From owner-freebsd-current Wed Jul 25 18:45:20 2001 Delivered-To: freebsd-current@freebsd.org Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201]) by hub.freebsd.org (Postfix) with ESMTP id E49D737B401 for ; Wed, 25 Jul 2001 18:45:17 -0700 (PDT) (envelope-from sheldonh@starjuice.net) Received: from sheldonh (helo=axl.seasidesoftware.co.za) by axl.seasidesoftware.co.za with local-esmtp (Exim 3.31 #1) id 15PaEB-000H3D-00 for current@FreeBSD.org; Thu, 26 Jul 2001 03:46:15 +0200 From: Sheldon Hearn To: current@FreeBSD.org Subject: Re: su root broken in -CURRENT In-reply-to: Your message of "Thu, 26 Jul 2001 03:15:38 +0200." <30911.996110138@axl.seasidesoftware.co.za> Date: Thu, 26 Jul 2001 03:46:15 +0200 Message-ID: <65545.996111975@axl.seasidesoftware.co.za> Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, 26 Jul 2001 03:15:38 +0200, Sheldon Hearn wrote: > I've completed a pretty clean crossgrade [1] to -CURRENT and find that > su is broken. I thought this had been fixed. > > I have a virgin rev 1.17 /etc/pam.conf, I'm in group wheel, I built > world with no funky options, the su binary (built from su rev 1.39) > really is setuid root and yet I get the amazingly helpful error message: > > su: Sorry Found it. pam_wheel is a whore. It doesn't use getgid() or getegid(), but instead grovels through /etc/group manually. I'm in group wheel by virtue of the fact that my GID specified in the passwd file is 0. I don't have to be in /etc/group. Unless, of course, I want to su. :-) Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message