[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Bug in su -s handling

From: Ari Gordon-Schlosberg
Subject: Bug in su -s handling
Date: Fri, 23 Apr 2004 18:30:34 -0700
User-agent: Mutt/1.4i

Here's a copy of my bug report to Redhat's bugzilla regarding the way that
su handles the -s option.

Ari Gordon-Schlosberg http://www.nebcorp.com/~regs/pgp for PGP public key

--- Begin Message --- Subject: [Bug 121629] New: su ignores all options except -s shell when passed -s shell; effects /etc/init.d/functions daemon() function Date: Fri, 23 Apr 2004 21:23:03 -0400
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.


           Summary: su ignores all options except -s shell when passed -s
                    shell; effects /etc/init.d/functions daemon() function
           Product: Fedora Core
           Version: 1
          Platform: All
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: normal
         Component: coreutils
        AssignedTo: address@hidden
        ReportedBy: address@hidden

>From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040124

Description of problem:
When su is passed the -s flag to specify a shell, it will do nothing
but open that shell.   The documentation for su seems to indicate that
-s shell should just override using the shell from /etc/passwd.

The upshot of this problem is that you can't script the running
commands as a different user and override the shell.  This breaks the
--user option to daemon() in /etc/init.d/functions.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. As root, execute 'su - rpm -s /bin/bash -c "ls /"


Actual Results:  You get an interactive shell for user rpm.

Expected Results:  The command 'ls /' should have been run as the user rpm

Additional info:

An example:

safe|18:24|~# su - rpm -c "ls /"      
bin      dev   home-old  lost+found  old-home       proc  scratch  var
boot     etc   initrd    media       opt            root  tmp      web
cvsroot  home  lib       mnt         perllocal.pod  sbin  usr
safe|18:25|~# su - rpm -s /bin/bash -c "ls /"
-su-2.05b$ id
uid=37(rpm) gid=37(rpm) groups=37(rpm)
-su-2.05b$ exit
safe|18:25|~# id
uid=0(root) gid=0(root)

Here's a workaround to make --user work for daemon():

--- /etc/init.d/functions       2003-10-28 14:26:39.000000000 -0800
+++ /tmp/functions      2004-04-23 18:21:45.000000000 -0700
@@ -147,7 +147,8 @@
        if [ -z "$user" ]; then
           $nice initlog $INITLOG_ARGS -c "$*"
-          $nice initlog $INITLOG_ARGS -c "su -s /bin/bash - $user -c
+          #$nice initlog $INITLOG_ARGS -c "su -s /bin/bash - $user -c
+          $nice initlog $INITLOG_ARGS -c "su - $user -c \"$*\""
        [ "$?" -eq 0 ] && success $"$base startup" || failure $"$base

------- You are receiving this mail because: -------
You reported the bug, or are watching the reporter.

--- End Message ---

Attachment: pgp5YKcMF_q2L.pgp
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]