[ProFTPD-Devel] [Bug 450] New - group member list ignored with AuthGroupFile

[<bu...@pr...>]

http://bugs.proftpd.net/show_bug.cgi?id=450

*** shadow/450	Tue Jan 30 18:50:59 2001
--- shadow/450.tmp.1133	Tue Jan 30 18:50:59 2001
***************
*** 0 ****
--- 1,51 ----
+ +============================================================================+
+ | group member list ignored with AuthGroupFile                               |
+ +----------------------------------------------------------------------------+
+ |        Bug #: 450                         Product: ProFTPD                 |
+ |       Status: NEW                         Version: 1.2.0rc2                |
+ |   Resolution:                            Platform: Sun                     |
+ |     Severity: major                    OS/Version: Solaris                 |
+ |     Priority: P2                        Component: mod_auth                |
+ +----------------------------------------------------------------------------+
+ |  Assigned To: pro...@pr...                                    |
+ |  Reported By: ben...@td...                                 |
+ |      CC list: Cc:                                                          |
+ +----------------------------------------------------------------------------+
+ |          URL:                                                              |
+ +============================================================================+
+ |                              DESCRIPTION                                   |
+ I'm using AuthUserFile and AuthGroupFile in a virtual host.  The AuthUserFile
+ directive works as expected.  The AuthGroupFile directive is partially broken.
+ 
+ When creating or deleting files in a group-writable directory, only those
+ users with a primary group matching the group ownership of the directory can 
+ create or delete files there.  Users in the group membership list are ignored.
+ 
+ For example, I have the following enties in my proftpd.group file (pointed to
+ by the AuthGroupFile directive):
+ 
+ 	remedy:*:150:testuser
+ 	testgrp:*:2323:
+ 
+ The entry for testuser in the proftpd.passwd file (pointed to by the
+ AuthUserFile directive) looks like this:
+ 
+ 	testuser:JZicpu1V/iZgY:2323:2323:Test Account:/appl/ftp/users:/bin/ksh
+ 
+ So the primary group for "testuser" is 2323 (testgrp) and this user is also part
+ of the "remedy" group because it's listed in the member list of that group.
+ 
+ So, if I have a directory like this:
+ 
+ 	drwxrwsr-x   2 root     remedy      4096 Jan 30 15:13 remedy
+ 
+ The testuser should be able to create and delete files within it.  But for some
+ reason when I try to do this I get "Permission denied."
+ 
+ Something interesting to note:  If I create the same group in /etc/group or the
+ NIS group file, the member list is recognized.  So it appears that the code that
+ authenticates group memberships only checks the user's primary group, and
+ ignores groups the user may be apart of by a member list.
+ 
+ Let me know if this doesn't make sence.  I'd be glad to help debug this further
+ if need be.
\ No newline at end of file

--
To unsubscribe, send mail to pro...@pr... with
"unsubscribe" in the subject field of the message.

http://www.proftpd.net -- The Official ProFTPD web site.
http://bugs.proftpd.net -- Bug reporting and feature requests.