Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 3 Oct 2015 10:12:49 -0700
From:      "Simon J. Gerraty" <sjg@juniper.net>
To:        Bryan Drewery <bdrewery@freebsd.org>
Cc:        Jilles Tjoelker <jilles@stack.nl>, <freebsd-arch@freebsd.org>, <sjg@juniper.net>
Subject:   Re: login -f changing session getlogin(2)
Message-ID:  <28007.1443892369@chaos>
In-Reply-To: <560DAD6D.7050007@FreeBSD.org>
References:  <560D826D.7000302@FreeBSD.org> <20151001203436.GA22737@stack.nl> <560DAD6D.7050007@FreeBSD.org>

next in thread | previous in thread | raw e-mail | index | archive | help
Hi Bryan

> >> It makes me wonder if there's bigger architectural issues here that need
> >> addressing with session and login. Perhaps login -f is just a special
> >> case though.

As others have indicated your use of 'login -f' is "unexpected".

> Well, none of that is documented or its use discouraged. It has been

People document what they expect others need to know - and that is
framed by their own expectations of usage.
Thus lack of a documented admonition against every possible usage, does
not constitute a guarantee of support.

When eventually someone uses something in an "unexpected" way,
and encounters problems, there are basically three options.

1/ document that that should not be done, or that problems may arise

2/ prevent it being done

3/ make it work

> And actually, 'su -l' NOT calling setlogin(2) is another surprise. I
> have used 'login -f' precisely because it simulates a real login and
> sets up the environment as the user. If I am dropping into a user's
> shell I expect things like 'mail' to have their FROM not root or
> wherever I came from in my session.

Masquerading as another user to that extent, sounds somewhat disturbing
actually, and not something that should really be optimized for.

So I'd guess in this case that #1 is the correct option.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?28007.1443892369>