[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: mandb wrapper scripts

On Mon, Feb 07, 2000 at 10:44:38PM +0100, Marcus Brinkmann wrote:
> On Mon, Feb 07, 2000 at 03:44:50AM -0900, Ethan Benson wrote:
> > 
> > exec su -s /bin/sh nobody -c ${1+"$cmd"}
> hurd's su is pretty minimalistic and doesn't support this -s option.
> I would prefer a portable implementation over adding -s to the native su
> each time Debian is ported to a new platform.

That could mean add a test ...
does Hurd return 1 when you run

	su -s /bin/true 2>/dev/null; echo $?


If yes, then I could do:

#!/bin/sh -e
pgm=`basename $0`
cmd="${edir}/${pgm} ${1+$@}"
usrsw=" -s /bin/sh nobody"
su -s /bin/true 2>/dev/null || usrsw=" man"
test -w /root && exec su ${usrsw} -c ${1+"$cmd"}
exec ${cmd}

That would execute   su man -c   on system with a minimalistic "su".
It's less secure, but anyhow more than before.

A different approach could be to test for nobody's shell .
How to do that test? Remember we're in a wrapper and cannot waste time.

I suppose that postinst checks (to edit the wrapper on the fly) are not
acceptable, isn't it? But maybe it would help testing su -s

| fab@pukki.ntc.nokia.com     fpolacco@prosa.it    fpolacco@debian.org
| 6F7267F5 fingerprint 57 16 C4 ED C9 86 40 7B 1A 69 A1 66 EC FB D2 5E
| fabrizio.polacco@nokia.com                  gsm: +358 (0)40 707 2468

Reply to: