Menu
▾
▴
Re: Problems running Usermin
|
From: Jamie C. <jca...@we...> - 2002-10-10 13:36:34
|
Carlton Thomas wrote:
> On Thu, 10 Oct 2002, Jamie Cameron wrote:
>
>
>>That looks perfect to me, and in fact the same changes work on my
>>system without causing any problems. When you get the error message,
>>does anything useful appear in /var/usermin/miniserv.error ?
>>
>>
>
> Hi Jamie,
>
> I have made some progress, however, I have still not got it working
> properly as yet. Just thought I would update you on what I have found
> out so far.
>
> In my last message I said that all appears to work OK when I comment
> out the lines which forces Usermin to change from root to the logged
> in user, but I was getting a script error with the lines uncommented.
> I have discovered the reason for this.
>
> As I said before, the OS is BSDI 3.1. I installed Usermin while logged
> in to the root account. The default file creation privileges for root
> on the box is 600 (or 700 for executables) and owned by root. Now, when
> Usermin makes the transition from root to the specified user it can no
> longer read/execute any of the Perl scripts. To test this quickly, I
> simply changed the privileges on all the Usermin files to 755 and I no
> longer get the script error.
That's odd, because the usermin tar file has all files set to mode 755 or 644,
so you shouldn't need to change them again.
> However, that did not cure my problem completely. Usermin now seems to
> be behaving very strangely! Let me explain. I am doing all the tests
> using the mail module, trying to read uesr email. When I click on the
> Read Mail link, Usermin shows all the correct buttons, but there are
> a number of problems with the displayed page. These are:-
>
> 1) The icon bar at the top is replaced with "User Email" in very large
> font.
>
> 2) The preferences tab is replaced with ordinary text reading
> "preferences".
>
> 3) The pull-down lists of mail folders shows every file in the user's
> home directory.
>
> 4) The count of the number of messages in the inbox is correct, however,
> the list of messages are not being displayed.
>
> Just a thought! In changing the privs to 755, have I incorrectly changed
> the priv of any setuid scripts that Usermin requires?
No, because none of them are setuid ..
However, it sounds like the problem is that the code cannot read the /etc/usermin
directory. Is that readable by normal users? Try setting it to mode 755 and seeing
if that makes a difference.
Oddly, this should be done by setup.sh for you anyway ..
> Finally, I am not sure whether I have hit a Perl problem or a BSDI 3.1
> problem, but, I have discovered something weird about the functions
> which are used to change from root to ordinary user.
>
> 1) perl -e '($<, $>) = (1, 1)'
>
> runs OK and correctly sets the real and effective user
>
> 2) perl -e '($(, $)) = (1, 1)'
>
> runs OK and correctly sets the real and effective group
>
> 3) perl -e '$< = 1'
>
> fails with the error "setruid() not implemented at -e line 1"
>
> 4) perl -e '$( = 1'
>
> fails with the error "setrgid() not implemented at -e line 1"
>
> So, with the above info in mind, i have modified the subroutine
> "switch_to_remote_user" in file "web-lib.pl" to the following:-
>
> <-------- Start of code --------->
>
> sub switch_to_remote_user
> {
> @remote_user_info = getpwnam($remote_user);
> @remote_user_info || &error(&text('switch_remote_euser', $remote_user));
> if ($< == 0) {
> ($(, $)) = ($remote_user_info[3],
> ("$remote_user_info[3] ".join(" ", $remote_user_info[3],
> &other_groups($remote_user_info[0]))));
>
> ($>, $<) = ($remote_user_info[2], $remote_user_info[2]);
> $ENV{'USER'} = $ENV{'LOGNAME'} = $remote_user;
> $ENV{'HOME'} = $remote_user_info[7];
> }
> }
>
> <-------- End of code --------->
>
> Thanks in advance for any information you can provide to help me
> get this up and running on my BSDI 3.1 box.
That fix shouldn't cause any problems on other systems, so I'll put it
into usermin .. thanks!
- Jamie
|