From owner-freebsd-ports Sun Jul 19 18:49:05 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id SAA25944 for freebsd-ports-outgoing; Sun, 19 Jul 1998 18:49:05 -0700 (PDT) (envelope-from owner-freebsd-ports@FreeBSD.ORG) Received: from phoenix.welearn.com.au (suebla.lnk.telstra.net [139.130.44.81]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id SAA25939 for ; Sun, 19 Jul 1998 18:48:59 -0700 (PDT) (envelope-from sue@phoenix.welearn.com.au) Received: (from sue@localhost) by phoenix.welearn.com.au (8.8.5/8.8.5) id LAA21449; Mon, 20 Jul 1998 11:48:30 +1000 (EST) Message-ID: <19980720114827.50827@welearn.com.au> Date: Mon, 20 Jul 1998 11:48:27 +1000 From: Sue Blake To: Andreas Klemm Cc: freebsd-ports@FreeBSD.ORG Subject: Re: nethack permissions References: <19980720080447.24765@welearn.com.au> <19980720023344.A2875@klemm.gtn.com> <19980720111801.63717@welearn.com.au> <19980720032710.B1203@klemm.gtn.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.88e In-Reply-To: <19980720032710.B1203@klemm.gtn.com>; from Andreas Klemm on Mon, Jul 20, 1998 at 03:27:10AM +0200 Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, Jul 20, 1998 at 03:27:10AM +0200, Andreas Klemm wrote: > On Mon, Jul 20, 1998 at 11:18:01AM +1000, Sue Blake wrote: > > On Mon, Jul 20, 1998 at 02:33:44AM +0200, Andreas Klemm wrote: > > > On Mon, Jul 20, 1998 at 08:04:47AM +1000, Sue Blake wrote: > > > > The nethack-3.2.2 package package sets user and group to games.games > > > > and permissions 664 for every file in /usr/local/lib/nethackdir/ > > > > This has been deliberately set both in PLIST and in patch-aa (I think) > > > > > > > > Running nethack fails with: > > > > Warning: cannot write scoreboard file /usr/local/lib/nethackdir/record > > > > No write permission to lock perm! > > > > > > > > What's the trick here? Are well behaved users supposed to be rewarded > > > > by adding them to the games group or something? > > > > > > /usr/local/bin/nethack is a wrapper shell script that calls the > > > real nethack binary in ${PREFIX}/lib/nethack, that runs SGID games: > > > -rwxr-sr-x 1 games games 1339278 19 Jul 14:15 nethack > > > > Sorry to be so uninformed, but I don't understand those details. Are > > you saying there's a mechanism to make it work OK for ordinary users > > even though the files are games.games? That's not how it works here. > > > > Or are you saing that it's only supposed to be played only by people in > > the games group? That'd be something I'd need to be told. > > In Unix there are possibilities to set user or group id on execution > of a file. That's the "s" in a long listing > > chmod o+s sets the SUID (set user id) flag > chmod g+s sets the SGID (set group id) flag > > The nethack binary has the SGID bit set. This means, it > runs under the group games on execution. Since the record > file is writeable by the games group, users who play nethack > have no difficulty to play nethack and to update the record > file by the games if needed. Aha, pennies dropping now, thanks! And that seems to be where the problem is. $ ls -l /usr/local/bin/nethack -rwxr-xr-x 1 games games - 1115 Mar 23 16:44 /usr/local/bin/nethack* The nethack file within the package bin directory looks similar (no "s"), and there's an @exec chmod but only for the nethackdir. So it's not really happening. I can make the necessary change and make it work but it's had a few others puzzled :-) -- Regards, -*Sue*- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message