Re: Bug#9582: suidmanager 0.6 uploaded to master.debian.org

To: Christoph Lameter <clameter@power.net>
Cc: <debian-devel@lists.debian.org>, 9582@bugs.debian.org
Subject: Re: Bug#9582: suidmanager 0.6 uploaded to master.debian.org
From: "Karl M. Hegbloom" <karlheg@inetarena.com>
Date: Fri, 16 May 1997 19:44:35 -0700
Message-id: <[🔎] 199705170244.TAA10221@bittersweet.inetarena.com>
In-reply-to: <[🔎] Pine.LNX.3.96.970516091408.11157C-100000@waterf.org>
References: <[🔎] 199705160710.AAA25073@bittersweet.inetarena.com> <[🔎] Pine.LNX.3.96.970516091408.11157C-100000@waterf.org>

 It works some times, but not others.  Enclosed are scripts of two
trials, one where it functions, from within an XEmacs buffer, and
another where it fails, from an XTerm shell.

 The status display comes from a $PROMPT_COMMAND that prints any
non-zero $? before it prints the next prompt.

*** The following message will contain a fixed version of
				    `suidregister` that will work ***

  I did this in an XEmacs buffer.  It seems to work...
8<----------------------------------------------------------------->8
~/programs
# grep sldfjljd /etc/suid.conf
[status 1]

~/programs
# grep exports /etc/suid.conf
[status 1]

~/programs
# export PATH=/usr/sbin:/sbin:/usr/bin:/bin

~/programs
# head /usr/sbin/suidregister
#!/bin/sh
#
# Register a binary
#

if echo $- | grep -q e; then
  e=-e
  set +e
else
  e=+e

~/programs
# ./testsuidreg

~/programs
# grep exports /etc/suid.conf
user /etc/exports karlheg karlheg 4755

~/programs
# # now editting suidregister, to comment out my changes.

~/programs
# # now editting /etc/suid.conf to remove that line

~/programs
# head /usr/sbin/suidregister
#!/bin/sh
#
# Register a binary
#

# if echo $- | grep -q e; then
#   e=-e
#   set +e
# else
#   e=+e

~/programs
# grep exports /etc/suid.conf
[status 1]

~/programs
# ./testsuidreg

~/programs
# grep exports /etc/suid.conf
user /etc/exports karlheg karlheg 4755

~/programs
# echo $BASH_VERSION
2.00.0(1)-release
8<----------------------------------------------------------------->8

 But for some reason, in an XTerm, it fails.  Here's a typescript of
what I did.  Notice that I ran a test with my changes (as per the
patch I sent) in, plus a line like: 

echo $0: value of \$- is: $-`

... inserted at the top of the `suidregister` script.  You can see in
the typescript, where it prints $-, that the '-o errexit' flag is
indeed set when the script is called.

  Here's what your test program returns, even though it appears to
work... it sets the file permissions and makes the "/etc/suid.conf"
entry, but the echo at the top of `suidregister` shows me this:
8<----------------------------------------------------------------->8
515# ./testsuidreg 
/usr/sbin/suidregister: value of $- is: ehmB

516# cat testsuidreg 
#/!bin/sh
set -e
suidregister /etc/exports karlheg karlheg 4755

517# grep exports /etc/suid.conf
user /etc/exports karlheg karlheg 4755

518# ls -l /etc/exports 
-rwsr-xr-x   1 karlheg  karlheg       366 Feb 26 07:00 /etc/exports*
8<----------------------------------------------------------------->8

 I ran the `rlpr` postinst script, and it fails.  Then I added the 'x'
flag, for tracing output, and ran it again.  It fails, and you can see
where.  I show the result of running the same `grep` from the
commandline. I then put my patches back into `suidregister`, and it
functions properly, since the code 1 returned by the `grep` does not
cause `suidregister` to exit.

 (I've found that reading these typescripts with `less` works fairly
well, because of the way it displays control characters.)

 I hope you can get something out of this.

8<----------------------------------------------------------------->8

Script started on Fri May 16 18:44:41 1997
sh: status_after_prompt: command not found

]2;root@bittersweet:~


501# echo      ./  /etc/profile

------------------------------------------------------------

"Who alone has reason to *lie himself out* of actuality?  He who *suffers*

 from it."

-- Friedrich Nietzsche

------------------------------------------------------------

]2;root@bittersweet:~


502# echo $PATH

/bin:/usr/bin:/usr/X11R6/bin:/usr/lib/texmf/bin:/usr/local/bin:/usr/games

]2;root@bittersweet:~


503# export $PATH=/usr/sbin:/sbin:/usr/bin:/bin

sh: export: `/bin:/usr/bin:/usr/X11R6/bin:/usr/lib/texmf/bin:/usr/local/bin:/usr/games=/usr/sbin:/sbin:/usr/bin:/bin': not a valid identifier

[status 1]

]2;root@bittersweet:~


504# export $PATH=/usr/sbin:/sbin:/usr/bin:/bin
*504# export 

]2;root@bittersweet:~


505# [H[2J


505# echo $PATH

/usr/sbin:/sbin:/usr/bin:/bin

]2;root@bittersweet:~


506# cat /var/lib/dpkg/info/l rlpr.postinst

#!/bin/sh

set -e

# Permission processing inserted by debmake on Fri, 17 Jan 1997 14:52:40 +0900

if [ -e /etc/suid.conf ]; then

	suidregister -s rlpr /usr/bin/rlpr root root 4755

else

	chown root.root /usr/bin/rlpr

	chmod 4755 /usr/bin/rlpr

fi

# Permission processing inserted by debmake on Fri, 17 Jan 1997 14:52:40 +0900

if [ -e /etc/suid.conf ]; then

	suidregister -s rlpr /usr/bin/rlprd root root 4755

else

	chown root.root /usr/bin/rlprd

	chmod 4755 /usr/bin/rlprd

fi

]2;root@bittersweet:~


507# /var/lib/dpkg/info/rlpr.postinst

[status 1]

]2;root@bittersweet:~


508# cp /var/lib/dpkg/info/rlpr.postinst t/  /tmp

]2;root@bittersweet:~


509# sed 's/set -e/set -ex/' </tmp/l rlpr.pois  stinst >/tmp/rlpr.postinst.x

]2;root@bittersweet:~


510# cat /tmp/rlpr.postinst.x

#!/bin/sh

set -ex

# Permission processing inserted by debmake on Fri, 17 Jan 1997 14:52:40 +0900

if [ -e /etc/suid.conf ]; then

	suidregister -s rlpr /usr/bin/rlpr root root 4755

else

	chown root.root /usr/bin/rlpr

	chmod 4755 /usr/bin/rlpr

fi

# Permission processing inserted by debmake on Fri, 17 Jan 1997 14:52:40 +0900

if [ -e /etc/suid.conf ]; then

	suidregister -s rlpr /usr/bin/rlprd root root 4755

else

	chown root.root /usr/bin/rlprd

	chmod 4755 /usr/bin/rlprd

fi

]2;root@bittersweet:~


511# :[Kcat /tmp/rlpr.postinst.x
511# 
[2P*511# [1P

sh: /tmp/rlpr.postinst.x: Permission denied

[status 126]

]2;root@bittersweet:~


512# chmod +x /tmp/rlpr.postinst.x

]2;root@bittersweet:~


513# chmod +x /tmp/rlpr.postinst.x
513# [9P/tmp/rlpr.postinst.x

+ '[' -e /etc/suid.conf ']'

+ suidregister -s rlpr /usr/bin/rlpr root root 4755

+ '[' -s = '' ']'

+ '[' -s = -s ']'

+ shift

+ PACKAGE=rlpr

+ shift

+ '[' 4755 = '' ']'

+ '[' '!' -e /usr/bin/rlpr ']'

++ grep '.* /usr/bin/rlpr' /etc/suid.conf

+ X=

[status 1]

]2;root@bittersweet:~


514# echo $EUID,$UID,`whoami`

0,0,root

]2;root@bittersweet:~


515# echo $EUID,$UID,`whoami`
515# [4P/tmp/rlpr.postinst.x

+ '[' -e /etc/suid.conf ']'

+ suidregister -s rlpr /usr/bin/rlpr root root 4755

+ '[' -s = '' ']'

+ '[' -s = -s ']'

+ shift

+ PACKAGE=rlpr

+ shift

+ '[' 4755 = '' ']'

+ '[' '!' -e /usr/bin/rlpr ']'

++ grep '.* /usr/bin/rlpr' /etc/suid.conf

+ X=

[status 1]

]2;root@bittersweet:~


516# grep ".* /usr/bin/rlpr" /etc/suid.conf

[status 1]

]2;root@bittersweet:~


517# # see?

[status 1]

]2;root@bittersweet:~


518# # see?grep ".* /usr/bin/rlpr" /etc/suid.conf
518# [18P/tmp/rlpr.postinst.x

+ '[' -e /etc/suid.conf ']'

+ suidregister -s rlpr /usr/bin/rlpr root root 4755

+ echo /usr/sbin/suidregister: value of '$-' is: ehmxB

/usr/sbin/suidregister: value of $- is: ehmxB

+ echo ehmxB

+ grep -q e

+ e=-e

+ set +e

+ '[' -s = '' ']'

+ '[' -s = -s ']'

+ shift

+ PACKAGE=rlpr

+ shift

+ '[' 4755 = '' ']'

+ '[' '!' -e /usr/bin/rlpr ']'

++ grep '.* /usr/bin/rlpr' /etc/suid.conf

+ X=

+ '[' '' ']'

+ echo 'rlpr /usr/bin/rlpr root root 4755'

+ setperm rlpr /usr/bin/rlpr root root 4755

+ '[' -e /usr/bin/rlpr ']'

+ chown root.root /usr/bin/rlpr

+ chmod 4755 /usr/bin/rlpr

+ set -e

+ '[' -e /etc/suid.conf ']'

+ suidregister -s rlpr /usr/bin/rlprd root root 4755

+ echo /usr/sbin/suidregister: value of '$-' is: ehmxB

/usr/sbin/suidregister: value of $- is: ehmxB

+ echo ehmxB

+ grep -q e

+ e=-e

+ set +e

+ '[' -s = '' ']'

+ '[' -s = -s ']'

+ shift

+ PACKAGE=rlpr

+ shift

+ '[' 4755 = '' ']'

+ '[' '!' -e /usr/bin/rlprd ']'

++ grep '.* /usr/bin/rlprd' /etc/suid.conf

+ X=

+ '[' '' ']'

+ echo 'rlpr /usr/bin/rlprd root root 4755'

+ setperm rlpr /usr/bin/rlprd root root 4755

+ '[' -e /usr/bin/rlprd ']'

+ chown root.root /usr/bin/rlprd

+ chmod 4755 /usr/bin/rlprd

+ set -e

]2;root@bittersweet:~


519# :^[p [K[K/tmp/rlpr.postinst.x
519# # see?[Kgrep ".* /usr/bin/rlpr" /etc/suid.conf

rlpr /usr/bin/rlpr root root 4755

rlpr /usr/bin/rlprd root root 4755

]2;root@bittersweet:~


520# # Q.E.D.

]2;root@bittersweet:~


521# exit


Script done on Fri May 16 18:53:32 1997

8<----------------------------------------------------------------->8

-- 
Karl M. Hegbloom <karlheg@inetarena.com>
http://www.inetarena.com/~karlheg
Portland, OR  USA
Debian GNU 1.2  Linux 2.1.36 AMD K5 PR-133

Reply to:

Follow-Ups:
- Re: Bug#9582: suidmanager 0.6 uploaded to master.debian.org
  - From: Christoph Lameter <clameter@waterf.org>

References:
- Re: Bug#9582: suidmanager 0.6 uploaded to master.debian.org
  - From: "Karl M. Hegbloom" <karlheg@inetarena.com>
- Re: Bug#9582: suidmanager 0.6 uploaded to master.debian.org
  - From: Christoph Lameter <clameter@power.net>

Prev by Date: Bugs in shadow-970502-2
Next by Date: Re: Bug#9582: suidmanager 0.6 uploaded to master.debian.org
Previous by thread: Re: Bug#9582: suidmanager 0.6 uploaded to master.debian.org
Next by thread: Re: Bug#9582: suidmanager 0.6 uploaded to master.debian.org
Index(es):
- Date
- Thread