--AqsLC8rIMeq19msA
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

John Nemeth --> tech-userlevel (2007-07-10 17:05:47 -0700):
> On Nov 30,  6:06pm, Jukka Salmi wrote:
> } 
> } I'm having a problem with an rc script which sets ${name}_user to run
> } the command as another user using su(1). While starting the command
> } works fine, shutting it down doesn't.
> } 
> } Since shutdown(8) is setuid root:operator I assume a non-root user in
> } group `operator' should be allowed to shut down the system. Is this
> } correct? However, this results in rc.shutdown being run as uid!=0 and
> } euid==0. Nevertheless su(1) asks for a password when trying to kill
> } the non-root process. Is this intended behaviour? If yes, rc.subr
> } should probably be changed to kill _all_ process as root, not only
> } those not setting ${name}_user.
> 
>      What version of shutdown(8) do you have?  It appears that this
> problem was solved in src/sbin/shutdown.c:1.47.

Indeed, thanks for the hint. The system in question is running NetBSD
3 (i.e. shutdown.c:1.44). Applying the relevant part of 1.47 (attached)
fixed the problem.

Thanks!


Regards, Jukka

-- 
bashian roulette:
$ ((RANDOM%6)) || rm -rf ~

--AqsLC8rIMeq19msA
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename=diff

Index: sbin/shutdown/shutdown.c
===================================================================
RCS file: /cvsroot/src/sbin/shutdown/shutdown.c,v
retrieving revision 1.44
diff -u -p -r1.44 shutdown.c
--- sbin/shutdown/shutdown.c	5 Feb 2005 13:17:54 -0000	1.44
+++ sbin/shutdown/shutdown.c	11 Jul 2007 11:17:31 -0000
@@ -479,7 +479,10 @@ void
 dorcshutdown(void)
 {
 	(void)printf("\r\nAbout to run shutdown hooks...\r\n");
+#ifndef DEBUG
+	(void)setuid(0);
 	(void)system(". " _PATH_RCSHUTDOWN);
+#endif
 	(void)sleep(5);		/* Give operator a chance to abort this. */
 	(void)printf("\r\nDone running shutdown hooks.\r\n");
 }

--AqsLC8rIMeq19msA--