[524] in arla-drinkers
Re: Arla 0.20 and linux 2.2-pre9, misc problems, probably not kernel
daemon@ATHENA.MIT.EDU (Nathan Neulinger)
Sun Jan 24 16:33:54 1999
From owner-arla-drinkers@stacken.kth.se Sun Jan 24 21:33:53 1999
Return-Path: <owner-arla-drinkers@stacken.kth.se>
Delivered-To: arla-drinkers-mtg@bloom-picayune.mit.edu
Received: (qmail 1692 invoked from network); 24 Jan 1999 21:33:52 -0000
Received: from unknown (HELO sundance.stacken.kth.se) (130.237.234.41)
by bloom-picayune.mit.edu with SMTP; 24 Jan 1999 21:33:52 -0000
Received: (from majordom@localhost)
by sundance.stacken.kth.se (8.8.8/8.8.8) id WAA12770
for arla-drinkers-list; Sun, 24 Jan 1999 22:29:26 +0100 (MET)
Received: from umr.edu (hermes.cc.umr.edu [131.151.1.68])
by sundance.stacken.kth.se (8.8.8/8.8.8) with ESMTP id WAA12766;
Sun, 24 Jan 1999 22:29:21 +0100 (MET)
Received: from umr.edu (infinity.cc.umr.edu [131.151.32.21]) via ESMTP by hermes.cc.umr.edu (8.8.7/R.4.20) id PAA29758; Sun, 24 Jan 1999 15:29:13 -0600 (CST)
Message-ID: <36AB90A7.99546E03@umr.edu>
Date: Sun, 24 Jan 1999 15:29:11 -0600
From: Nathan Neulinger <nneul@umr.edu>
X-Mailer: Mozilla 4.5 [en] (X11; I; Linux 2.2.0-final i686)
X-Accept-Language: en
MIME-Version: 1.0
To: "'Magnus Ahltorp'" <map@stacken.kth.se>, arla-drinkers@stacken.kth.se
Subject: Re: Arla 0.20 and linux 2.2-pre9, misc problems, probably not kernel
specific
References: <9DA8D24B915BD1118911006094516EAF019C7E77@umr-mail02.cc.umr.edu>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-arla-drinkers@stacken.kth.se
Precedence: bulk
> > That is because your su throws away the secondary groups:
> >
> > > infinity(49)>id
> > > uid=5879(nneul) gid=5000(afsuser) groups=33536,32512,5000(afsuser)
> > > infinity(50)>su -
> > > Password:
> > > [root@infinity /root]# id
> > > uid=0(root) gid=0(root)
> > > groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
> >
> > Here, the 33536,32512 has been thrown away, and therefore you are
> > assumed to be in the default PAG.
>
> Right, but it didn't do that before. It's possible that it is a change
> in the kernel from
> 2.0.35 to 2.2.
>
> I have another machine running 2.0.35 with transarc's code, and the same
> su/ksu. Both perform correctly on that machine.
I did some simple testing. It appears that initgroups() is changed in
kernel 2.2. (Probably is more correct now actually.)
If I run this program:
-----
void main(void)
{
initgroups("root", 5000);
system("id");
}
-----
If I make that (temporarily) setuid root on a 2.0.35 machine and run it
as a regular user, I get root's groups, plus 5000, plus the PAG groups.
On a 2.2 machine, I get only root's groups and 5000.
Obviously the semantics of the initgroups() call have changed in the
recent kernels.
[ Wondering how many things this is going to break. :( ]
-- Nathan
------------------------------------------------------------
Nathan Neulinger EMail: nneul@umr.edu
University of Missouri - Rolla Phone: (573) 341-4841
Computing Services Fax: (573) 341-4216
