Menu

#1526 On a switched user session "RXQUEUE" filter fails

v4.2.0
closed
nobody
None
none
1
2018-03-14
2018-02-27
PaulD
No

Environment: Suse 12 SP3 on IBM System z - Arch: s390x
Code: ooRexx v4.2.0 installed from rpm.

Verified that "... | rxqueue" works OK on a single user session e.g. "root" only, or with some other user
only i.e. no session switching.

Now consider that I may need to have a daemon process running a ooRexx script as "root", and then
need it to do some work on behalf of another user. However when I login as "root" session, and then
run the script that uses the ooRexx Unix extensions to switch to a second user in mid-stream, the
"... | rxqueue" filter does not queue the output of the command.

I have attached a sample program "rxqueue-test.rexx" to demonstrate the issue. The output is like the following:
$> rexx rxqueue-test.rexx vseutil1
PID EUID RUID SUID EGID RGID SGID CMD
21715 0 0 0 0 0 0 sudo su -
21718 0 0 0 0 0 0 su -
21721 0 0 0 0 0 0 -bash
23157 0 0 0 0 0 0 rexx rxqueue-test.rexx vseutil1
23159 0 0 0 0 0 0 ps -o pid,euid,ruid,suid,egid,rgid,sgid,cmd

Started with user : root

Changing to login of intended user.
PID EUID RUID SUID EGID RGID SGID CMD
23157 1370 1370 1370 1088 1088 1088 rexx rxqueue-test.rexx vseutil1
23164 1370 1370 1370 1088 1088 1088 ps -o pid,euid,ruid,suid,egid,rgid,sgid,cmd

Failed to switch to intended Userid : "vseutil1" , Active user ===>
vseutil1
$>

An "If" statement was not satisfied because the "queued()" function returned 0. On successful queuing o fth eoutput, the expected comment at the end should read:
Successfully switched to intended Userid : "vseutil1"

1 Attachments
rxqueue-test.rexx

Related

Bugs: #1526

Discussion

  • PaulD

    PaulD - 2018-02-27

    Content was cut-off when I uploaded the sample program.

     

  • Rick McGuire

    Rick McGuire - 2018-02-27

    This is working as designed. The queues operate on a userid basis, so queues are only visible to processes created by a single userid.

     

  • PaulD

    PaulD - 2018-03-01

    Rick, thanks for the update.

    I am still puzzled though - notice that the queue was only instantiated/accessed completely during the second user sign on/active session. Does that not matter?

     

    • Rick McGuire

      Rick McGuire - 2018-03-01

      Each userid gets its own private set of named queues. There is no sharing
      across userids.

      Rick

      On Thu, Mar 1, 2018 at 12:42 PM, PaulD pdnycers@users.sourceforge.net
      wrote:

      Rick, thanks for the update.

      I am still puzzled though - notice that the queue was only
      instantiated/accessed completely during the second user sign on/active
      session. Does that not matter?

      ** [bugs:#1526] On a switched user session "RXQUEUE" filter fails**

      Status: open
      Group: v4.2.0
      Created: Tue Feb 27, 2018 09:40 PM UTC by PaulD
      Last Updated: Wed Feb 28, 2018 02:41 PM UTC
      Owner: nobody
      Attachments:

      Environment: Suse 12 SP3 on IBM System z - Arch: s390x
      Code: ooRexx v4.2.0 installed from rpm.

      Verified that "... | rxqueue" works OK on a single user session e.g.
      "root" only, or with some other user
      only i.e. no session switching.

      Now consider that I may need to have a daemon process running a ooRexx
      script as "root", and then
      need it to do some work on behalf of another user. However when I login as
      "root" session, and then
      run the script that uses the ooRexx Unix extensions to switch to a second
      user in mid-stream, the
      "... | rxqueue" filter does not queue the output of the command.

      I have attached a sample program "rxqueue-test.rexx" to demonstrate the
      issue. The output is like the following:
      $> rexx rxqueue-test.rexx vseutil1
      PID EUID RUID SUID EGID RGID SGID CMD
      21715 0 0 0 0 0 0 sudo su -
      21718 0 0 0 0 0 0 su -
      21721 0 0 0 0 0 0 -bash
      23157 0 0 0 0 0 0 rexx rxqueue-test.rexx vseutil1
      23159 0 0 0 0 0 0 ps -o
      pid,euid,ruid,suid,egid,rgid,sgid,cmd

      Started with user : root

      Changing to login of intended user.
      PID EUID RUID SUID EGID RGID SGID CMD
      23157 1370 1370 1370 1088 1088 1088 rexx rxqueue-test.rexx vseutil1
      23164 1370 1370 1370 1088 1088 1088 ps -o
      pid,euid,ruid,suid,egid,rgid,sgid,cmd

      Failed to switch to intended Userid : "vseutil1" , Active user ===>
      vseutil1
      $>

      An "If" statement was not satisfied because the "queued()" function
      returned 0. On successful queuing o fth eoutput, the expected comment at
      the end should read:
      Successfully switched to intended Userid : "vseutil1"

      Sent from sourceforge.net because you indicated interest in <
      https://sourceforge.net/p/oorexx/bugs/1526/>

      To unsubscribe from further messages, please visit <
      https://sourceforge.net/auth/subscriptions/>

       

      Related

      Bugs: #1526

      alternate

  • Erich

    Erich - 2018-03-14
    • status: open --> closed
     

  • LesK

    LesK - 2018-03-14

    I'm quite sure that if ooRexx attempted to share a RXQUEUE between userids that zOS would raise a security exception!

     

Anonymous
Anonymous

Add attachments
Cancel





MongoDB Logo MongoDB