Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 2 Jul 2004 14:50:05 +0200
From:      Jonas Sonntag <jonas.sonntag@jbhosting.de>
To:        Bill Moran <wmoran@potentialtech.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: strange pw behaviour
Message-ID:  <200407021450.05509.jonas.sonntag@jbhosting.de>
In-Reply-To: <20040702075801.7d3e7109.wmoran@potentialtech.com>
References:  <200406251500.20839.jonas.sonntag@jbhosting.de> <200407021247.39585.jonas.sonntag@jbhosting.de> <20040702075801.7d3e7109.wmoran@potentialtech.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Hi Bill,

first of all, thanks for the input!

On Friday 02 July 2004 13:58, Bill Moran wrote:
> Did you add the users/groups to the jail, or to the host system?  Make sure
> that the group file you added this to is the same group file that is being
> used by the program.  For example, on one of my jail systems, I have
> /etc/group, which is pretty stock, and /jail/cgi-jail/etc/group, which has
> special groups for CGI clients, and /jail/frontpage/etc/group which has
> groups for clients who use frontpage ... etc.

I'm within the jail only. I'm using pw from the host system, as you can see 
from the -V switch to pw, but from thereon I'm logging on to the sshd running 
inside the jail. So I'm talking about user www inside the jail and /etc/group 
inside the jail.

> Make sure that ownerships show up properly in the environment you're using.
> For example, if you have a user "wmoran" with uid 1501 in the host system,
> then a user "wmoran" in the jail with uid 1427, you're going to find that
> the permissions don't work out right, because file permissions are based on
> uid, and the user name is just displayed to make it human-readable.  Group
> IDs are similar.

I don't have any of the groups on the host system, all of them are inside the 
jail.
Within the jail: All group names are displayed right, according to the entries 
in /etc/group. User www is a member of all 10 groups. User www can list 6 
directories and gets Permission denied on 4 directories.

> Have you looked at /etc/group (or whatever file is applicable) in a text
> editor to make sure everything is correct?  The format is described in
> "man group" and is pretty easy to eye parse.

The format is correct, since all modification is done by pw. The text editor 
part is the funny one: As soon as I move one of my problematic group entries 
to another position inside the file using vi, it might work and eventually it 
might break one of the other groups.
I just reordered the file so that the entries are sorted by group id which 
resulted in 7 directories showing and only 3 showing Permission denied.

Sounds weird, right?

Still I have no indication what's wrong with the other 3... I would suspect it 
might be a host/jail issue, but since I have none of the groups on the host 
while some _do_ work this is not it.
Also, I'm really only working inside the jail enviroment and everything looks 
like it should there.

As a sidenote: I have null-mounted the directory in which those 10 directories 
are located to another jail on the same host system where I have the same 
problem (showing 5, permission denied on 5 here).


Since I don't suspect a bug in pw, maybe someone could enlighten me which 
other programs might be involved here and I could recompile those before I 
reinstall the whole world to those jails (not that I think reinstalling 
something will help, but I'm lost here).


Thanks again for the input,
Best regards
Jonas



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200407021450.05509.jonas.sonntag>