Date: Mon, 20 Jul 1998 11:48:27 +1000 From: Sue Blake <sue@welearn.com.au> To: Andreas Klemm <andreas@klemm.gtn.com> Cc: freebsd-ports@FreeBSD.ORG Subject: Re: nethack permissions Message-ID: <19980720114827.50827@welearn.com.au> In-Reply-To: <19980720032710.B1203@klemm.gtn.com>; from Andreas Klemm on Mon, Jul 20, 1998 at 03:27:10AM %2B0200 References: <19980720080447.24765@welearn.com.au> <19980720023344.A2875@klemm.gtn.com> <19980720111801.63717@welearn.com.au> <19980720032710.B1203@klemm.gtn.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jul 20, 1998 at 03:27:10AM +0200, Andreas Klemm wrote:
> On Mon, Jul 20, 1998 at 11:18:01AM +1000, Sue Blake wrote:
> > On Mon, Jul 20, 1998 at 02:33:44AM +0200, Andreas Klemm wrote:
> > > On Mon, Jul 20, 1998 at 08:04:47AM +1000, Sue Blake wrote:
> > > > The nethack-3.2.2 package package sets user and group to games.games
> > > > and permissions 664 for every file in /usr/local/lib/nethackdir/
> > > > This has been deliberately set both in PLIST and in patch-aa (I think)
> > > >
> > > > Running nethack fails with:
> > > > Warning: cannot write scoreboard file /usr/local/lib/nethackdir/record
> > > > No write permission to lock perm!
> > > >
> > > > What's the trick here? Are well behaved users supposed to be rewarded
> > > > by adding them to the games group or something?
> > >
> > > /usr/local/bin/nethack is a wrapper shell script that calls the
> > > real nethack binary in ${PREFIX}/lib/nethack, that runs SGID games:
> > > -rwxr-sr-x 1 games games 1339278 19 Jul 14:15 nethack
> >
> > Sorry to be so uninformed, but I don't understand those details. Are
> > you saying there's a mechanism to make it work OK for ordinary users
> > even though the files are games.games? That's not how it works here.
> >
> > Or are you saing that it's only supposed to be played only by people in
> > the games group? That'd be something I'd need to be told.
>
> In Unix there are possibilities to set user or group id on execution
> of a file. That's the "s" in a long listing
>
> chmod o+s sets the SUID (set user id) flag
> chmod g+s sets the SGID (set group id) flag
>
> The nethack binary has the SGID bit set. This means, it
> runs under the group games on execution. Since the record
> file is writeable by the games group, users who play nethack
> have no difficulty to play nethack and to update the record
> file by the games if needed.
Aha, pennies dropping now, thanks!
And that seems to be where the problem is.
$ ls -l /usr/local/bin/nethack
-rwxr-xr-x 1 games games - 1115 Mar 23 16:44 /usr/local/bin/nethack*
The nethack file within the package bin directory looks similar
(no "s"), and there's an @exec chmod but only for the nethackdir.
So it's not really happening. I can make the necessary change and make
it work but it's had a few others puzzled :-)
--
Regards,
-*Sue*-
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980720114827.50827>