Good evening,
could somebody please point out my mistake? Why is BIRD telling that it
can't access /var/lib/foo/bird.conf?
$ birdc configure soft
BIRD 2.0.7 ready.
Reading configuration from /etc/bird.conf
/etc/bird.conf:206:10 Unable to open included file /var/lib/foo/bird.conf:
Permission denied
$
$ tail /etc/bird.conf
#
# protocol bgp client2 from rr_clients {
# neighbor 10.0.2.1;
# }
#
# protocol bgp client3 from rr_clients {
# neighbor 10.0.3.1;
# }
include "/var/lib/foo/bird.conf"; # This is line 206
$
$ ps aux | grep bird
bird 29334 0.0 0.1 43752 2968 ? Ss 00:50 0:00 /usr/sbin/bird
-f -u bird -g bird
root 29531 0.0 0.0 112724 960 pts/0 S+ 00:58 0:00 grep
--color=auto bird
$
$ ls -ld /var/lib/foo/ /var/lib/foo/bird.conf
drwxr-x---. 2 foo foo 4096 Feb 27 00:53 /var/lib/foo/
-rw-r--r--. 1 root root 10 Feb 27 00:53 /var/lib/foo/bird.conf
$
$ id bird
uid=996(bird) gid=993(bird) groups=993(bird),1000(foo)
$
$ strace -fff -p 29334 -s 4096
[…]
open("/var/lib/foo/bird.conf", O_RDONLY) = -1 EACCES (Permission denied)
[…] ^C
$
But:
$ su - bird -s /bin/bash -c "head /var/lib/foo/bird.conf"
# Include
$
And:
$ su - bird -s /bin/bash -c "id"
uid=996(bird) gid=993(bird) groups=993(bird),1000(foo)
context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
$
Even it's not relevant:
$ getenforce
Permissive
$
Regards,
Robert
