From nobody@www.freebsd.org  Sun Jun 16 15:49:29 2002
Return-Path: <nobody@www.freebsd.org>
Received: from nwww.freebsd.org (www.FreeBSD.org [216.136.204.117])
	by hub.freebsd.org (Postfix) with ESMTP id 11BEE37B40A
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 16 Jun 2002 15:49:29 -0700 (PDT)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by nwww.freebsd.org (8.12.2/8.12.2) with ESMTP id g5GMm5hG014222
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 16 Jun 2002 15:48:05 -0700 (PDT)
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.12.2/8.12.2/Submit) id g5GMm5Pf014221;
	Sun, 16 Jun 2002 15:48:05 -0700 (PDT)
Message-Id: <200206162248.g5GMm5Pf014221@www.freebsd.org>
Date: Sun, 16 Jun 2002 15:48:05 -0700 (PDT)
From: Dan Mahoney <freebsdbugs@gushi.org>
To: freebsd-gnats-submit@FreeBSD.org
Subject: Passwd will not work when root su's into a user.
X-Send-Pr-Version: www-1.0

>Number:         39382
>Category:       misc
>Synopsis:       Passwd will not work when root su's into a user.
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Jun 16 15:50:01 PDT 2002
>Closed-Date:    Mon Jun 17 22:07:01 PDT 2002
>Last-Modified:  Mon Jun 17 22:07:01 PDT 2002
>Originator:     Dan Mahoney
>Release:        4.5-STABLE
>Organization:
Gushi Systems
>Environment:
FreeBSD prime.gushi.org 4.5-STABLE FreeBSD 4.5-STABLE #0: Fri Apr 19 01:20:11 EDT 2002     root@temporary.ezzi.net:/usr/src/sys/compile/PRIME45  i386
>Description:
      When root su's down to another account, even using -l to simulate a full login, they are unable to try to use passwd (as the user) to change their password, because passwd apparently checks realuid, and not effectiveuid.  This also breaks usermin, which runs as a normal user, and has a password change module that uses passwd.
>How-To-Repeat:
      As root, su -l to a user, then type passwd.  You will get a "permission denied" error.
>Fix:
      Always use passwd -l $username, or could someone submit a patch for passwd to correct this?
>Release-Note:
>Audit-Trail:

From: "Simon 'corecode' Schubert" <corecode@corecode.ath.cx>
To: Dan Mahoney <freebsdbugs@gushi.org>
Cc: freebsd-gnats-submit@FreeBSD.ORG
Subject: Re: misc/39382: Passwd will not work when root su's into a user.
Date: Mon, 17 Jun 2002 13:20:31 +0200

 --=.s,B'KT2.ZU)cx_
 Content-Type: text/plain; charset=US-ASCII
 Content-Transfer-Encoding: 7bit
 
 On Sun, 16 Jun 2002 15:48:05 -0700 (PDT) Dan Mahoney wrote:
 > >Description:
 >       When root su's down to another account, even using -l to
 >       simulate a full login, they are unable to try to use passwd (as
 >       the user) to change their password, because passwd apparently
 >       checks realuid, and not effectiveuid.  This also breaks usermin,
 >       which runs as a normal user, and has a password change module
 >       that uses passwd.
 
 this is not true. it cannot check the effective id because this is
 always changed to 0 (suid root!).
 passwd(1) checks the login name with getlogin(). this is the only one
 and true[tm] way to support different accounts with the same UID (for
 example personalized root accounts etc).
 besides, su'ing only to change a passwd seems overkill.
 
 cheerz
   simon
 
 -- 
 /"\   http://corecode.ath.cx/#donate
 \ /
  \     ASCII Ribbon Campaign
 / \  Against HTML Mail and News
 
 --=.s,B'KT2.ZU)cx_
 Content-Type: application/pgp-signature
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.0.7 (FreeBSD)
 
 iD8DBQE9DcYCr5S+dk6z85oRAhQ/AKDCP0w8nidBHDZdHuKl/+b3wv3MAgCg/WvT
 v686kER54rwKH+1DD7HQF+4=
 =SPWt
 -----END PGP SIGNATURE-----
 
 --=.s,B'KT2.ZU)cx_--
 

From: "Dan Mahoney, System Admin" <danm@prime.gushi.org>
To: "Simon 'corecode' Schubert" <corecode@corecode.ath.cx>
Cc: Dan Mahoney <freebsdbugs@gushi.org>,
	<freebsd-gnats-submit@FreeBSD.ORG>
Subject: Re: misc/39382: Passwd will not work when root su's into a user.
Date: Mon, 17 Jun 2002 16:02:15 -0400 (EDT)

 On Mon, 17 Jun 2002, Simon 'corecode' Schubert wrote:
 
 > On Sun, 16 Jun 2002 15:48:05 -0700 (PDT) Dan Mahoney wrote:
 > > >Description:
 > >       When root su's down to another account, even using -l to
 > >       simulate a full login, they are unable to try to use passwd (as
 > >       the user) to change their password, because passwd apparently
 > >       checks realuid, and not effectiveuid.  This also breaks usermin,
 > >       which runs as a normal user, and has a password change module
 > >       that uses passwd.
 
 Okay, so then shouldn't su -l do a setlogin()?
 
 -Dan Mahoney
 
 >
 > this is not true. it cannot check the effective id because this is
 > always changed to 0 (suid root!).
 > passwd(1) checks the login name with getlogin(). this is the only one
 > and true[tm] way to support different accounts with the same UID (for
 > example personalized root accounts etc).
 > besides, su'ing only to change a passwd seems overkill.
 >
 > cheerz
 >   simon
 >
 >
 
 --
 
 "You're a thucking reyer!"
 
 -Richard Bozzello, who believed tongue piercing was painless.
 
 --------Dan Mahoney--------
 Techie,  Sysadmin,  WebGeek
 Gushi on efnet/undernet IRC
 ICQ: 13735144   AIM: LarpGM
 Web: http://prime.gushi.org
 finger danm@prime.gushi.org
 for pgp public key and tel#
 ---------------------------
 
 
State-Changed-From-To: open->closed 
State-Changed-By: cjc 
State-Changed-When: Mon Jun 17 22:04:29 PDT 2002 
State-Changed-Why:  
As you mention, the fix is simply to give passwd(1) the user's name as 
an argument. When logged in as root, 

# passwd user 

To change 'user's password rather than bothering to su(1) to the 
user. This is the intended and desired behavior. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=39382 
>Unformatted:
