[sudo-users] Calling sudo from PHP script under Apache httpd
Dima Goncharuck
dgoncharuk at neocm.com
Tue Feb 16 09:34:33 MST 2021
Добрый день Todd,
Thursday, February 11, 2021, 7:18:15 PM, Вы написали:
> On Thu, 11 Feb 2021 19:04:13 +0200, Dima Goncharuck wrote:
>> Feb 11 18:52:08 sudo[5079] set_perms: PERM_INITIAL: ruid: 10001, euid: 0, sui
>> d: 0, rgid: 10001, egid: 10001, sgid: 10001
>> Feb 11 18:52:08 sudo[5079] -> set_callbacks @ ./sudoers.c:1584
>> Feb 11 18:52:08 sudo[5079] <- set_callbacks @ ./sudoers.c:1635
>> Feb 11 18:52:08 sudo[5079] -> set_runaspw @ ./sudoers.c:1304
>> Feb 11 18:52:08 sudo[5079] <- set_runaspw @ ./sudoers.c:1327 := true
>> Feb 11 18:52:08 sudo[5079] <- init_vars @ ./sudoers.c:878 := true
>> Feb 11 18:52:08 sudo[5079] set_perms: PERM_ROOT: uid: [10001, 0, 0] -> [0, 0,
>> 0]
>> Feb 11 18:52:08 sudo[5079] PERM_ROOT: setresuid(0, -1, -1): Operation not per
>> mitted @ set_perms() ./set_perms.c:361
>> Feb 11 18:52:08 sudo[5079] <- sudoers_init @ ./sudoers.c:193 := -1
> Clearly something is preventing sudo from changing uids. With an
> effective uid of 0 this should not fail. If apache/php runs in its
> own namespace that might affect things.
How to detect this ?
I'm not using cgroups or docker etc.
--
С уважением,
Dima mailto:dgoncharuk at neocm.com
More information about the sudo-users
mailing list