Hi,

I'm having a problem with an rc script which sets ${name}_user to run
the command as another user using su(1). While starting the command
works fine, shutting it down doesn't.

Since shutdown(8) is setuid root:operator I assume a non-root user in
group `operator' should be allowed to shut down the system. Is this
correct? However, this results in rc.shutdown being run as uid!=0 and
euid==0. Nevertheless su(1) asks for a password when trying to kill
the non-root process. Is this intended behaviour? If yes, rc.subr
should probably be changed to kill _all_ process as root, not only
those not setting ${name}_user.

To reproduce the core of the problem:

$ id
uid=1000(jukka) gid=1000(jukka) groups=1000(jukka),0(wheel),5(operator),[...]
$ sudo cp /bin/ksh /
$ sudo chown 0:0 /ksh
$ sudo chmod 4554 /ksh
$ /ksh
# id
uid=1000(jukka) gid=1000(jukka) euid=0(root) groups=1000(jukka),0(wheel),5(operator),[...]
# su -m daemon -c id     
Password:

This works as expected for root:

$ sudo su -
[...]
# id
uid=0(root) gid=0(wheel) groups=0(wheel),[...]
# su -m daemon -c id
uid=1(daemon) gid=1(daemon) groups=1(daemon)

So, what should be fixed? su(1), rc(8) or my understanding of them?


Regards, Jukka

-- 
bashian roulette:
$ ((RANDOM%6)) || rm -rf ~