From owner-freebsd-bugs Tue Nov 25 00:50:05 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id AAA26632 for bugs-outgoing; Tue, 25 Nov 1997 00:50:05 -0800 (PST) (envelope-from owner-freebsd-bugs) Received: (from gnats@localhost) by hub.freebsd.org (8.8.7/8.8.7) id AAA26624; Tue, 25 Nov 1997 00:50:01 -0800 (PST) (envelope-from gnats) Resent-Date: Tue, 25 Nov 1997 00:50:01 -0800 (PST) Resent-Message-Id: <199711250850.AAA26624@hub.freebsd.org> Resent-From: gnats (GNATS Management) Resent-To: freebsd-bugs Resent-Reply-To: FreeBSD-gnats@FreeBSD.ORG, Joel.Faedi@esial.u-nancy.fr Received: (from nobody@localhost) by hub.freebsd.org (8.8.7/8.8.7) id AAA26440; Tue, 25 Nov 1997 00:46:53 -0800 (PST) (envelope-from nobody) Message-Id: <199711250846.AAA26440@hub.freebsd.org> Date: Tue, 25 Nov 1997 00:46:53 -0800 (PST) From: Joel.Faedi@esial.u-nancy.fr To: freebsd-gnats-submit@FreeBSD.ORG X-Send-Pr-Version: www-1.0 Subject: bin/5145: no home directory on NFS mounted partition Sender: owner-freebsd-bugs@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk >Number: 5145 >Category: bin >Synopsis: no home directory on NFS mounted partition >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Nov 25 00:50:01 PST 1997 >Last-Modified: >Originator: Joel Faedi >Organization: ESIAL - Nancy (France) >Release: 2.2.5 - 3.0-971123-SNAP >Environment: >Description: login command (used by telnet, rlogin,...) will failed to chdir to your home directory and login_cap functions will put warning too in this case: 1) your home direcory is in a NFS mounted partition, which is not exported with "maproot=root" option 2) your home directory is access protected for "others" (750 for instance. >How-To-Repeat: mount home directories through NFS without maproot=root on server, chmod 750 ~, try to login. >Fix: When you perform "chdir" and "login_getpwclass", be the user who is trying to connect by using switching euid with "seteuid". Fix /usr/ src/usr/.bin/login/login.c. Here is the diff for 2.2.5 (sames changes have to be made on 3.0 versions too): diff -c login.c.LIV login.c ============================ *** login.c.LIV Sun Oct 19 11:35:12 1997 --- login.c Wed Nov 5 16:03:44 1997 *************** *** 155,161 **** int ask, ch, cnt, fflag, hflag, pflag, quietlog, rootlogin, rval; int changepass; time_t warntime; ! uid_t uid; char *domain, *p, *ep, *salt, *ttyn; char tbuf[MAXPATHLEN + 2], tname[sizeof(_PATH_TTY) + 10]; char localhost[MAXHOSTNAMELEN]; --- 155,161 ---- int ask, ch, cnt, fflag, hflag, pflag, quietlog, rootlogin, rval; int changepass; time_t warntime; ! uid_t uid, euid; char *domain, *p, *ep, *salt, *ttyn; char tbuf[MAXPATHLEN + 2], tname[sizeof(_PATH_TTY) + 10]; char localhost[MAXHOSTNAMELEN]; *************** *** 197,202 **** --- 197,203 ---- fflag = hflag = pflag = 0; uid = getuid(); + euid = geteuid(); while ((ch = getopt(argc, argv, "fh:p")) != -1) switch (ch) { case 'f': *************** *** 334,340 **** --- 335,344 ---- * within the next block. pwd can be NULL since it * falls back to the "default" class if it is. */ + if (pwd != NULL) + (void)seteuid(rootlogin ? 0 : pwd->pw_uid); lc = login_getpwclass(pwd); + seteuid(euid); #endif /* LOGIN_CAP */ /* *************** *** 533,538 **** --- 537,543 ---- #else quietlog = 0; #endif + (void)seteuid(rootlogin ? 0 : pwd->pw_uid); if (!*pwd->pw_dir || chdir(pwd->pw_dir) < 0) { #ifdef LOGIN_CAP if (login_getcapbool(lc, "requirehome", 0)) *************** *** 544,549 **** --- 549,555 ---- if (!quietlog || *pwd->pw_dir) printf("No home directory.\nLogging in with home = \"/\".\n"); } + (void)seteuid(euid); if (!quietlog) quietlog = access(_PATH_HUSHLOGIN, F_OK) == 0; >Audit-Trail: >Unformatted: