Date: Sat, 17 Nov 2012 11:20:21 -0500 From: Ryan Stone <rysto32@gmail.com> To: FreeBSD Current <freebsd-current@freebsd.org> Cc: bapt@freebsd.org Subject: Re: pw keeps setting /etc/group to 0600 Message-ID: <CAFMmRNxW0FzupbC9w4U5pPZUoqOE%2B3rqFNRUrnsMRGFnO7qPWA@mail.gmail.com> In-Reply-To: <CAFMmRNxDr=%2BpsiazVrJ8e=T4fogiiPv5nEAo%2BnfoD=tPYMehCw@mail.gmail.com> References: <CAFMmRNxDr=%2BpsiazVrJ8e=T4fogiiPv5nEAo%2BnfoD=tPYMehCw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Wow. So apparently things are even more broken than I though. Let's play, "What group am I in?" root@group-testing:/usr/home/rstone # cd /tmp root@group-testing:/tmp # pw groupadd testing root@group-testing:/tmp # mkdir testdir root@group-testing:/tmp # chown root:testing testdir/ root@group-testing:/tmp # chmod g+rwx testdir/ root@group-testing:/tmp # pw usermod root@group-testing:/tmp # pw groupmod testing -m rstone root@group-testing:/tmp # id rstone uid=1001(rstone) gid=1001(rstone) groups=1001(rstone),0(wheel),1002(testing) root@group-testing:/tmp # exit $ id uid=1001(rstone) gid=1001 groups=1001,0 $ id rstone uid=1001(rstone) gid=1001 groups=1001 $ touch /tmp/testdir/testfile touch: /tmp/testdir/testfile: Permission denied $ ls -ld /tmp/testdir/ drwxrwxr-x 2 root 1002 512 Nov 17 11:07 /tmp/testdir/ My original complaint that /etc/group gets permissions of 0600 is a result of a bug in libutil, which bapt@ ported pw to use in r242349. The new group manipulation API using mktemp to create a temporary file, writes the new group database to the temp file and then renames the temp file to /etc/group. The problem here is that mktemp creates a file with a mode of 600, and libutil never chmods it. That should be pretty trivial to fix. I have no idea what's happening in my example above, though. Baptiste, I have to ask: how much testing did r242349 receive before it was committed?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAFMmRNxW0FzupbC9w4U5pPZUoqOE%2B3rqFNRUrnsMRGFnO7qPWA>