From owner-freebsd-current@freebsd.org Mon Jul 9 11:54:49 2018 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4053C1043309 for ; Mon, 9 Jul 2018 11:54:49 +0000 (UTC) (envelope-from jhs@berklix.com) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id D1E0F93818 for ; Mon, 9 Jul 2018 11:54:48 +0000 (UTC) (envelope-from jhs@berklix.com) Received: by mailman.ysv.freebsd.org (Postfix) id 8F1781043304; Mon, 9 Jul 2018 11:54:48 +0000 (UTC) Delivered-To: current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6C8D910432FE for ; Mon, 9 Jul 2018 11:54:48 +0000 (UTC) (envelope-from jhs@berklix.com) Received: from land.berklix.org (land.berklix.org [144.76.10.75]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "land.berklix.org", Issuer "land.berklix.org" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 00C0893816 for ; Mon, 9 Jul 2018 11:54:47 +0000 (UTC) (envelope-from jhs@berklix.com) Received: from mart.js.berklix.net (pD9FA8EA3.dip0.t-ipconnect.de [217.250.142.163]) (authenticated bits=0) by land.berklix.org (8.15.2/8.15.2) with ESMTPSA id w69BsWDY072446 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 9 Jul 2018 11:54:46 GMT (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by mart.js.berklix.net (8.14.3/8.14.3) with ESMTP id w69BsVR4048771; Mon, 9 Jul 2018 13:54:32 +0200 (CEST) (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.14.7/8.14.7) with ESMTP id w69Bs7Ha024391; Mon, 9 Jul 2018 13:54:31 +0200 (CEST) (envelope-from jhs@berklix.com) Message-Id: <201807091154.w69Bs7Ha024391@fire.js.berklix.net> To: current@freebsd.org cc: "Julian H. Stacey" Subject: How to add su to /rescue ? From: "Julian H. Stacey" Organization: http://berklix.eu BSD Linux Unix Consultants, Munich Germany User-agent: EXMH on FreeBSD http://www.berklix.eu/free/ X-From: http://www.berklix.eu/~jhs/ Date: Mon, 09 Jul 2018 13:54:07 +0200 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Jul 2018 11:54:49 -0000 Hi current@ I want to add su to /rescue, but got stuck on pam. Old unix su didn't suffer from pam. There's no #define in su to turn off pam. Man src.conf says WITHOUT_PAM is deprecated & does nothing. Can someone please offer a solution ? Or better to include a simple BSD su pre pam ? I would happily develop a patch for that. Notes to explain the need, & patches from my http://berklix.com/~jhs/src/bsd/fixes/freebsd/src/gen/rescue/ --------- Patch[es] below to solve this emailed scenario: > Please on prison-host cp /lib/libc.so.7 /tank/ezjail/my-domain/lib/libc.so.7 > I am logged in on jail-host, but only as normal-user, not root, so I cannot run > /rescue/cp /usr/obj/usr/src/lib/libc/libc.so.7 /lib/libc.so.7 > > a my make installworld on jail-host.my-domain previously failed with > ===> lib/libc (install) > install -C -o root -g wheel -m 444 libc.a /usr/lib > install -C -o root -g wheel -m 444 libc_p.a /usr/lib > install -s -o root -g wheel -m 444 -fschg -S libc.so.7 /lib > install: /lib/libc.so.7: chflags: Operation not permitted > *** Error code 71 > (might or not be an artifact of being in a jail) > > unfortunately I had run the command as > xs make installworld > (xs is my own little root wrapper) > so when it exited, I was just normal-user not root, & I had forgotten to > open another xterm & leave it logged in as root, > & I found no /rescue/su *** 12.0-CURRENT/usr/src/rescue/rescue/Makefile.orig Tue Jun 19 14:43:47 2018 --- new-generic/usr/src/rescue/rescue/Makefile Mon Jul 9 12:21:47 2018 *************** *** 188,193 **** --- 188,195 ---- CRUNCH_PROGS_usr.bin+= less CRUNCH_ALIAS_less= more + CRUNCH_PROGS_usr.bin+= su + CRUNCH_PROGS_usr.bin+= xz CRUNCH_ALIAS_xz= unxz lzma unlzma xzcat lzcat ----- Patch above fails with: cc -O2 -pipe -DBERKLIX=YES -std=gnu99 -Qunused-arguments -static -o reue rescue.o cat.lo chflags.lo chio.lo chmod.lo cp.lo date.lo dd.lo df.lo echo. ed.lo expr.lo getfacl.lo hostname.lo kenv.lo kill.lo ln.lo ls.lo mkdir.lo mv. pkill.lo ps.lo pwd.lo realpath.lo rm.lo rmdir.lo setfacl.lo sh.lo sleep.lo st.lo sync.lo test.lo csh.lo camcontrol.lo clri.lo devfs.lo dmesg.lo dump.lo dums.lo dumpon.lo fsck.lo fsck_ffs.lo fsck_msdosfs.lo fsdb.lo fsirand.lo gbde.lo om.lo ifconfig.lo init.lo kldconfig.lo kldload.lo kldstat.lo kldunload.lo ldcoig.lo md5.lo mdconfig.lo mdmfs.lo mknod.lo mount.lo mount_cd9660.lo mount_msdos.lo mount_nfs.lo mount_nullfs.lo mount_udf.lo mount_unionfs.lo newfs.lo newfssdos.lo nos-tun.lo ping.lo reboot.lo restore.lo rcorder.lo route.lo savecore.lshutdown.lo spppcontrol.lo swapon.lo sysctl.lo tunefs.lo umount.lo ccdconfig.lping6.lo rtsol.lo ipf.lo routed.lo rtquery.lo zfs.lo zpool.lo bsdlabel.lo fdislo dhclient.lo head.lo mt.lo sed.lo tail.lo tee.lo ! gzip.lo bzip2.lo less.lo suo xz.lo zstd.lo tar.lo nc.lo vi.lo id.lo iscsictl.lo zdb.lo chroot.lo chown.loscsid.lo /data/release/s1/usr/obj/data/release/s1/usr/src/amd64.amd64/rescue/rcue/../librescue/exec.o /data/release/s1/usr/obj/data/release/s1/usr/src/amd64md64/rescue/rescue/../librescue/getusershell.o /data/release/s1/usr/obj/data/rease/s1/usr/src/amd64.amd64/rescue/rescue/../librescue/login_class.o /data/relse/s1/usr/obj/data/release/s1/usr/src/amd64.amd64/rescue/rescue/../librescue/pen.o /data/release/s1/usr/obj/data/release/s1/usr/src/amd64.amd64/rescue/rescu../librescue/rcmdsh.o /data/release/s1/usr/obj/data/release/s1/usr/src/amd64.a64/rescue/rescue/../librescue/sysctl.o /data/release/s1/usr/obj/data/release/susr/src/amd64.amd64/rescue/rescue/../librescue/system.o -lcrypt -ledit -ljail kvm -lelf -ll -ltermcapw -lutil -lxo -l80211 -lalias -lcam -lncursesw -ldevsta-lipsec -llzma -lavl -lzpool -lzfs_core -lzfs -lnvpair -lpthread -luutil -lume-lgeom -lbsdxml -lkiconv ! -lmt -lsbuf -lufs -lz -lbz2 -lprivatezstd -larchive -rypto -lmd -lm /usr/bin/ld: error: undefined symbol: pam_start >>> referenced by su.lo:(_$$hide$$ su.lo main) /usr/bin/ld: error: undefined symbol: pam_set_item >>> referenced by su.lo:(_$$hide$$ su.lo main) Patch below does not solve problem above *** 12.0-CURRENT/usr/src/rescue/librescue/Makefile.orig Mon Jul 9 13:02:43 2018 --- new-generic/usr/src/rescue/librescue/Makefile Mon Jul 9 13:03:59 2018 *************** *** 16,21 **** --- 16,22 ---- .PATH: ${SRCTOP}/lib/libc/gen \ ${SRCTOP}/lib/libc/net \ ${SRCTOP}/lib/libc/stdlib \ + ${SRCTOP}/lib/libpam/libpam \ ${SRCTOP}/lib/libutil LIB= rescue --- changing libpam/libpam to libpam also fails. ------- Cheers, Julian -- Julian Stacey, Computer Consultant, Systems Engineer, BSD Linux Unix, Munich Brexit Referendum stole 3.7 million votes inc. from 700,000 British in EU. UK Goverment lies it's democratic in Article 50 paragraph 3 of letter to EU. http://berklix.eu/queen/ https://www.peoples-vote.uk 200,000 @ 9 Jul 2018