From owner-freebsd-bugs@FreeBSD.ORG  Tue Jan  7 12:40:01 2014
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Delivered-To: freebsd-bugs@smarthost.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 7B0BAA09
 for <freebsd-bugs@smarthost.ysv.freebsd.org>;
 Tue,  7 Jan 2014 12:40:01 +0000 (UTC)
Received: from freefall.freebsd.org (freefall.freebsd.org
 [IPv6:2001:1900:2254:206c::16:87])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 553BE1371
 for <freebsd-bugs@smarthost.ysv.freebsd.org>;
 Tue,  7 Jan 2014 12:40:01 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
 by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id s07Ce1d0022967
 for <freebsd-bugs@freefall.freebsd.org>; Tue, 7 Jan 2014 12:40:01 GMT
 (envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
 by freefall.freebsd.org (8.14.7/8.14.7/Submit) id s07Ce16T022965;
 Tue, 7 Jan 2014 12:40:01 GMT (envelope-from gnats)
Resent-Date: Tue, 7 Jan 2014 12:40:01 GMT
Resent-Message-Id: <201401071240.s07Ce16T022965@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
 Daniel Braniss <danny@cs.huji.ac.il>
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id B634D9E4
 for <FreeBSD-gnats-submit@freebsd.org>; Tue,  7 Jan 2014 12:37:55 +0000 (UTC)
Received: from kabab.cs.huji.ac.il (kabab.cs.huji.ac.il [132.65.116.12])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 682881359
 for <FreeBSD-gnats-submit@freebsd.org>; Tue,  7 Jan 2014 12:37:55 +0000 (UTC)
Received: from rnd.cs.huji.ac.il ([132.65.80.8])
 by kabab.cs.huji.ac.il with esmtp id 1W0Vuq-000AQH-P5
 for FreeBSD-gnats-submit@freebsd.org; Tue, 07 Jan 2014 14:37:52 +0200
Received: from danny by rnd.cs.huji.ac.il with local (Exim 4.82 (FreeBSD))
 (envelope-from <danny@cs.huji.ac.il>) id 1W0Vuq-000PJQ-Ob
 for FreeBSD-gnats-submit@freebsd.org; Tue, 07 Jan 2014 14:37:52 +0200
Message-Id: <E1W0Vuq-000PJQ-Ob@rnd.cs.huji.ac.il>
Date: Tue, 07 Jan 2014 14:37:52 +0200
From: Daniel Braniss <danny@cs.huji.ac.il>
To: FreeBSD-gnats-submit@freebsd.org
X-Send-Pr-Version: 3.114
Subject: bin/185551: rsh failes if home dir is closed and access is via NFS
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: Daniel Braniss <danny@cs.huji.ac.il>
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs/>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jan 2014 12:40:01 -0000


>Number:         185551
>Category:       bin
>Synopsis:       rsh failes if home dir is closed and access is via NFS
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Jan 07 12:40:00 UTC 2014
>Closed-Date:
>Last-Modified:
>Originator:     Daniel Braniss
>Release:        FreeBSD 9.2-STABLE amd64
>Organization:
>Environment:
System: FreeBSD rnd 9.2-STABLE FreeBSD 9.2-STABLE #63: Fri Oct 18 09:53:29 IDT 2013 danny@rnd:/home/obj/rnd/r+d/stable/9/sys/HUJI amd64

	also on 10.
	
>Description:
	when the home directory of a user is open only to the owner,
	rsh will fail it's mounted via NFS, the  and the host has no root
	permition.
	The problem was diagnosed by Tomer Kleiner <mandor@cs.huji.ac.il>

>How-To-Repeat:
	chmod 700 ~
	rsh some-host-without-root-permitions
>Fix:
	this is not optimal but does fix the problem

diff -r f66afda58cc9 lib/libc/net/rcmd.c
--- a/lib/libc/net/rcmd.c	Sat Jan 04 09:12:21 2014 +0200
+++ b/lib/libc/net/rcmd.c	Mon Jan 06 13:15:01 2014 +0200
@@ -447,6 +447,7 @@
 	FILE *hostf;
 	uid_t uid;
 	int first;
+	int hostlstat;
 	char pbuf[MAXPATHLEN];
 	const struct sockaddr *raddr;
 	struct sockaddr_storage ss;
@@ -482,6 +483,7 @@
 		uid = geteuid();
 		(void)seteuid(pwd->pw_uid);
 		hostf = fopen(pbuf, "r");
+		hostlstat = lstat(pbuf, &sbuf);
 		(void)seteuid(uid);
 
 		if (hostf == NULL)
@@ -491,7 +493,7 @@
 		 * user or root or if writeable by anyone but the owner, quit.
 		 */
 		cp = NULL;
-		if (lstat(pbuf, &sbuf) < 0)
+		if (hostlstat < 0)
 			cp = ".rhosts lstat failed";
 		else if (!S_ISREG(sbuf.st_mode))
 			cp = ".rhosts not regular file";
>Release-Note:
>Audit-Trail:
>Unformatted: