[mythtv-users] How to use tmdb.pl with MythVideo/MythWeb

Michael T. Dean mtdean at thirdcontact.com
Sun Apr 5 23:10:30 UTC 2009


On 04/05/2009 06:57 PM, Bobby Gill wrote:
>> http://svn.mythtv.org/trac/ticket/4954
>>
>> It's because you're running mythfrontend setuid root and mythfrontend is
>> running MythVideo and mythvideo is running tmdb.pl, so you're running
>> tmdb.pl in a setuid root environment.  TTBOMK, there shouldn't be any
>> distribution left that requires running mythfrontend setuid root to achieve
>> real-time scheduling for the display thread, so you should be able to remove
>> the setuid bit on mythfrontend.  See, "Enabling real-time scheduling of the
>> display thread," at http://www.mythtv.org/docs/mythtv-HOWTO-5.html#ss5.4 for a bit more.
>>
>> Note, this also /might/ happen if you run mythfrontend as root directly
>> (though I don't know for sure).  If that's the case and you can't run
>> mythfrontend as a non-privileged user, you'll have to either add a hack to
>> the script or to all the command lines that execute tmdb.pl so that "./" is
>> explicitly in the INC path (using perl's -I argument) or install
>> MythTV/MythVideoCommon.pm into a "real" directory that's already in the Perl
>> include path.
> Okay, I just ran mythfrontend with sudo and the script worked just fine,
> looked up the movie and got all info and the poster. So from the link you
> gave, would doing this basically resolve it:
>
> # chmod a+s /usr/local/bin/mythfrontend /usr/local/bin/mythtv
>   

No.  I'm saying the exact opposite of that...  You are already running 
it setuid root and you shouldn't be.  (I.e. your system is already 
configured the "not-safe" way.)

Before changing anything, please post the output of:

ls -l /usr/local/bin/{mythfrontend,mythtv}*

(yes, please run it exactly as show with all the punctuation :)
 
> It notes that being "unsecure."

I agree and recommend you do the opposite.

> However I'm not sure how else to solve this.
>   

Chances are, it will be as simple as:

chmod 0755 /usr/local/bin/{mythfrontend,mythtv}*

and then using one of the more appropriate mechanisms (rlimits or 
realtime module) to allow mythfrontend to request realtime scheduling.

But, that's somewhat dependent on how your distro is configured.

However, thank you for running as root--in so doing, you proved that I 
was wrong about, "Note, this also /might/ happen if you run mythfrontend 
as root directly."  That is /very/ good news because it means even on 
distros where mythfrontend runs as root, tmdb.pl will work properly.

Mike


More information about the mythtv-users mailing list