give me this list

Code: [Select]

find /tmp/tcloop -perm 4755
/tmp/tcloop/Xvesa/usr/local/bin/Xvesa
(My shortened vesa list)
ls /usr/local/tce.installed/
Xlibs               fontconfig          liblzma             openssl-1.0.0
Xorg-7.6-lib        gdk-pixbuf2         libssh2             pango
Xprogs              glib2               libssl-0.9.8        pixman
Xvesa               graphics-libs-1     libxcb              shared-mime-info
atk                 gtk2                libxml2             slang
cairo               gtk2-locale         lxterminal          ttf-bitstream-vera
expat2              leafpad             mc                  vte
fltk-1.1.10         libffi              ncurses             wbar
flwm_topside        libiconv            ncurses-common

4) So if its safe to ignore Xvesa....I am sure it is, I then load firefox17 which has a dep of dbus and redo command to get

Code: [Select]

find /tmp/tcloop -perm 4755
/tmp/tcloop/dbus/usr/local/libexec/dbus-daemon-launch-helper
/tmp/tcloop/Xvesa/usr/local/bin/Xvesa

I won't post any more results.

If possible what should I do?

Should I try to rebuild SpaceFM and try and not have the polkit dependency or
should I research polkit or Linux-PAM to see why they need a 4755?

[Juanito]

/tmp/tcloop/dbus/usr/local/libexec/dbus-daemon-launch-helper

see:

http://forum.tinycorelinux.net/index.php/topic,4967.msg26257.html#msg26257

[curaga]

I don't think the setgid matters - not being able to touch was usually having no group write, or wrong group (not staff).

[aus9]

Juanito

thanks for the link, thats one less research now done.

curaga

Ok thats good to know too.

Me wishes I had posed which tce-load had caused errors to begin with. With have a look at my bash or ash history to see if I can see it.
I have vague memories I was building and testing epdfview or firefox17 but will check later thanks

[aus9]

Juanito

I am starting to go thru my history terminal commands and you may wish to see this result?

Rather than start a new theme, as its my setup or lack thereof....I will post here unless you prefer I start a new post?

Code: [Select]

find /tmp/tcloop -perm 4755
/tmp/tcloop/Xorg-7.6/usr/local/bin/Xorg
/tmp/tcloop/util-linux/usr/local/bin/mount
/tmp/tcloop/util-linux/usr/local/bin/umount
tc@box:~$ tce-load -i avahi
nss-mdns.tcz: OK
libdaemon.tcz: OK
gcc_libs.tcz: OK
dbus.tcz: OK
libavahi.tcz: OK
avahi.tcz: OK
tc@box:~$ sudo /usr/local/etc/init.d/avahi start
no /usr/local/bin/dbus-daemon found; none killed
rm: can't remove '/var/run/dbus/pid': No such file or directory
tc@box:~$ sudo /usr/local/etc/init.d/dbus status

dbus is running.

tc@box:~$ ls /usr/local/tce.installed/db*
/usr/local/tce.installed/dbus

tce-load -i firefox17
dbus-glib.tcz: OK
libnotify.tcz: OK
curl.tcz: OK
firefox17.tcz: OK
tc@box:~$ find /tmp/tcloop -perm 4755
/tmp/tcloop/dbus/usr/local/libexec/dbus-daemon-launch-helper
/tmp/tcloop/Xorg-7.6/usr/local/bin/Xorg
/tmp/tcloop/util-linux/usr/local/bin/mount
/tmp/tcloop/util-linux/usr/local/bin/umount
tc@box:~$ ls /usr/local/tce.installed/db*
/usr/local/tce.installed/dbus       /usr/local/tce.installed/dbus-glib
tc@box:~$ sudo /usr/local/etc/init.d/avahi status

avahi is running.

tc@box:~$ sudo /usr/local/etc/init.d/avahi stop
tc@box:~$ sudo /usr/local/etc/init.d/avahi start

I was using avahi for cups and network discovery for a wireless printer.

Can you see any issue with avahi? Maybe it might need a dep of dbus-glib?

thanks for reading

[aus9]

After loading avahi with its current 4755 output I next ran

Code: [Select]

tce-load -i epdfview
libcups.tcz: OK
poppler.tcz: OK
epdfview.tcz: OK
tc@box:~$ epdfview
tc@box:~$ find /tmp/tcloop -perm 4755
/tmp/tcloop/dbus/usr/local/libexec/dbus-daemon-launch-helper
/tmp/tcloop/Xorg-7.6/usr/local/bin/Xorg
/tmp/tcloop/util-linux/usr/local/bin/mount
/tmp/tcloop/util-linux/usr/local/bin/umount

ls -al /usr/local | grep tce
drwxrwxr-x    2 root     staff         2820 Apr 15 20:25 tce.installed/

My verdict .....new build of epdfview has not changed status quo so its ok, running it in a terminal also produces no errors.

[aus9]

and so after loading avahi and then epdfview I load the normal firefox  v 19

I did a full reboot and what follows are all my commands...no tricks

Code: [Select]

ls -al /usr/local | grep tce
drwxrwxr-x    2 root     staff         2420 Sep 11  2011 tce.installed/
tc@box:~$ find /tmp/tcloop -perm 4755
/tmp/tcloop/Xorg-7.6/usr/local/bin/Xorg
/tmp/tcloop/util-linux/usr/local/bin/mount
/tmp/tcloop/util-linux/usr/local/bin/umount
tc@box:~$ tce-load -i firefox
dbus.tcz: OK
dbus-glib.tcz: OK
libnotify.tcz: OK
curl.tcz: OK
firefox.tcz: OK
tc@box:~$ find /tmp/tcloop -perm 4755
/tmp/tcloop/dbus/usr/local/libexec/dbus-daemon-launch-helper
/tmp/tcloop/Xorg-7.6/usr/local/bin/Xorg
/tmp/tcloop/util-linux/usr/local/bin/mount
/tmp/tcloop/util-linux/usr /local/bin/umount
tc@box:~$ find /tmp/tcloop -perm 4755
/tmp/tcloop/dbus/usr/local/libexec/dbus-daemon-launch-helper
/tmp/tcloop/Xorg-7.6/usr/local/bin/Xorg
/tmp/tcloop/util-linux/usr/local/bin/mount
/tmp/tcloop/util-linux/usr/local/bin/umount
tc@box:~$ ls -al /usr/local | grep tce
drwxrwsr-x    2 root     staff         2520 Jul 23  2009 tce.installed/

verdict .....firefox.tcz   v 19 may well have been the issue.

I will now have to do full reboot and not firefox but load SpaceFM and check the perms