[SOLVED] Re: can't login as user?

ADAM Sulmicki (adam@cfar.umd.edu)
Thu, 14 May 1998 20:10:16 -0400 (EDT)

At least in case of netbooting kernels.

The problem was that the /tftpboot directory was 700.

It was to prevent users on local system from looking into it.
While it was working well, it did effectively prevent anyone
but root on clinet machine which would mount such directory as root ("\")
directory from doing anything.

What is interesting is that after program would setuid() itself
to diff uid, it would lose all it access to /dev/tty which is subdir
of root (as I understand this). Thus it would/could not report any error
messages back. Thus such odd errors as su silently failing
or crashing with 'buss error'. Login reporting "no home directory"

Changing the root directory of the mountpoint to 755 fixed the problem.

Thanks to "Michael L. Galbraith" <mikeg@weiden.de> for pointing it out.

On Wed, 13 May 1998, ADAM Sulmicki wrote:

->I did bit more testing.
->the nfs server is RedHat 4.2. It exports /usr and two tftpboot
->directories, the two dir are very similar, and based on 4.2, not
->identical though.
->After that I did made an 34pre13 kernel and NET-booted it on
->Cyrix686MMX-PR200 /w 64mb ram,
-> it appeared to work all fine, I could login as user etc.
->Afrter that I netbooted it on
->Cyrix486-66 w/ 8mb ram.
-> It would have exactly those symptom as other say:
-> I could login fine as user, but trying any of the following:
-> login : it would fail w/ "no home/foo directory" message
-> su : would say "/bin/bash permission denied"
-> trying to run a program which first setuid() and
-> then to ties to system("/bin/bash"), makes fork to fail.
-> [program attached below]
->[root@bea /root]# su foo
->su: cannot run /bin/bash: Permission denied
->[root@bea /root]# whoami
->[root@bea /root]# test3
->[root@bea /root]# whoami
->[root@bea /root]# telnet localhost
->Connected to localhost.
->Escape character is '^]'.
->Red Hat Linux Red Hat Linux release 4.2 (Biltmore)
->Kernel 2.0.34 on an i486
->login: foo
->No directory /foo!
->Connection closed by foreign host.
->Note : kernels were identical, the /usr dir was identical,
-> the /tftpboot.<x> dirs are separate copies but
-> I think they are closely identical, and after all
-> they should not contribute to make system()
-> call to fail.
->[root@eax root]# cat test3.c
->main () {
-> int err = setuid(500);
-> system("/bin/bash");
->To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
->the body of a message to majordomo@vger.rutgers.edu


To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu