From frank@pinky.sax.de  Mon Mar 20 12:12:33 2006
Return-Path: <frank@pinky.sax.de>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2E01816A401
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 20 Mar 2006 12:12:33 +0000 (UTC)
	(envelope-from frank@pinky.sax.de)
Received: from pinky.frank-behrens.de (pinky.frank-behrens.de [82.139.199.24])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6073843D48
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 20 Mar 2006 12:12:32 +0000 (GMT)
	(envelope-from frank@pinky.sax.de)
Received: from moon.behrens (localhost [127.0.0.1])
	by pinky.frank-behrens.de (8.13.4/8.13.4) with ESMTP/MSA id k2KCCSAZ002036
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 20 Mar 2006 13:12:28 +0100 (CET)
	(envelope-from frank@moon.behrens)
Received: (from frank@localhost)
	by moon.behrens (8.13.4/8.13.4/Submit) id k2KCCSok002035;
	Mon, 20 Mar 2006 13:12:28 +0100 (CET)
	(envelope-from frank)
Message-Id: <200603201212.k2KCCSok002035@moon.behrens>
Date: Mon, 20 Mar 2006 13:12:28 +0100 (CET)
From: Frank Behrens <frank@pinky.sax.de>
To: FreeBSD-gnats-submit@freebsd.org
Subject: jail(8) should not set login name for session [patch]
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         94730
>Category:       bin
>Synopsis:       [patch] jail(8) should not set login name for session
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    maxim
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Mar 20 12:20:18 GMT 2006
>Closed-Date:    Tue May 16 06:22:56 GMT 2006
>Last-Modified:  Tue May 16 06:22:56 GMT 2006
>Originator:     Frank Behrens
>Release:        FreeBSD 6.1-PRERELEASE-200602270917 i386
>Organization:
>Environment:
>Description:
If in jail(8) a user is supplied, the user is switched to with
setusercontext() call (see LOGIN_CLASS(3)). The flags are
LOGIN_SETALL & ~LOGIN_SETGROUP, which implies LOGIN_SETLOGIN.
In that case the login name for the session is set
(including parent/sibling programs), although only the jail 
command is run with different user.

Observed problem:
In system startup (via rc.conf) a jail was configured with
a restricted user (argument -u). This changed the login name 
for the current session running rc(8) and all further child sessions. 
All messages sent via wall(1) and mail(1) from later started
system daemons had the restricted user as sender, not
root as expected. getlogin(2) from these daemons did not
return root, but the restricted user.

The attached patch fixes this problem, it excludes
the flag LOGIN_SETLOGIN from setusercontext() in jail(8).

>How-To-Repeat:
# id -u
0
# logname
frank
# jail -u www / test 192.168.99.99 /bin/sh
$ logname
www
$ exit
# logname
www
>Fix:

--- jailsetlogin.diff begins here ---
Index: jail.c
===================================================================
RCS file: /data/freebsd/src/usr.sbin/jail/jail.c,v
retrieving revision 1.20.2.1
diff -u -r1.20.2.1 jail.c
--- jail.c	30 Jan 2006 00:38:37 -0000	1.20.2.1
+++ jail.c	20 Mar 2006 11:36:20 -0000
@@ -142,7 +142,7 @@
 		if (setgid(pwd->pw_gid) != 0)
 			err(1, "setgid");
 		if (setusercontext(lcap, pwd, pwd->pw_uid,
-		    LOGIN_SETALL & ~LOGIN_SETGROUP) != 0)
+		    LOGIN_SETALL & ~LOGIN_SETGROUP & ~LOGIN_SETLOGIN) != 0)
 			err(1, "setusercontext");
 		login_close(lcap);
 	}
--- jailsetlogin.diff ends here ---


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->maxim 
Responsible-Changed-By: maxim 
Responsible-Changed-When: Mon Mar 20 14:21:25 UTC 2006 
Responsible-Changed-Why:  
o I brought this functionality to the system.  Hope I'll get 
enough free time RSN and consider this PR. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=94730 
State-Changed-From-To: open->patched 
State-Changed-By: maxim 
State-Changed-When: Sun Apr 16 12:32:14 UTC 2006 
State-Changed-Why:  
Fixed in HEAD.  Thanks for the patch! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=94730 
State-Changed-From-To: patched->closed 
State-Changed-By: maxim 
State-Changed-When: Tue May 16 06:22:36 UTC 2006 
State-Changed-Why:  
MFC'ed to RELENG_6. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=94730 
>Unformatted:
