From: Jamie C. <jca...@we...> - 2002-10-10 13:36:34
|
Carlton Thomas wrote: > On Thu, 10 Oct 2002, Jamie Cameron wrote: > > >>That looks perfect to me, and in fact the same changes work on my >>system without causing any problems. When you get the error message, >>does anything useful appear in /var/usermin/miniserv.error ? >> >> > > Hi Jamie, > > I have made some progress, however, I have still not got it working > properly as yet. Just thought I would update you on what I have found > out so far. > > In my last message I said that all appears to work OK when I comment > out the lines which forces Usermin to change from root to the logged > in user, but I was getting a script error with the lines uncommented. > I have discovered the reason for this. > > As I said before, the OS is BSDI 3.1. I installed Usermin while logged > in to the root account. The default file creation privileges for root > on the box is 600 (or 700 for executables) and owned by root. Now, when > Usermin makes the transition from root to the specified user it can no > longer read/execute any of the Perl scripts. To test this quickly, I > simply changed the privileges on all the Usermin files to 755 and I no > longer get the script error. That's odd, because the usermin tar file has all files set to mode 755 or 644, so you shouldn't need to change them again. > However, that did not cure my problem completely. Usermin now seems to > be behaving very strangely! Let me explain. I am doing all the tests > using the mail module, trying to read uesr email. When I click on the > Read Mail link, Usermin shows all the correct buttons, but there are > a number of problems with the displayed page. These are:- > > 1) The icon bar at the top is replaced with "User Email" in very large > font. > > 2) The preferences tab is replaced with ordinary text reading > "preferences". > > 3) The pull-down lists of mail folders shows every file in the user's > home directory. > > 4) The count of the number of messages in the inbox is correct, however, > the list of messages are not being displayed. > > Just a thought! In changing the privs to 755, have I incorrectly changed > the priv of any setuid scripts that Usermin requires? No, because none of them are setuid .. However, it sounds like the problem is that the code cannot read the /etc/usermin directory. Is that readable by normal users? Try setting it to mode 755 and seeing if that makes a difference. Oddly, this should be done by setup.sh for you anyway .. > Finally, I am not sure whether I have hit a Perl problem or a BSDI 3.1 > problem, but, I have discovered something weird about the functions > which are used to change from root to ordinary user. > > 1) perl -e '($<, $>) = (1, 1)' > > runs OK and correctly sets the real and effective user > > 2) perl -e '($(, $)) = (1, 1)' > > runs OK and correctly sets the real and effective group > > 3) perl -e '$< = 1' > > fails with the error "setruid() not implemented at -e line 1" > > 4) perl -e '$( = 1' > > fails with the error "setrgid() not implemented at -e line 1" > > So, with the above info in mind, i have modified the subroutine > "switch_to_remote_user" in file "web-lib.pl" to the following:- > > <-------- Start of code ---------> > > sub switch_to_remote_user > { > @remote_user_info = getpwnam($remote_user); > @remote_user_info || &error(&text('switch_remote_euser', $remote_user)); > if ($< == 0) { > ($(, $)) = ($remote_user_info[3], > ("$remote_user_info[3] ".join(" ", $remote_user_info[3], > &other_groups($remote_user_info[0])))); > > ($>, $<) = ($remote_user_info[2], $remote_user_info[2]); > $ENV{'USER'} = $ENV{'LOGNAME'} = $remote_user; > $ENV{'HOME'} = $remote_user_info[7]; > } > } > > <-------- End of code ---------> > > Thanks in advance for any information you can provide to help me > get this up and running on my BSDI 3.1 box. That fix shouldn't cause any problems on other systems, so I'll put it into usermin .. thanks! - Jamie |