From owner-freebsd-arch@freebsd.org Sat Oct 3 19:52:10 2015 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B2BDBA0F9C1 for ; Sat, 3 Oct 2015 19:52:10 +0000 (UTC) (envelope-from sjg@juniper.net) Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1bbn0108.outbound.protection.outlook.com [157.56.111.108]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "MSIT Machine Auth CA 2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 2047F1D54; Sat, 3 Oct 2015 19:52:09 +0000 (UTC) (envelope-from sjg@juniper.net) Received: from BY2PR05CA049.namprd05.prod.outlook.com (10.141.250.39) by BLUPR05MB054.namprd05.prod.outlook.com (10.255.210.149) with Microsoft SMTP Server (TLS) id 15.1.286.20; Sat, 3 Oct 2015 19:52:01 +0000 Received: from BY2FFO11FD050.protection.gbl (2a01:111:f400:7c0c::162) by BY2PR05CA049.outlook.office365.com (2a01:111:e400:2c5f::39) with Microsoft SMTP Server (TLS) id 15.1.286.20 via Frontend Transport; Sat, 3 Oct 2015 19:52:00 +0000 Authentication-Results: spf=softfail (sender IP is 66.129.239.18) smtp.mailfrom=juniper.net; FreeBSD.org; dkim=none (message not signed) header.d=none;FreeBSD.org; dmarc=none action=none header.from=juniper.net; Received-SPF: SoftFail (protection.outlook.com: domain of transitioning juniper.net discourages use of 66.129.239.18 as permitted sender) Received: from p-emfe01b-sac.jnpr.net (66.129.239.18) by BY2FFO11FD050.mail.protection.outlook.com (10.1.15.187) with Microsoft SMTP Server (TLS) id 15.1.274.4 via Frontend Transport; Sat, 3 Oct 2015 19:51:59 +0000 Received: from magenta.juniper.net (172.17.27.123) by p-emfe01b-sac.jnpr.net (172.24.192.21) with Microsoft SMTP Server (TLS) id 14.3.123.3; Sat, 3 Oct 2015 12:51:49 -0700 Received: from chaos.jnpr.net (chaos.jnpr.net [172.21.16.28]) by magenta.juniper.net (8.11.3/8.11.3) with ESMTP id t93JpHD47379; Sat, 3 Oct 2015 12:51:17 -0700 (PDT) (envelope-from sjg@juniper.net) Received: from chaos (localhost [IPv6:::1]) by chaos.jnpr.net (Postfix) with ESMTP id A9D1A580A9; Sat, 3 Oct 2015 12:51:17 -0700 (PDT) To: Bryan Drewery CC: Jilles Tjoelker , , Subject: Re: login -f changing session getlogin(2) In-Reply-To: <56101026.7060206@FreeBSD.org> References: <560D826D.7000302@FreeBSD.org> <20151001203436.GA22737@stack.nl> <560DAD6D.7050007@FreeBSD.org> <28007.1443892369@chaos> <56101026.7060206@FreeBSD.org> Comments: In-reply-to: Bryan Drewery message dated "Sat, 03 Oct 2015 10:28:06 -0700." From: "Simon J. Gerraty" X-Mailer: MH-E 8.6; nmh 1.6; GNU Emacs 24.5.1 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <1039.1443901877.1@chaos> Date: Sat, 3 Oct 2015 12:51:17 -0700 Message-ID: <16315.1443901877@chaos> X-EOPAttributedMessage: 0 X-Microsoft-Exchange-Diagnostics: 1; BY2FFO11FD050; 1:9QcokQo7kL3ygAtUZVvxXe6oB5YQx+fMy14EP/NuyBVh4Rgi9YHZCOxVZERpgbUbKoEDRWT72cEQBKL1jpsMMZ5BQJIRcm9KnRztYDeEhEk1vknBSvs/DLnMZfxhyspdNDtal/g3ho+Cfndrw19dG6OTt0W7qa/N9kGisGoDVAC09xmCxOavrMUPt7GarQGAbrqbhEhlBettiLxAWgVZ4ac9gqfUogP3QMjO7q4FIM1oB7+iorERZGB9sk+aBUqP1FviUp0a17djn2SQcek7AGLM5Qp6N5M0jrr25TFABHRPT0abDdSgZizFeazA/Q4IajL6axp83NvudM3drSNlfw== X-Forefront-Antispam-Report: CIP:66.129.239.18; CTRY:US; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10019020)(6009001)(2980300002)(24454002)(189002)(199003)(86362001)(87936001)(2950100001)(64706001)(97756001)(50226001)(23726002)(50466002)(117636001)(50986999)(19580405001)(76176999)(47776003)(69596002)(92566002)(19580395003)(5001960100002)(551544002)(107886002)(77156002)(76506005)(57986006)(110136002)(105596002)(106466001)(62966003)(5008740100001)(33716001)(46102003)(77096005)(93886004)(97736004)(81156007)(6806005)(4001540100001)(5001860100001)(68736005)(5001830100001)(5007970100001)(189998001)(46406003)(4001430100001)(42262002)(62816006); DIR:OUT; SFP:1102; SCL:1; SRVR:BLUPR05MB054; H:p-emfe01b-sac.jnpr.net; FPR:; SPF:SoftFail; PTR:InfoDomainNonexistent; MX:1; A:1; LANG:en; X-Microsoft-Exchange-Diagnostics: 1; BLUPR05MB054; 2:E7zmHG+sJzWshFWelE/Ka+9dHCw160aGqzitj0xbFCZPvGPpf53wjUQyzqHYvzSOzGhHG2suirIm4F+GkPo1YdMUdcj/NZMt7cqvQdsb8oDnLTbdUkF8cCEWouZBmGR16mc74E3XQ+4uxEQyUbpNF0fIt+/63WSDMZ4bBJA58ak=; 3:MwfHrY8+2b7mF8fdIDtV/BMgcjhkTkujXNlPbtaKEEAeMiWJcU1l7qM+xqy4ywZ4RRjMgVACb2r18xJys6dfUbB0IMbRdEQFM8g2QuHhYqSJZG02fnEgXKcZ8a2prt+x913epVhkKTvwZE0QZNIsCj22Pqe0L7ePIHKJzA2WbGFBFJHl0rAd71VKDRf0N29OhVE10ZsDzLRu0QRyar8Kp7AjFc7lD7UOYYP1yqVY1ik=; 25:pajHXgVe8A3M/aZB1vxyJ6kOZpxm2Dvum6oDJPH64LvuEpAm+XJrcrK87qofGUQmEn8Te/9pE+ppEfRN7ICbAWM3wBhW6pwkOnAOggdPSfkQGRCmBw1AnpN2n5Yp0jEhJgZyQNvpZBp6apXDSbHDSA4PkX3Pa3Qbzj1TGQ81fvc8mGdDismiCgWIp8QUiV7eNlHVQW+5FLDiltBWncm1NKVpCzhlFh1Ij97gxsdVkbh5BOfaIHUWcVs2Klgb1J3Y X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BLUPR05MB054; X-Microsoft-Exchange-Diagnostics: 1; BLUPR05MB054; 20:nGv1ivCzb8NVm4SkCEoCv2G4rhtkWVp+0U76z2H7mbYljSljNClAmzPfwSJnGpFhlNiahtB28QtvnH/ZUgsEEN0GjuONv1QwOUlVIUCI2hvkZVd6v4cUdkfHI8ewu3hKBXMy2uSnvVmDaBUUZzGwFnCNs2kFG7TwY0/BliEVCUak6+fRjukulwDimVxntoZrx41VTpiqyAO/WW/OI1scOyYJXddRE4KjBUQ4DkVIXd9y4/j+cS4I9PXcN2X6BBQbN1VsbV+UsY5gjzGrA/wt+o1jRkxc3uFn3TOKZfRI/QioxkUefrpncjQvnNq6zYvc8xqBe+aAxe579ji8E/ehEvRfyP3fIHSBI6vnaGf6ibLKbZeh+Rd0zsKEdq1SkvuIbbhTcoY0Y9ZX1QNa1aOFxDRHIyTEFWGKnq+MS0LZ4iCcAd9142w9kRiCZPQh15RJviOOsoPqoq07YJ0oevefayxinttEIdqd1XBb56ED/gbaZ7kXGvuaeC+IgVSoYMbd; 4:oNKI4SVXIJuf7hPg14IJuOqx6daQPjeicqmj4WLMd5Ya01/J6k+De0B+kD1ANjlTraqC1O2ixUG1GiyNc/K+ODl0wba2WmL8BbcrRYBJ/YGrmpLPpT0oqeQ4bilbgroxmEr22OzSWR82eQFBJ4ev0UDja2JFUK4X73BE45Z059iZJCSDFjWg4ptcIpXfH3HLg1bL4oXGQzlFKsF3t1TEYACEPB3upcF6+sGNcG2ddYnhrugkQBlNZAeiQqm/wlHBct8Z6EcowN6uxmuwei2AO+0lVmWGfSRjSGz3CTGWyCz8hURF/2ODiHTcQOT1Tb2vh6g2GuoLdT76SlFuhF2Llp+RV3bVYx2KF6RG1WgzlYo= X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(2401047)(5005006)(8121501046)(520078)(3002001); SRVR:BLUPR05MB054; BCL:0; PCL:0; RULEID:; SRVR:BLUPR05MB054; X-Forefront-PRVS: 0718908305 X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BLUPR05MB054; 23:UKXuJ+6fvSJCUjkRXMcrl8TEaxkRZUD4my4aReEQvg?= =?us-ascii?Q?/0CNtxviiYZzd3x+TkJwqK8feu9CbrqgjYW3P/WApYP2gZZpYylUeqVhqQJ5?= =?us-ascii?Q?BWY/zWKPD/bdUf9Ysgdtar32RxZ6GnarjNfKa5RI6Bs4nf3KxRXgO/X7fnIh?= =?us-ascii?Q?une9EL+z8qnRMfFhNlJUHvlXvVLrRqVwptEnjzQ+2RFDwfnvmbWRZfxC2K6/?= =?us-ascii?Q?KjZmuUTdiGSJI1m0qj92Nv+KkpJo6e/Up3f9t2bI3s1NBWrFXjZ4OlazXXc4?= =?us-ascii?Q?p6HSbucCqYgfVv6bJ7M/VDHXuAJrDB1PjoQbp1q0x3y3WA+mQIuSUuyi8LCi?= =?us-ascii?Q?qwkQFOMVHDkZ/mOHq1xNPHlp9PNLeohGlfAe/2It9/fEKSEc+iN8gAOhrxqe?= =?us-ascii?Q?lLD+GyMTaEB7QTENxWwefJCGuL0+mLg9x10iGUgfExk/qmqUmqYA2iIMpgEd?= =?us-ascii?Q?Ym4hVFfGw/r5Bn2aHiHZPOufNbp+i2jnctA7tnRUcfeLBa8TG5kFo8aSCZQo?= =?us-ascii?Q?t1XIokIS2TTyOAfpPV4IQ0HJj5z+YbzaUYlt7qIBQL1JUVls7n7kmJRQhJx+?= =?us-ascii?Q?FxNbnJ8V0Qr+TTalMN+37gtbEFpes7uA4UdHZdSB7l+zOLzo35RKzItIiTYo?= =?us-ascii?Q?oVegdCUnYNzKLq65RdlKxKChd2XHgqWS/aSdVroHE5iNtl/83cSzGyLAEsEV?= =?us-ascii?Q?FBbLehLM9jiTmFMU0G+NrbM//XBoboeusmt/FK6EWVdxF17G7yq4PtJe7IFo?= =?us-ascii?Q?GGc1TWbp2FB0mHrVFAxvtzAsYO/YoYSJRzs5MzMhwB7xpSGJxVOdsSARtiBn?= =?us-ascii?Q?dtmmyEH286YWHFDVGj1n/fzfLdSlV65+nQohW5gA0sMDedgpKGrFij5VVNEk?= =?us-ascii?Q?D7aN9G0mTR0Y6JdsQ8nfJjVYUjloDM/6Pxp7X6S2GCZJ6cubSCvM3LQG+ZFp?= =?us-ascii?Q?Eh+9oHNtTZPDBLdX8Ab8/BmOfcZVYaodTpcPORua8uWxkwcHehFcLO0VX50u?= =?us-ascii?Q?8lybxcfDWPVxf4fJe6xGqGBCxfTt+hB6hUQkJSmOwFdybs09iMQsVfv85td5?= =?us-ascii?Q?9hCEmVmdALdhpGdFvWai3nUaPmcb+WTDVZCTEkyBjx8i3P6uesQL5D+rzpMk?= =?us-ascii?Q?ql/mAq8I9RR5+TzQAfcYU/6CYRZH5pw5d+LLerjbMfLA94+VgVQ8D8MHLtM2?= =?us-ascii?Q?7WWlvus66w4U9wwhBhd9la01yQlpNpxg3dFGfvtmMXexBrrnefM+odgXzYJA?= =?us-ascii?Q?bw1QkN3jEIqD1RE/u1THj8tgNoAYzNrr5p67XDyOm97QHru9BB3Oc/mP5Z6X?= =?us-ascii?Q?5/MTmVO7VNlV+9eCe76DE=3D?= X-Microsoft-Exchange-Diagnostics: 1; BLUPR05MB054; 5:Zn8bQEV40rwmjmlFkZYdSk4pBVRpWjtST+bb+gSUby+SxuV9MCE6EQ2E826QQ/zWq1mUkyKf8Ighxc3CcRfxPkby2IYMXHZRUs4iga1xOGTyTRbA52N0hR6U12Vgcz3axh7yCCRjdKGzm7LTPS82Vg==; 24:pIPV32q7ACsDVVqGvFN6Pt4bK6WY34JJlZo31GTXaCHS5+QJMDtX4ZbqpjpZvGl19mUDOKf2rERbndFn2ZcqhuVNEoVjvAg3w6KRmKQIsfk=; 20:1M6hCIgH/QrT5jPPaklnq5LZBn9I1IizmsUXRXachQW0cCWMB+DsAnfBdHLkNjAXNDnA1RzkuduV/huqzv6LIw== SpamDiagnosticOutput: 1:23 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: juniper.net X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Oct 2015 19:51:59.9996 (UTC) X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4 X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bea78b3c-4cdb-4130-854a-1d193232e5f4; Ip=[66.129.239.18]; Helo=[p-emfe01b-sac.jnpr.net] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR05MB054 X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Oct 2015 19:52:10 -0000 Bryan Drewery wrote: > This still ignores that 'su -l' does the opposite. The opposite of what? fwiw I'm not sure I'd want su - calling setlogin() but then I'm never trying to really masquerade as someone else to the extent that would matter. > Sometimes sysadmins need to masquerade as users for support. Having a > user hand over their SSH password, or adding a password to a service > user that should NOT have remote access, is not the answer. There needs > to be a way to login fully as a user for debugging issues as that user. There are many ways to skin that cat (eg append your pub key to their .ssh/authorized_keys) The easiest is to just use 'login -f' as you are doing, and when finished logout completely. I don't think anyone said you cannot use 'login -f', just that your use isn't what it was intended for. Adding a BUG/NOTE to the man page to warn anyone using it in this way to fully logout afterwards is a simple "solution".