Manuel Bouyer <bouyer@antioche.lip6.fr> writes:

> On Mon, Mar 19, 2001 at 01:50:30PM -0500, Laine Stump wrote:
> > It's been a long time since I tried running passwd from an account
> > that wasn't a member of wheel. Just today I noticed that, both on a
> > 1.5 system using binaries from the tarballs, and on a 1.5S system with
> > binaries built locally, passwd fails immediately with "Permission
> > denied" if the current user isn't a member of wheel. Here's the
> > directory listing for /usr/bin/passwd:
> > 
> >    # ls -l `which passwd`
> >    -r-sr-xr-x  2 root  wheel  13484 Mar 11 12:55 /usr/bin/passwd*
> >    # passwd
> >    passwd: Permission denied
> > 
> > I ran ktrace, and it won't show anything past the attempt to exec the
> > binary. I'm not sure if this is because it's executing, but ktrace
> > can't follow it across the suid, or if the exec itself is
> > failing. Here's the listings of the files that the manpage says are
> > accessed by passwd:
> > 
> >    -rw-------  1 root  wheel  1973 Mar 10 14:05 /etc/master.passwd
> >    -rw-r--r--  1 root  wheel  1628 Mar 10 14:05 /etc/passwd
> 
> No, the files used are
> /etc/pwd.db
> /etc/spwd.db

Well, the manpage may not be totally correct, but neither is that -
notice the use of the _PATH_MASTERPASSWD in local_passwd.c.

Anyway, those file look like this on my system:

   -rw-r--r--  1 root  wheel  40960 Mar 10 14:05 /etc/pwd.db
   -rw-------  1 root  wheel  40960 Mar 10 14:05 /etc/spwd.db

which seems reasonable.

I *must* be overlooking something really stupid... (another problem
I've been having just came to my mind - for some reason, when I ftp
from this machine, it always suggests the username "root" instead of
my own username. I wonder if the two problems might be somehow
related...)