From owner-freebsd-questions@FreeBSD.ORG Fri Oct 21 13:41:56 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6CC6516A41F for ; Fri, 21 Oct 2005 13:41:56 +0000 (GMT) (envelope-from o.greve@axis.nl) Received: from yggdrasil.interstroom.nl (yggdrasil.interstroom.nl [80.85.129.11]) by mx1.FreeBSD.org (Postfix) with ESMTP id C809543D45 for ; Fri, 21 Oct 2005 13:41:55 +0000 (GMT) (envelope-from o.greve@axis.nl) Received: from ip127-182.introweb.nl ([80.65.127.182] helo=[192.168.1.42]) by yggdrasil with asmtp (Exim 3.35 #1 (Debian)) id 1ESx9X-0000D1-00; Fri, 21 Oct 2005 15:41:47 +0200 Message-ID: <4358F01A.6000703@axis.nl> Date: Fri, 21 Oct 2005 15:41:46 +0200 From: Olaf Greve User-Agent: Mozilla Thunderbird 1.0.7-1.4.1.centos4 (X11/20051007) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Erik Norgaard References: <435767E5.7020002@axis.nl> <43578CD9.9020309@axis.nl> <43579BE4.90305@axis.nl> In-Reply-To: Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit X-MailScanner-Information: Interstroom virusscan, please e-mail helpdesk@interstroom.nl for more information X-MailScanner-SpamCheck: Cc: dpk@dpk.net, freebsd-questions Subject: Re: Weird SSH problem... Any ideas?!? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Oct 2005 13:41:56 -0000 Hi again, Erik Norgaard wrote: > I think you can use mtree to get permissions right if they for some > reason have been changed. This might be a good one to check... I'm not familiar with it yet, but does this check all permissions and ownerships and corrects errors/mismatches where possible? > Another effect I would suspect you see - that is normal users see - is > that files' owner and group appears as numbers not the corresponding > names. One interesting thing here is whether both user and group are > numbers or only users. > > Try as normal user to 'ls -l /home' or something. Now the plot thickens... When doing this as the user abcdef which has UID 1026 I get the following results: -Stuff owned by root -> root:wheel -Stuff owned by abcdef -> 1026:www When doing this as my normal user that is in the wheel group I get the same results, but when I do it as root I get the correct results: -Stuff owned by root -> root:wheel -Stuff owned by abcdef -> abcdef:www When doing some more investigative work, I made the following observations: Consider the following (properly modified for anonymity) parts of /etc/passwd: Ava:*:1001:1001:User &:/home/Ava:/bin/sh abcdef:*:1026:1002:User &:/home/abcdef:/bin/sh Idem for /etc/group: www:*:80: nogroup:*:65533: nobody:*:65534: mysql:*:88: Ava:*:1001: wwwuser:*:1002:Ava,olafo Now, when logging in as user abcdef (either using SSH or 'login' from the shell as you suggested), for some users the above scenario happens, where e.g. the stuff owned by abcdef appears as: 1026:www Then, when checking stuff owned by Ava, it shows up as being owned by Ava:wheel !!! Also, when trying to perform on e.g. a file called a.bcd (owned by 1026:www): chown abcdef a.bcd -> error message: "Invalid argument" chown 1026 a.bcd -> success chown Avalanche a.bcd -> error message: "Operation not permitted" Sounds like the problem only occurs for some users... I'm completely puzzled now... Does anyone see anything dodgy in my /etc/passwd and/or /etc/group definitions??? Any solutions?? Also: over here the weekend is almost beginning and in some 1.5 hours from now I cannot read out this account until next Monday, so after I leave work today I'll be incomunicado, but as of next Monday I can reply to the messages again. Cheers! Olafo PS: David Kirchner mentioned the permissions on / and /etc should be 755. I checked this and they both are correct. Permissions on /etc/passwd and /etc/group are root:wheel 644, and /etc/spwd.db /etc/master.passwd are root:wheel 600. All fine...