From owner-freebsd-security Fri Mar 22 12:53:12 2002 Delivered-To: freebsd-security@freebsd.org Received: from goofy.epylon.com (sf-gw.epylon.com [63.93.9.98]) by hub.freebsd.org (Postfix) with ESMTP id 8568A37B419 for ; Fri, 22 Mar 2002 12:53:05 -0800 (PST) Received: by goofy.epylon.lan with Internet Mail Service (5.5.2653.19) id ; Fri, 22 Mar 2002 12:53:05 -0800 Message-ID: <657B20E93E93D4118F9700D0B73CE3EA02FFF4C5@goofy.epylon.lan> From: "DiCioccio, Jason" To: 'Nicolas Rachinsky' , FreeBSD Security Subject: RE: su -c user command not working Date: Fri, 22 Mar 2002 12:53:04 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 No, the reason this works is because you're passing the -c to the shell which su invokes. Most shells take a -c argument. This is why -c is passed after the username, su -c username would be what you are thinking of :) Cheers, - -JD- - -----Original Message----- From: Nicolas Rachinsky [mailto:list@rachinsky.de] Sent: Friday, March 22, 2002 12:50 PM To: FreeBSD Security Subject: Re: su -c user command not working * Anthony Schneider [2002-03-22 15:36:57 -0500]: > the -c flag passes a command to the shell of the user you are su'ing to, man su ... -c class Use the settings of the specified login class. Only allowed for the super-user. ... > so since user man's shell is /sbin/nologin, /sbin/nologin is (according > to su) supposed to interpret the command 'catman' and execute it, > however /sbin/nologin doesn't interpret commands, it just prints the > message "This account is currently unavailable" (just as it did for you) > and then exits. for 'su -c' to work, the user you are su'ing to needs > something to actually interpret the command. i suggest you either change > that user's passwd info to have such a shell, or you to an account that > has such a shell. I think for 'su -c' to work as expected here, you have to use some linux distri ;-) Nicolas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message -----BEGIN PGP SIGNATURE----- Version: PGP 7.0.4 iQA/AwUBPJubur8+wXo6G32BEQJtugCfREAjMZVH07wIIqihuF7hpN0mjbgAnAmK bI2JYzZ31IzCAIU4u7PH2oMO =i1Oj -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message