On 10/22/18 9:48 AM, Ted Unangst wrote:
> Ted Unangst wrote:
>> Ted Unangst wrote:
>>> Derek wrote:
>>>> Adding a "#!/bin/sh" at the top of the scripts made them all work again.
>>>
>>> i don't believe this is a change; that's how it should always work.
>>
>> sorry, this appears wrong. doas actually uses execvpe() from libc, which is
>> supposed to do the sh interpretation thing, except now it doesn't work right.
>> this is a behavior change.
>
> sorry for the burst of email. i was a little out of touch about what was
> happening. there were changes made, but they were not entirely expected or
> planned.
>
> old behavior: doas uses execvpe(), which as the man page notes, follows sh
> behavior and will execute the command using the sh if it has the x bit but
> lacks a magic header.
>
> new behavior: some unveil() calls were added to doas which restricts access to
> /bin/sh, meaning execvpe() no longer works as before.
>
> as hinted in my original reply below, i kind of like this behavior. the change
> to restrict commands to only those with valid headers was inadvertent, but the
> outcome seems positive. we will probably stick with it.
>
> so... the behavior changed, that's probably a bug, but we're going to call it
> a feature. problem solved. :)
>
> some documentation changes may be forthcoming to make everything clear.
>
> thanks for finding and reporting this.
I'm a bit confused here. I have some cwm keybindings that `doas rcctl`
things, which now aren't working as they used to - which isn't
necessarily a problem - but I'm surprised at the behaviour below:
# this doesn't work anymore..
$ doas rcctl
doas: rcctl: command not found
# these all still work..
$ doas sh -c rcctl
usage: rcctl get|getdef|set service | daemon [variable [arguments]]
rcctl [-df] check|reload|restart|stop|start daemon ...
rcctl disable|enable|order [daemon ...]
rcctl ls all|failed|off|on|started|stopped
# tried with ktrace to see where it was getting stuck, but it worked..
$ doas ktrace rcctl
usage: rcctl get|getdef|set service | daemon [variable [arguments]]
rcctl [-df] check|reload|restart|stop|start daemon ...
rcctl disable|enable|order [daemon ...]
rcctl ls all|failed|off|on|started|stopped
$ doas /usr/sbin/rcctl
usage: rcctl get|getdef|set service | daemon [variable [arguments]]
rcctl [-df] check|reload|restart|stop|start daemon ...
rcctl disable|enable|order [daemon ...]
rcctl ls all|failed|off|on|started|stopped
# /usr/sbin is in my path
$ echo $PATH
/home/tomr/perl5/bin:/home/tomr/bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin:/usr/games
# other commands from /usr/sbin still work
$ which vmctl
/usr/sbin/vmctl
$ doas vmctl
usage: vmctl [-v] command [arg ...]
vmctl console id
vmctl create "path" [-b base] [-i disk] [-s size]
vmctl load "path"
vmctl log [verbose|brief]
vmctl reload
vmctl reset [all|vms|switches]
vmctl show [id]
vmctl start "name" [-Lc] [-b image] [-r image] [-m size]
[-n switch] [-i count] [-d disk]* [-t name]
vmctl status [id]
vmctl stop [id|-a] [-fw]
vmctl pause id
vmctl unpause id
vmctl send id
vmctl receive id
$
So, what's special about rcctl?
t
>
>>
>>
>>>
>>> execve() returns ENOEXEC if the file doesn't have the right magic header. sh
>>> will attempt to interpret the file as a script after that error, but i don't
>>> think doas should have such a fallback. it may not be a sh script, and then
>>> weird and possibly bad things will happen (has happened before).
>
