On 10/27/2017 08:01 AM, Thomas Hartmann wrote:
Hi all, what might prevent LD_LIBRARY_PATH handed through to a job's environment? A user is trying to hand the envvar through but it it stays unset in the job's environment although 'getenv = True' is set. As far as I see, there should be no setuid programs involved??
So, in Linux, we know that LD_LIBRARY_PATH is ignored for setuid binaries. The trick here, though, is the definition of setuid. Many people think that "setuid" means that the setuid bit is set on a program's executable file, so that when it runs, it runs as with the effective uid of the owner of the file, not as the user who forked and exec'd it. While it is correct to call these programs "setuid", they aren't the only programs that linux considers "setuid".
Really, Linux considers any process with a different real uid and effective uid as setuid. And most of the condor daemons, including the starter are such programs. So, linux considers them setuid, even though they don't have the setuid bit set on their executables.
-greg