From owner-freebsd-security  Fri Mar 22 13: 5:51 2002
Delivered-To: freebsd-security@freebsd.org
Received: from www.unsam.edu.ar (ns2.unsam.edu.ar [170.210.48.2])
	by hub.freebsd.org (Postfix) with ESMTP id C2A7737B419
	for <freebsd-security@freebsd.org>; Fri, 22 Mar 2002 13:05:44 -0800 (PST)
Received: from pi.iib.unsam.edu.ar (pi.iib.unsam.edu.ar [192.168.10.11])
	by www.unsam.edu.ar (8.9.3/8.9.3) with ESMTP id SAA77523;
	Fri, 22 Mar 2002 18:05:41 -0300 (ART)
	(envelope-from fernan@pi.iib.unsam.edu.ar)
Received: (from fernan@localhost)
	by pi.iib.unsam.edu.ar (8.11.3/8.11.3) id g2ML5er27541;
	Fri, 22 Mar 2002 18:05:40 -0300 (ART)
	(envelope-from fernan)
Date: Fri, 22 Mar 2002 18:05:40 -0300
From: Fernan Aguero <fernan@iib.unsam.edu.ar>
To: "Dmitry S. Makovey" <dmitry@athabascau.ca>
Cc: Anthony Schneider <aschneid@mail.slc.edu>,
	"Cameron S. Watters" <cam-listsubs@h2os.org>,
	FreeBSD Security <freebsd-security@freebsd.org>
Subject: Re: su -c user command not working
Message-ID: <20020322180540.C561@iib.unsam.edu.ar>
References: <20020322165816.A561@iib.unsam.edu.ar> <0GTE005BP5MQBK@local.athabascau.ca>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <0GTE005BP5MQBK@local.athabascau.ca>; from dmitry@athabascau.ca on Fri, Mar 22, 2002 at 01:18:03PM -0700
X-PGP-Key: http://genoma.unsam.edu.ar/~fernan/pubkey.asc
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

+----[ Dmitry S. Makovey (dmitry@athabascau.ca) dijo sobre "Re: su -c user command not working":
|
| On Friday 22 March 2002 12:58, you wrote:
| > root> su man -c catman
| > This account is currently not available.
| > man is listed in /etc/passwd with /sbin/nologin as shell
| if you want to run something with user privileges you should use su -m (do 
| not simulate full login - it will disable new shell invocation)
|
+----]

OK, OK, so now it's clear. But apparently su -m does not work either.
It still intrigues me why the examples in the su(1) manpages
explicitly mention cases where no shell is available and therefore,
the example will not work! 

What I'm trying to do is to create a new user to make backups (using
amanda). But, I'm trying to avoid giving that user a shell. 

Right now i cannot check how I've configured amanda (since I cannot
su) without giving amanda a shell. However, what will happen with cron
jobs? I suppose that they will work OK without a shell ... is this so?

Thanks also to Cameron and Anthony for their prompt replies. 

Fernan

PD: regarding the ~/.cshrc issue, i had /bin/csh as shell, but even
using /bin/tcsh does not make it change. Permissions for ~/.cshrc are
set to 644. (Oh, and this also happens with root's own ~/.cshrc)

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message