From traister@manta.mojozone.org  Fri Jul 18 11:30:07 1997
Received: from manta.mojozone.org (root@dfbfl1-6.gate.net [198.206.135.133])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id LAA08215
          for <FreeBSD-gnats-submit@freebsd.org>; Fri, 18 Jul 1997 11:30:02 -0700 (PDT)
Received: (from traister@localhost)
	by manta.mojozone.org (8.8.6/8.8.6) id OAA00561;
	Fri, 18 Jul 1997 14:29:57 -0400 (EDT)
Message-Id: <199707181829.OAA00561@manta.mojozone.org>
Date: Fri, 18 Jul 1997 14:29:57 -0400 (EDT)
From: Joe Traister <traister@mojozone.org>
Reply-To: traister@mojozone.org
To: FreeBSD-gnats-submit@freebsd.org
Subject: kerberized login as <user>.root fails
X-Send-Pr-Version: 3.2

>Number:         4116
>Category:       bin
>Synopsis:       [patch] [kerberos] Kerberized login as <user>.root fails to become root
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Jul 18 11:40:03 PDT 1997
>Closed-Date:    
>Last-Modified:  Mon Aug 16 20:26:48 UTC 2010
>Originator:     Joe Traister
>Release:        FreeBSD 2.2.2-RELEASE i386
>Organization:
None
>Environment:

	Kerberos installed, configured and running.

>Description:

	When logging in as <user>.root principle, the login is subjected
	to the same tty tests as root, allowed to login when /etc/nologin
	exists, the kerberos ticket file is created as /tmp/tkt_root_<uid>,
	and a root login is syslog'ed, but you don't become root.  This
	is a problem only when LOGIN_CAP is defined during compile.  The
	non-LOGIN_CAP code does everything as the user and then does the
	final setuid() to 0 if it's a root login, but the LOGIN_CAP code
	simply does a setusercontext() to the user.  This is fixed very
	simply by including a check for rootlogin and passing setuserconext
	a 0 uid instead of the user's uid.

>How-To-Repeat:

	login as a <user>.root principle on a kerberized box.

>Fix:
	
	change

	if (setusercontext(lc, pwd, pwd->pw_uid, LOGIN_SETALL) != 0 {

	to

	if (setusercontext(lc, pwd, rootlogin ? 0 : pwd->pw_uid, LOGIN_SETALL) != 0 {

	in login.c in the main() function.


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->davidn 
Responsible-Changed-By: davidn 
Responsible-Changed-When: Mon Jul 21 00:48:32 EST 1997 
Responsible-Changed-Why:  
I broke this, so I'll look into a fix. 
However, I'm not certain that the suggested fix is correct. 
After all, instances other than 'root' may be used, and if the root 
instance login is broken, then they all will be. 

From: "First Electronics Service" <firsttv@1sttv.omhcoxmail.com>
To: <freebsd-gnats-submit@FreeBSD.org>, <traister@mojozone.org>
Cc:  
Subject: Re: bin/4116: Kerberized login as <user>.root fails to become root
Date: Sat, 21 Dec 2002 12:17:23 -0600

 Try this patch:
 
 if(rootlogin){
     pwd->pw-uid=0;
 }
 right before the call to setusercontext() in login.c.
 
 Lucas
 

From: "First Electronics Service" <firsttv@1sttv.omhcoxmail.com>
To: <freebsd-gnats-submit@FreeBSD.org>, <traister@mojozone.org>
Cc:  
Subject: Re: bin/4116: Kerberized login as <user>.root fails to become root
Date: Sat, 21 Dec 2002 12:19:00 -0600

 Try this fix:
 if(rootlogin)
     pwd->pw_uid=0;
 right before the call to setusercontext() in login.c.
 Lucas
 
Responsible-Changed-From-To: davidn->freebsd-bugs 
Responsible-Changed-By: dougb 
Responsible-Changed-When: Fri Mar 14 21:43:28 PST 2003 
Responsible-Changed-Why:  

davidn is no longer with us 

http://www.freebsd.org/cgi/query-pr.cgi?pr=4116 
>Unformatted:
