docs/167741: Group Passwords do not work and are not documented properly
Mark Saad
msaad at about.com
Wed May 9 16:20:12 UTC 2012
>Number: 167741
>Category: docs
>Synopsis: Group Passwords do not work and are not documented properly
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: freebsd-doc
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: doc-bug
>Submitter-Id: current-users
>Arrival-Date: Wed May 09 16:20:11 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator: Mark Saad
>Release: FreeBSD 9.0-STABLE amd64
>Organization:
About.com
>Environment:
System: FreeBSD blindness.ops.about.com 9.0-STABLE FreeBSD 9.0-STABLE #2: Tue Apr 10 11:32:01 EDT 2012 root at blindness.ops.about.com:/usr/obj/usr/src/sys/GENERIC amd64
>Description:
Group Password support appears to be broken , as well as the man pages for group, newgrp, groups do not mention how to use
it. Eitan Adler noted this is a docs bug however , following his instructions , which appear to be correct do not work.
>How-To-Repeat:
root at blindness:~# pw groupadd testgroup
root at blindness:~# pw group mod testgroup -h 0
New password for group testgroup: <Enter the passowrd: blahblahblah>
root at blindness:~# exit
logout
msaad at blindness:~% newgrp testgroup
Password:
newgrp: setgid: Operation not permitted
msaad at blindness:~%
>Fix:
Part 1.
In the group man page man 5 group in the SEE ALSO section should include a refrence to newgrp(1)
In the man page for newgrp(1) an example of how to set a group passowrd should be included.
Something similar to my example .
Part 2.
The group password option fails to work, with the users unable to call setgid. A part of a truss of the process is below.
Truss Output
write(3,"Password:",9) = 9 (0x9)
read(3,"a",1) = 1 (0x1)
read(3,"\n",1) = 1 (0x1)
write(3,"\n",1) = 1 (0x1)
ioctl(3,TIOCSETAF,0xffffd660) = 0 (0x0)
sigaction(SIGALRM,{ SIG_DFL 0x0 ss_t },0x0) = 0 (0x0)
sigaction(SIGHUP,{ SIG_DFL 0x0 ss_t },0x0) = 0 (0x0)
sigaction(SIGINT,{ SIG_DFL SA_RESTART ss_t },0x0) = 0 (0x0)
sigaction(SIGQUIT,{ SIG_DFL SA_RESTART ss_t },0x0) = 0 (0x0)
sigaction(SIGPIPE,{ SIG_DFL SA_RESTART ss_t },0x0) = 0 (0x0)
sigaction(SIGTERM,{ SIG_DFL SA_RESTART|SA_SIGINFO ss_t },0x0) = 0 (0x0)
sigaction(SIGTSTP,{ SIG_DFL SA_RESTART ss_t },0x0) = 0 (0x0)
sigaction(SIGTTIN,{ SIG_DFL SA_RESTART ss_t },0x0) = 0 (0x0)
sigaction(SIGTTOU,{ SIG_DFL SA_RESTART ss_t },0x0) = 0 (0x0)
close(3) = 0 (0x0)
open("/etc/auth.conf",O_RDONLY,0141) = 3 (0x3)
read(3,"#\n# $FreeBSD: src/etc/auth.conf"...,4096) = 237 (0xed)
read(3,0x7fffffffc670,4096) = 0 (0x0)
close(3) = 0 (0x0)
__sysctl(0x7fffffffd950,0x2,0x7fffffffd96c,0x7fffffffd960,0x0,0x0) = 0 (0x0)
getgroups(0x400,0x801041000,0x801000658,0x42,0x601f48,0xffffffff) = 3 (0x3)
seteuid(0x3ea,0x801041008,0x3,0x3,0x601f48,0xffffffff) = 0 (0x0)
setgid(0x3eb,0x801041008,0x3,0x3,0x601f48,0xffffffff) ERR#1 'Operation not permitted'
getuid() = 1002 (0x3ea)
seteuid(0x3ea,0x801041008,0xffffffffffffffff,0x1,0x601f48,0xffffffff) = 0 (0x0)
write(2,"newgrp: ",8) = 8 (0x8)
write(2,"setgid",6) = 6 (0x6)
write(2,": ",2) = 2 (0x2)
stat("/usr/share/nls/C/libc.cat",0x7fffffffd330) ERR#2 'No such file or directory'
stat("/usr/share/nls/libc/C",0x7fffffffd330) ERR#2 'No such file or directory'
stat("/usr/local/share/nls/C/libc.cat",0x7fffffffd330) ERR#2 'No such file or directory'
stat("/usr/local/share/nls/libc/C",0x7fffffffd330) ERR#2 'No such file or directory'
write(2,"Operation not permitted\n",24) = 24 (0x18)
seteuid(0x3ea,0x7fffffffd210,0x0,0x18,0x7ff7ff2af0d6,0xffffffff) = 0 (0x0)
getuid() = 1002 (0x3ea)
setuid(0x3ea,0x7fffffffd210,0x0,0x18,0x7ff7ff2af0d6,0xffffffff) = 0 (0x0)
execve("/bin/csh",<missing argument>,<missing argument>) = 0 (0x0)
mmap(0x0,32768,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) = 34366480384 (0x80066e000)
issetugid(0x80086ea20,0x7fffffffefd7,0x40,0x0,0xffff80080086fa49,0x0) = 0 (0x0)
open("/etc/libmap.conf",O_RDONLY,041603500) ERR#2 'No such file or directory'
open("/var/run/ld-elf.so.hints",O_RDONLY,057) = 3 (0x3)
read(3,"Ehnt\^A\0\0\0\M^@\0\0\0\M-a\0\0"...,128) = 128 (0x80)
lseek(3,0x80,SEEK_SET)
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-doc
mailing list