VyOS 1.3.3 setgid: Operation not permitted

iii · June 11, 2023, 5:58am

Hi -

Ive compiled ISO image of vyos v1.3.3 by this manual

But triyng to configure shows me error:
vyos@vyos:~$ configure
setgid: Operation not permitted

toor@vyos:~$ ls -la /
total 56
drwxr-xr-x   1 root root      4096 Jun 11 05:51 .
drwxr-xr-x   1 root root      4096 Jun 11 05:51 ..
lrwxrwxrwx   1 1000      1000    7 Mar  3  2022 bin -> usr/bin
drwxr-xr-x   5 root root      4096 Jun 10 20:13 boot
drwxrwxr-x   7 root vyattacfg 4096 Jun 11 05:52 config
drwxr-xr-x  13 root root      2980 Jun 11 05:51 dev
drwxr-xr-x   1 1000      1000 4096 Jun 11 05:52 etc
drwxr-xr-x   1 1000      1000 4096 Jun 10 20:13 home
lrwxrwxrwx   1 1000      1000    7 Mar  3  2022 lib -> usr/lib
lrwxrwxrwx   1 1000      1000    9 Mar  3  2022 lib32 -> usr/lib32
lrwxrwxrwx   1 1000      1000    9 Mar  3  2022 lib64 -> usr/lib64
lrwxrwxrwx   1 1000      1000   10 Mar  3  2022 libx32 -> usr/libx32
drwxr-xr-x   2 1000      1000    3 Mar  3  2022 media
drwxr-xr-x   2 1000      1000    3 Mar  3  2022 mnt
drwxr-xr-x   1 1000      1000 4096 Jun 10 19:59 opt
dr-xr-xr-x 173 root root         0 Jun 11 05:51 proc
drwx------   1 1000      1000 4096 Jun 10 20:14 root
drwxr-xr-x  40 root root      1180 Jun 11 05:53 run
lrwxrwxrwx   1 1000      1000    8 Mar  3  2022 sbin -> usr/sbin
drwxr-xr-x   3 1000      1000   27 Jun 10 20:01 srv
dr-xr-xr-x  13 root root         0 Jun 11 05:51 sys
drwxrwxrwt  11 root root       300 Jun 11 05:53 tmp
drwxr-xr-x   1 1000      1000 4096 Jun 10 19:59 usr
drwxr-xr-x   1 1000      1000 4096 Jun 10 20:03 var

Wrong permissions for folders
Help me please what is wrong? Is there a way to fix it?

Thanx in advance.

tjh · June 11, 2023, 6:11am

Can you show us ALL the steps you’re using please? From the start.

iii · June 11, 2023, 6:27am

[user@workbook vyos-build]$ docker run --rm -it --privileged -v $(pwd):/vyos -w /vyos vyos/vyos-build:equuleus bash
Current UID/GID: 1000/1000
vyos_bld@82232f866ae1:/vyos$ ./configure --architecture amd64 --build-type release --version 1.3.3
Checking if packages required for VyOS image build are installed
All dependencies are installed
Saving the build config to build/build-config.json
vyos_bld@82232f866ae1:/vyos$ sudo make iso

then uploaded iso to router, imported previous config and reboot

toor@vyos:~$ show system image 
The system currently has the following image(s) installed:

   1: 1.3.3 (default boot) (running image)
   2: 1.3-rolling-202211281737

c-po · June 11, 2023, 8:39am

Please also share /etc/passwd and /etc/group

iii · June 11, 2023, 8:43am

toor@vyos:~$ cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
_apt:x:100:65534::/nonexistent:/usr/sbin/nologin
systemd-timesync:x:101:102:systemd Time Synchronization,,,:/run/systemd:/usr/sbin/nologin
systemd-network:x:102:103:systemd Network Management,,,:/run/systemd:/usr/sbin/nologin
systemd-resolve:x:103:104:systemd Resolver,,,:/run/systemd:/usr/sbin/nologin
telegraf:x:999:999::/etc/telegraf:/bin/false
radvd:x:104:65534::/var/run/radvd:/usr/sbin/nologin
strongswan:x:105:65534::/var/lib/strongswan:/usr/sbin/nologin
messagebus:x:106:108::/nonexistent:/usr/sbin/nologin
uuidd:x:107:112::/run/uuidd:/usr/sbin/nologin
tftp:x:108:113:tftp daemon,,,:/srv/tftp:/usr/sbin/nologin
conservr:x:109:20::/etc/conserver:/usr/sbin/nologin
ntp:x:110:115::/nonexistent:/usr/sbin/nologin
frr:x:111:117:Frr routing suite,,,:/nonexistent:/usr/sbin/nologin
ocserv:x:112:118::/run/ocserv:/usr/sbin/nologin
pdns:x:113:121:PowerDNS,,,:/var/spool/powerdns:/bin/false
sshd:x:114:65534::/run/sshd:/usr/sbin/nologin
smmta:x:115:122:Mail Transfer Agent,,,:/var/lib/sendmail:/usr/sbin/nologin
smmsp:x:116:123:Mail Submission Program,,,:/var/lib/sendmail:/usr/sbin/nologin
Debian-snmp:x:117:124::/var/lib/snmp:/bin/false
_lldpd:x:118:125::/var/run/lldpd:/usr/sbin/nologin
hacluster:x:119:126::/var/lib/pacemaker:/usr/sbin/nologin
tss:x:120:127::/var/lib/tpm:/usr/sbin/nologin
openvpn:x:121:128::/var/lib/openvpn:/usr/sbin/nologin
radius_user:x:1001:100:radius user,,,:/home/radius_user:/sbin/radius_shell
radius_priv_user:x:1002:105:radius privileged user,,,:/home/radius_priv_user:/sbin/radius_shell
minion:x:122:105:salt minion user,,,:/home/minion:/bin/vbash
dhcpd:x:123:65534::/run/dhcp-server:/usr/sbin/nologin
systemd-coredump:x:998:998:systemd Core Dumper:/:/usr/sbin/nologin
toor:x:1003:100::/home/toor:/bin/vbash
vyos:x:1004:100::/home/vyos:/bin/vbash
toor@vyos:~$ cat /etc/group
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:radius_user,radius_priv_user,minion,toor,vyos
tty:x:5:
disk:x:6:radius_priv_user,minion,toor,vyos
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:
floppy:x:25:
tape:x:26:
sudo:x:27:radius_priv_user,minion,toor,vyos
audio:x:29:
dip:x:30:radius_user,radius_priv_user,minion,toor,vyos
www-data:x:33:
backup:x:34:
operator:x:37:radius_user
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:
sasl:x:45:
plugdev:x:46:
staff:x:50:
games:x:60:
users:x:100:radius_user,radius_priv_user,minion
nogroup:x:65534:
systemd-journal:x:101:
systemd-timesync:x:102:
systemd-network:x:103:
systemd-resolve:x:104:
vyattacfg:x:105:radius_priv_user,toor,vyos
vyattaop:x:106:radius_user
telegraf:x:999:
ssl-cert:x:107:
messagebus:x:108:
input:x:109:
kvm:x:110:
render:x:111:
uuidd:x:112:
tftp:x:113:
crontab:x:114:
ntp:x:115:
frrvty:x:116:frr,radius_user,radius_priv_user,minion,toor,vyos
frr:x:117:
ocserv:x:118:
ssh:x:119:
netdev:x:120:
pdns:x:121:
smmta:x:122:
smmsp:x:123:
Debian-snmp:x:124:
_lldpd:x:125:
haclient:x:126:
tss:x:127:
openvpn:x:128:
hostsd:x:129:dhcpd
systemd-coredump:x:998:

iii · June 11, 2023, 6:12pm

just rebuilt iso image, same steps as above…

system · June 13, 2023, 6:13pm

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.