Hello Jim,
OK This is in the TS-7400 (where the login doesn't work)
$ ls -ld / /home /home/testuser
drw-rw-rw- 1 root root 512 Jan 1 1970 /
drwxrwxrwx 1 root root 512 Jan 15 11:14 /home
drwxr-sr-x 1 testuser testuser 512 Jan 25 04:13 /home/testuser
$ grep testuser /etc/passwd
testuser:$1$$dZY0EB48u3cuRp7JFyg68.:508:508:Linux
User:/home/testuser:/bin/sh
I also have a TS-7250 where the login works fine:
$ ls -ld / /home /home/testuser
drwxr-xr-x 1 root root 512 Jan 1 1970 /
drwxr-xr-x 1 root root 512 Dec 12 04:02 /home
drwxr-sr-x 1 testuser testuser 512 Dec 12 04:02 /home/testuser
$ grep testuser /etc/passwd
testuser:$1$$dZY0EB48u3cuRp7JFyg68.:507:507:Linux
User:/home/testuser:/bin/sh
OK so let me give you some more info:
this is the error I get when I try to login with this user:
$ login testuser
Password:
login: cannot cd to home directory or /
So I searched that inBusybox and found this piece of code that is
executed every time a user is logged on:
/* Become the user and group(s) specified by PW. */
const char *change_identity_e2str ( const struct passwd *pw )
{
printf("Inside Change_identity_e2str\n");
printf("pw_name: %s pw_gid: %d\n",pw->pw_name,pw->pw_gid);
long int initgresult = initgroups ( pw-> pw_name, pw->
pw_gid );
printf("initgroups result: %d\n",initgresult);
if ( initgresult == -1 )
return "cannot set groups";
endgrent ( );
if ( setgid ( pw-> pw_gid ))
return "cannot set group id";
if ( setuid ( pw->pw_uid ))
return "cannot set user id";
// Modified by Me to simulate a whoami instruction
char user[10];
uid_t uid;
printf("Now I try to get the user ID that I just set\n");
uid = geteuid();
printf("uid: %d\n",uid);
if (my_getpwuid(user, uid)) {
user[9] = 0;
printf("user: %s\n",user);
} else {
printf("cannot find username for UID %u\n", (unsigned)
uid);
}
return NULL;
}
All the printf are added by me. and the code to get whoami at the end
of the function.
When I run this on the TS-7400:
$ ./busybox login testuser
Password:
Inside Change_identity_e2str
pw_name: testuser pw_gid: 508
initgroups result: 0
Now I try to get the user ID that I just set
uid: 508
cannot find username for UID 508
After Calling ChangeIdentity e2str
shell: /bin/sh
pw_name: testuser
pw_passwd: $1$$dZY0EB48u3cuRp7JFyg68.
pw_dir: /home/testuser
login: cannot run /bin/sh: Permission denied
$
If I run exactly same executable on the TS-7250 I get:
$ ./busybox login testuser
Password:
Inside Change_identity_e2str
pw_name: testuser pw_gid: 507
initgroups result: 0
Now I try to get the user ID that I just set
uid: 507
user: testuser
After Calling ChangeIdentity e2str
shell: /bin/sh
pw_name: testuser
pw_passwd: $1$$dZY0EB48u3cuRp7JFyg68.
pw_dir: /home/testuser
BusyBox v1.00-rc2 (2004.08.05-21:44+0000) Built-in shell (ash)
Enter 'help' for a list of built-in commands.
$
So in some weird way looks like the functions setgid and setuid are
not working.
--- In Jim Jackson <> wrote:
>
>
>
>
> On Mon, 11 Dec 2006, inakizi wrote:
>
> > Correct, I guess I din't explain myself correctly. I followed the
code
> > of the Login process (puting some printf instructions on the
busybox
> > code) for an already created user. Everything went perfect until
the
> > setgid and setuid functions. Just after that, the busybox login
tries
> > to change current dir to the user folder (/home/testuser) and
>
> What does
>
> ls -ld / /home /home/testuser
>
> grep testuser /etc/passwd
>
> give?
>
> Jim
>
> > everything is correct when the chdir function is called but it
couldn't
> > change to that folder, is like it has not enough permissions to
do it.
> > Samething happens a little bit after that when it tries to create
a
> > shell.
> > This leads me to believe that there's some kind of problem when
this
> > functions are called but you are right there are probably
hundreds of
> > reasons to make those function fails that had nothing to do with
the
> > kernel code.
> > Everything works perfect if the user that is logged in is root.
> > --- In Jim Jackson <jj@> wrote:
> > >
> > >
> > > > and using users on the TS-7400,
> > > > ....... I guess the problem is with the
> > > > kernel but I haven't figured out what it is yet but I think
that the
> > > > kernel functions setgid and setuid are not working in the TS-
7400.
> > >
> > > I would assume this ONLY after every other possibility is
exhausted.
> > > The chances of these kernel functions not working are
infinitessimally
> > > small.
> > >
> >
> >
> >
>
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/ts-7000/
<*> Your email settings:
Individual Email | Traditional
<*> To change settings online go to:
http://groups.yahoo.com/group/ts-7000/join
(Yahoo! ID required)
<*> To change settings via email:
<*> To unsubscribe from this group, send an email to:
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
|