From owner-freebsd-security Fri Mar 22 13: 5:51 2002 Delivered-To: freebsd-security@freebsd.org Received: from www.unsam.edu.ar (ns2.unsam.edu.ar [170.210.48.2]) by hub.freebsd.org (Postfix) with ESMTP id C2A7737B419 for ; Fri, 22 Mar 2002 13:05:44 -0800 (PST) Received: from pi.iib.unsam.edu.ar (pi.iib.unsam.edu.ar [192.168.10.11]) by www.unsam.edu.ar (8.9.3/8.9.3) with ESMTP id SAA77523; Fri, 22 Mar 2002 18:05:41 -0300 (ART) (envelope-from fernan@pi.iib.unsam.edu.ar) Received: (from fernan@localhost) by pi.iib.unsam.edu.ar (8.11.3/8.11.3) id g2ML5er27541; Fri, 22 Mar 2002 18:05:40 -0300 (ART) (envelope-from fernan) Date: Fri, 22 Mar 2002 18:05:40 -0300 From: Fernan Aguero To: "Dmitry S. Makovey" Cc: Anthony Schneider , "Cameron S. Watters" , FreeBSD Security Subject: Re: su -c user command not working Message-ID: <20020322180540.C561@iib.unsam.edu.ar> References: <20020322165816.A561@iib.unsam.edu.ar> <0GTE005BP5MQBK@local.athabascau.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <0GTE005BP5MQBK@local.athabascau.ca>; from dmitry@athabascau.ca on Fri, Mar 22, 2002 at 01:18:03PM -0700 X-PGP-Key: http://genoma.unsam.edu.ar/~fernan/pubkey.asc Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org +----[ Dmitry S. Makovey (dmitry@athabascau.ca) dijo sobre "Re: su -c user command not working": | | On Friday 22 March 2002 12:58, you wrote: | > root> su man -c catman | > This account is currently not available. | > man is listed in /etc/passwd with /sbin/nologin as shell | if you want to run something with user privileges you should use su -m (do | not simulate full login - it will disable new shell invocation) | +----] OK, OK, so now it's clear. But apparently su -m does not work either. It still intrigues me why the examples in the su(1) manpages explicitly mention cases where no shell is available and therefore, the example will not work! What I'm trying to do is to create a new user to make backups (using amanda). But, I'm trying to avoid giving that user a shell. Right now i cannot check how I've configured amanda (since I cannot su) without giving amanda a shell. However, what will happen with cron jobs? I suppose that they will work OK without a shell ... is this so? Thanks also to Cameron and Anthony for their prompt replies. Fernan PD: regarding the ~/.cshrc issue, i had /bin/csh as shell, but even using /bin/tcsh does not make it change. Permissions for ~/.cshrc are set to 644. (Oh, and this also happens with root's own ~/.cshrc) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message