From owner-freebsd-security Fri Mar 22 13:11:31 2002 Delivered-To: freebsd-security@freebsd.org Received: from goofy.epylon.com (sf-gw.epylon.com [63.93.9.98]) by hub.freebsd.org (Postfix) with ESMTP id 8C99F37B404 for ; Fri, 22 Mar 2002 13:11:24 -0800 (PST) Received: by goofy.epylon.lan with Internet Mail Service (5.5.2653.19) id ; Fri, 22 Mar 2002 13:11:23 -0800 Message-ID: <657B20E93E93D4118F9700D0B73CE3EA02FFF4C6@goofy.epylon.lan> From: "DiCioccio, Jason" To: 'Fernan Aguero' , "Dmitry S. Makovey" Cc: Anthony Schneider , "Cameron S. Watters" , FreeBSD Security Subject: RE: su -c user command not working Date: Fri, 22 Mar 2002 13:11:22 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hmm.. that's strange.. Works for me.. It doesn't work though if you're doing it from a non-root user. # su -m man -c id uid=9(man) gid=9(man) groups=9(man) man:*:9:9:Mister Man Pages:/usr/share/man:/sbin/nologin Cheers, - -JD- - -----Original Message----- From: Fernan Aguero [mailto:fernan@iib.unsam.edu.ar] Sent: Friday, March 22, 2002 1:06 PM To: Dmitry S. Makovey Cc: Anthony Schneider; Cameron S. Watters; FreeBSD Security Subject: Re: su -c user command not working +----[ Dmitry S. Makovey (dmitry@athabascau.ca) dijo sobre "Re: su -c user command not working": | | On Friday 22 March 2002 12:58, you wrote: | > root> su man -c catman | > This account is currently not available. | > man is listed in /etc/passwd with /sbin/nologin as shell | if you want to run something with user privileges you should use su -m (do | not simulate full login - it will disable new shell invocation) | +----] OK, OK, so now it's clear. But apparently su -m does not work either. It still intrigues me why the examples in the su(1) manpages explicitly mention cases where no shell is available and therefore, the example will not work! What I'm trying to do is to create a new user to make backups (using amanda). But, I'm trying to avoid giving that user a shell. Right now i cannot check how I've configured amanda (since I cannot su) without giving amanda a shell. However, what will happen with cron jobs? I suppose that they will work OK without a shell ... is this so? Thanks also to Cameron and Anthony for their prompt replies. Fernan PD: regarding the ~/.cshrc issue, i had /bin/csh as shell, but even using /bin/tcsh does not make it change. Permissions for ~/.cshrc are set to 644. (Oh, and this also happens with root's own ~/.cshrc) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message -----BEGIN PGP SIGNATURE----- Version: PGP 7.0.4 iQA/AwUBPJugBL8+wXo6G32BEQIEUACdE7ayiS9+4pj9LiDCIBHRwFeD3kwAoOku bHbW3LW2HiaWYSxIe5NP9lN6 =BABr -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message