From owner-freebsd-bugs Sat Nov 2 19:53:23 1996 Return-Path: owner-bugs Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id TAA19870 for bugs-outgoing; Sat, 2 Nov 1996 19:53:23 -0800 (PST) Received: from skynet.ctr.columbia.edu (skynet.ctr.columbia.edu [128.59.64.70]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id TAA19858 for ; Sat, 2 Nov 1996 19:53:13 -0800 (PST) Received: (from wpaul@localhost) by skynet.ctr.columbia.edu (8.6.12/8.6.9) id WAA00765; Sat, 2 Nov 1996 22:52:41 -0500 From: Bill Paul Message-Id: <199611030352.WAA00765@skynet.ctr.columbia.edu> Subject: Re: bin/1947: Something is really hosed with the passwd command, or something To: jkh@time.cdrom.com Date: Sat, 2 Nov 1996 22:52:40 -0500 (EST) Cc: bugs@freebsd.org In-Reply-To: <199611030254.SAA26474@time.cdrom.com> from "Jordan K. Hubbard" at Nov 2, 96 06:54:52 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-bugs@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Of all the gin joints in all the towns in all the world, Jordan K. Hubbard had to walk into mine and say: [chop] > >Description: > > Boot the system, use the password command. It works fine. > Now rebuild and install the password command. Try and use it > again, WTF?! > > jkh@red-> passwd jkh > passwd: Permission denied > jkh@red-> ls -l /usr/bin/passwd > -r-sr-xr-x 2 root bin 37629 Nov 2 18:51 /usr/bin/passwd > /usr/bin/passwd > passwd: Permission denied > > Uh.... If you look in local_passwd.c (grep for EACCES -- this is a bit of a gotcha: the 'Permission denied' message is printed by the err() function rather than being in the code), you'll see where this error message comes from. I think the problem may be that you su'ed to another user. The passwd(1) program determines your uid using getuid() and then compares that to pw->pw_uid as listed in what passwd thinks is your entry in the password database (if you don't enter a username on the command line, passwd uses getlogin() to figure out who you are; if you do supply a username on the command line, this overrides what it gets from getlogin(), but normally only root is allowed to change passwords for other users). This is important: it uses your uid, not your euid. Since you said you installed the passwd program, I'm thinking you may have su'ed to root or some other user at some point. I would edit local_passwd.c and stick in a printf so that you can see the uid and pw->pw_uid it thinks you have so you can see exactly why it's complaining. I've noticed this behavior a bit when debugging the NIS extensions, but I couldn't decide whether it was wrong or not so I left it alone since normal users shouldn't be able to notice the problem anyway. (Normal users can't use su.) > >How-To-Repeat: > > Do the above. Doing the above isn't enough; it'll probably work fine for most people unless they somehow stumble into the same set of conditions that you did. > >Fix: > > Woo, I dunno - this one might even be a bug which has crept into > our handling of setuid or schg'd binaries, for all I know. I don't think it's that. Like I said: try to stuff a few debugging printf()s in local_passwd.c and see what you can see. -Bill -- ============================================================================= -Bill Paul (212) 854-6020 | System Manager, Master of Unix-Fu Work: wpaul@ctr.columbia.edu | Center for Telecommunications Research Home: wpaul@skynet.ctr.columbia.edu | Columbia University, New York City ============================================================================= "If you're ever in trouble, go to the CTR. Ask for Bill. He will help you." =============================================================================