From owner-freebsd-bugs@FreeBSD.ORG Wed Nov 30 20:40:12 2011 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3C6AA106566C for ; Wed, 30 Nov 2011 20:40:12 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 190008FC12 for ; Wed, 30 Nov 2011 20:40:12 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id pAUKeBRH087326 for ; Wed, 30 Nov 2011 20:40:11 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id pAUKeBSA087325; Wed, 30 Nov 2011 20:40:11 GMT (envelope-from gnats) Resent-Date: Wed, 30 Nov 2011 20:40:11 GMT Resent-Message-Id: <201111302040.pAUKeBSA087325@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Garrett Cooper Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 43C9B1065675 for ; Wed, 30 Nov 2011 20:34:29 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22]) by mx1.freebsd.org (Postfix) with ESMTP id 328B98FC13 for ; Wed, 30 Nov 2011 20:34:29 +0000 (UTC) Received: from red.freebsd.org (localhost [127.0.0.1]) by red.freebsd.org (8.14.4/8.14.4) with ESMTP id pAUKYTDK081122 for ; Wed, 30 Nov 2011 20:34:29 GMT (envelope-from nobody@red.freebsd.org) Received: (from nobody@localhost) by red.freebsd.org (8.14.4/8.14.4/Submit) id pAUKYSeW081121; Wed, 30 Nov 2011 20:34:28 GMT (envelope-from nobody) Message-Id: <201111302034.pAUKYSeW081121@red.freebsd.org> Date: Wed, 30 Nov 2011 20:34:28 GMT From: Garrett Cooper To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: kern/162976: cron fails unnecessarily via setlogin(2) with sufficiently long usernames X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Nov 2011 20:40:12 -0000 >Number: 162976 >Category: kern >Synopsis: cron fails unnecessarily via setlogin(2) with sufficiently long usernames >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed Nov 30 20:40:11 UTC 2011 >Closed-Date: >Last-Modified: >Originator: Garrett Cooper >Release: 8.2-RELEASE >Organization: iXsystems, Inc. >Environment: FreeBSD truenas.local 8.2-RELEASE-p4 FreeBSD 8.2-RELEASE-p4 #0: Mon Nov 21 18:34:29 PST 2011 root@streetfighter.ixsystems.com:/scratch/ix-projects/freenas/releng/8.0.2/obj.amd64/scratch/ix-projects/freenas/releng/8.0.2/FreeBSD/src/sys/TRUENAS.amd64 amd64 >Description: One can use active directory usernames in crontab like so and most of the system is happy working with these long usernames: * * * * * STOUT\administrator PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/root/bin true >/dev/null 2>&1 The problem is that cron gets unhappy when trying to run setlogin(2), which ends up spewing out errors in syslog and cron exits: Nov 30 07:44:00 truenas cron[25967]: setlogin(STOUT\administrator): Invalid argument This limitation appears to still be present in 10-CURRENT though. >How-To-Repeat: 1. Hook machine into AD/LDAP realm (the above example uses the STOUT AD realm). 2. Create something like the following entry: * * * * * STOUT\administrator PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/root/bin true >/dev/null 2>&1 >Fix: The only fix (which would be invasive) would be to honor (and exceed) the limits set by other operating systems so that setlogin(2) wouldn't fail. According to this KB article via MS, the username limit is 104 characters (although the recommend not going over 64 characters). Other infrastructure pieces might need to be taught to honor this limit (like utmp*). >Release-Note: >Audit-Trail: >Unformatted: