CentOS 7中带有setuid的opentpty（）

Question

在setent uid上运行的可执行文件调用openpty（）在CentOS 7下失败，但在CentOS 6下运行。问题似乎出在opentpty（）试图将/ dev / pts / *从有效uid转换为真实uid时。 6和7都这样做。它在6和7中均失败。但是，在6中，错误被“忽略”，/ dev / pty / *由有效uid拥有，并返回0。在7中，该错误导致清除，/ dev / pty / *被删除并返回-1。

我在上述评估中正确吗？从set uid代码运行时，如何使openpty（）不失败的任何想法？

谢谢！

针对：

fprintf(stderr, "uid: %d, euid: %d\n", getuid(), geteuid());
int ret=openpty(&session->ptyfd, &session->ttyfd, NULL, NULL, &ws);
fprintf(stderr, "pty FD: %d, tty FD: %d\n", session->ptyfd, session->ttyfd);

Centos 6：

geteuid32()                             = 506
getuid32()                              = 500
write(2, "uid: 500, euid: 506\n", 20)   = 20
open("/dev/ptmx", O_RDWR)               = 3
statfs("/dev/pts", {f_type="DEVPTS_SUPER_MAGIC", f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={0, 0}, f_namelen=255, f_frsize=4096}) = 0
ioctl(3, SNDCTL_TMR_TIMEBASE or SNDRV_TIMER_IOCTL_NEXT_DEVICE or TCGETS, {B38400 opost isig icanon echo ...}) = 0
ioctl(3, TIOCGPTN, [0])                 = 0
stat64("/dev/pts/0", {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
getuid32()                              = 500
chown32("/dev/pts/0", 500, 5)           = -1 EPERM (Operation not permitted)
clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xb772c728) = 13801
waitpid(13801, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0) = 13801
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13801, si_status=0, si_utime=0, si_stime=0} ---
ioctl(3, TIOCSPTLCK, [0])               = 0
ioctl(3, SNDCTL_TMR_TIMEBASE or SNDRV_TIMER_IOCTL_NEXT_DEVICE or TCGETS, {B38400 opost isig icanon echo ...}) = 0
ioctl(3, TIOCGPTN, [0])                 = 0
stat64("/dev/pts/0", {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
open("/dev/pts/0", O_RDWR|O_NOCTTY)     = 4
ioctl(4, SNDRV_TIMER_IOCTL_STATUS or TIOCSWINSZ, {ws_row=33566, ws_col=2052, ws_xpixel=24928, ws_ypixel=219}) = 0
write(2, "pty FD: 3, tty FD: 4\n", 21)  = 21

Centos 7：

geteuid()                               = 1003
getuid()                                = 1000
write(2, "uid: 1000, euid: 1003\n", 22) = 22
open("/dev/ptmx", O_RDWR)               = 3
statfs("/dev/pts", {f_type=DEVPTS_SUPER_MAGIC, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={0, 0}, f_namelen=255, f_frsize=4096, f_flags=ST_VALID|ST_NOSUID|ST_NOEXEC|ST_RELATIME}) = 0
ioctl(3, TCGETS, {B38400 opost isig icanon echo ...}) = 0
ioctl(3, TIOCGPTN, [5])                 = 0
stat("/dev/pts/5", {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 5), ...}) = 0
getuid()                                = 1000
chown("/dev/pts/5", 1000, 5)            = -1 EPERM (Operation not permitted)
close(3)                                = 0
write(2, "pty FD: 0, tty FD: 0\n", 21)  = 21