Subject: Re: passwd fails for users not in wheel group
To: Manuel Bouyer <bouyer@antioche.lip6.fr>
From: Laine Stump <lainestump@rcn.com>
List: netbsd-help
Date: 03/20/2001 15:49:52
Manuel Bouyer <bouyer@antioche.lip6.fr> writes:
> On Mon, Mar 19, 2001 at 01:50:30PM -0500, Laine Stump wrote:
> > It's been a long time since I tried running passwd from an account
> > that wasn't a member of wheel. Just today I noticed that, both on a
> > 1.5 system using binaries from the tarballs, and on a 1.5S system with
> > binaries built locally, passwd fails immediately with "Permission
> > denied" if the current user isn't a member of wheel. Here's the
> > directory listing for /usr/bin/passwd:
> >
> > # ls -l `which passwd`
> > -r-sr-xr-x 2 root wheel 13484 Mar 11 12:55 /usr/bin/passwd*
> > # passwd
> > passwd: Permission denied
> >
> > I ran ktrace, and it won't show anything past the attempt to exec the
> > binary. I'm not sure if this is because it's executing, but ktrace
> > can't follow it across the suid, or if the exec itself is
> > failing. Here's the listings of the files that the manpage says are
> > accessed by passwd:
> >
> > -rw------- 1 root wheel 1973 Mar 10 14:05 /etc/master.passwd
> > -rw-r--r-- 1 root wheel 1628 Mar 10 14:05 /etc/passwd
>
> No, the files used are
> /etc/pwd.db
> /etc/spwd.db
Well, the manpage may not be totally correct, but neither is that -
notice the use of the _PATH_MASTERPASSWD in local_passwd.c.
Anyway, those file look like this on my system:
-rw-r--r-- 1 root wheel 40960 Mar 10 14:05 /etc/pwd.db
-rw------- 1 root wheel 40960 Mar 10 14:05 /etc/spwd.db
which seems reasonable.
I *must* be overlooking something really stupid... (another problem
I've been having just came to my mind - for some reason, when I ftp
from this machine, it always suggests the username "root" instead of
my own username. I wonder if the two problems might be somehow
related...)