From owner-freebsd-questions Wed Aug 5 14:14:00 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id OAA25070 for freebsd-questions-outgoing; Wed, 5 Aug 1998 14:14:00 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from mailhub.scl.ameslab.gov (mailhub.scl.ameslab.gov [147.155.137.127]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA25063 for ; Wed, 5 Aug 1998 14:13:59 -0700 (PDT) (envelope-from ghelmer@scl.ameslab.gov) Received: from demios.ether.scl.ameslab.gov ([147.155.137.54] helo=demios.scl.ameslab.gov) by mailhub.scl.ameslab.gov with smtp (Exim 1.90 #1) id 0z4Aot-0004cW-00; Wed, 5 Aug 1998 16:10:03 -0500 Date: Wed, 5 Aug 1998 16:13:36 -0500 (CDT) From: Guy Helmer To: James Snow cc: djv@bedford.net, freebsd-questions@FreeBSD.ORG Subject: Re: Weird /home problem In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, 5 Aug 1998, James Snow wrote: > [...] Here is exactly what I did. I would be really interested to know > if this did not produce the same problem for other people. > > Created a new group entry, buggy - /etc/group: (dork being the user to be > added) > > buggy:*:5000:dork > > Run vipw and put the enter the following line: > > dork::1005:5000:Dork:/home/buggy/dork:/usr/local/bin/tcsh > > Verify that /home is 755 - chmod 755 /home > Make the sub of home - mkdir /home/buggy > Set its perms - chown root:buggy /home/buggy ; chmod 750 /home/buggy > Then the user - > mkdir /home/buggy/dork ; chown dork:buggy /home/buggy/dork > chmod 700 /home/buggy/dork > > Then when he logs in, he gets: > > No home directory. > Logging in with home = "/". > > and the logs get: > > login: _secure_path: cannot stat /home/buggy/dork/.login_conf: Permission > denied You've discovered an interesting case in login(1): it uses seteuid() when checking for the home directory and the .login_conf file but it doesn't modify its gid list, so it can't see past /home/buggy for lack of privilege at that point. > [...] > > The error message you're getting is consistent with logging > > in to a non-existent directory. > > But why does login behave differently when called at actual login and when > called from the command line immediately after the botched login? That is, > it doesn't find $home after logging in, but subsequently typing 'login' > and logging in again works perfectly. When called from the command line (assuming the user is logging in again as (him|her)self), the gid list is properly setup and login(1) can see into /home/buggy. It appears the user's security environment has to be used to find the per-user login capability file and then the security environment has to revert to root privileges to set the login capabilities and/or change the password if necessary. Could the existing setgid(2) & initgroups(3) calls simply be moved up ahead of the initial seteuid(2) call? Since the group list is not checked or modified before this point, it must not be a security risk at that point? Otherwise, I suppose you could do a getgroups(2), setegid(2), and initgroups(3) before the first existing seteuid(2), then after the second seteuid(2), use setegid(2) and setgroups(2) to return the group list to its original state. Guy Helmer Guy Helmer, Graduate Student, Iowa State University Dept. of Computer Science Research Assistant, Ames Laboratory --- ghelmer@scl.ameslab.gov http://www.cs.iastate.edu/~ghelmer To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message