Subject: Re: Strange thing with passwd file?
To: Gerry Simmons Jr. <darykon!simmons@nwnexus.wa.com>
From: Wayne Berke <berke@panix.com>
List: netbsd-users
Date: 02/19/1995 21:57:48
In message <199502200017.QAA07890@darykon>, "Gerry Simmons Jr." writes:
> I just had something really unusual happen to me while running NetBSD-1.0.
>
> All at once, all my logins started appearing as "root." In other words, when
> you logged in on any account, the system would attach you to the appropriate
> account directory, but then I'd get a Warning from SH about having a dot in
> the Path, then the prompt would come up with root@machine. I would also get
> a response of root from whoami.
>
> Has anyone seen this before?
I had a similar thing happen to me. I would log on as an ordinary user
and everything would seem okay. However, running whoami would return
root for some reason. Turns out my /bin/sh had it's setuid bit set!
The problem was that the original install bundles a lot of different
utilities into a single file, I guess to save space on libraries. In
particular, /bin/sh was hard linked with 33 other utilities. If you turn on
setuid on any one of them, they all become setuid.
I thought this was fixed when I extracted the base binary distribution
from my cd. Unfortunately I had neglected to specify --unlink to the
tar command and so got the message "Text file busy" for each of the
34 linked files.
>
> I ended up fixing the problem in an equally strange way. I booted up off of
> the UPGR-10.fs floppy and let it do it's install thing. I had noticed before
> that it copies a new .profile to / and rename's /etc/rc to rc.bak, as well as
> I'm sure, many other things, like tweaking with the passwd file. This seemed
> to re-sync things with the logins.
Unless something put the 0 UID in everyone's entry, I wouldn't suspect the
passwd file. If it happens again, check the setuid bit on your shells.
Wayne Berke