[Pkg-shadow-devel] Bug#347747: marked as done (su: 'su - user cmd'
doesn't read startup files anymore)
Debian Bug Tracking System
owner at bugs.debian.org
Sun Jan 15 15:48:38 UTC 2006
Your message dated Sun, 15 Jan 2006 07:17:08 -0800
with message-id <E1Ey9cy-00017R-Du at spohr.debian.org>
and subject line Bug#347747: fixed in shadow 1:4.0.14-3
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 12 Jan 2006 12:46:19 +0000
>From jckn at gmx.net Thu Jan 12 04:46:19 2006
Return-path: <jckn at gmx.net>
Received: from mail.gmx.de ([213.165.64.21] helo=mail.gmx.net)
by spohr.debian.org with smtp (Exim 4.50)
id 1Ex1qN-0001Qz-5Q
for submit at bugs.debian.org; Thu, 12 Jan 2006 04:46:19 -0800
Received: (qmail invoked by alias); 12 Jan 2006 12:45:47 -0000
Received: from dslb-084-059-022-078.pools.arcor-ip.net (EHLO hejre.minidns.net) [84.59.22.78]
by mail.gmx.net (mp028) with SMTP; 12 Jan 2006 13:45:47 +0100
X-Authenticated: #6819316
Received: from jcn by hejre.minidns.net with local (Exim 4.60)
(envelope-from <jcn at hejre.minidns.net>)
id 1Ex1pq-00061N-Jq
for submit at bugs.debian.org; Thu, 12 Jan 2006 13:45:46 +0100
Date: Thu, 12 Jan 2006 13:45:46 +0100
From: "Jan C. Nordholz" <jckn at gmx.net>
To: submit at bugs.debian.org
Subject: su: 'su - user cmd' doesn't read startup files anymore
Message-ID: <20060112124546.GA22766 at hejre.minidns.net>
Reply-To: jckn at gmx.net
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="0OAP2g/MAC+5xKAE"
Content-Disposition: inline
User-Agent: Mutt/1.5.11
X-Y-GMX-Trusted: 0
Delivered-To: submit at bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
--0OAP2g/MAC+5xKAE
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Package: login
Version: 4.0.14-1
Severity: normal
Dear maintainers,
=66rom bash's source, shell.c:
] /* A non-interactive shell not named `sh' and not in posix mode reads and
] executes commands from $BASH_ENV. If `su' starts a shell with `-c cm=
d'
] and `-su' as the name of the shell, we want to read the startup files.
] No other non-interactive shells read any startup files. */
This was the case prior to 4.0.14: (tested on 4.0.13-7)
] s10:~# strace -eexecve,setuid32 -f su - backup echo \$SHELL
] execve("/bin/su", ["su", "-", "backup", "echo", "$SHELL"], [/* 18 vars */=
]) =3D 0
] setuid32(34) =3D 0
] execve("/bin/sh", ["-su", "-c", "echo $SHELL"], [/* 8 vars */]) =3D 0
] ^^^^^
] ...
Present behaviour:
] root at hejre:/home/jcn# strace -f -eexecve,setuid32 su - jcn echo \$SHELL
] execve("/bin/su", ["su", "-", "jcn", "echo", "$SHELL"], [/* 25 vars */]) =
=3D 0
] setuid32(1000) =3D 0
] Process 23014 attached (waiting for parent)
] Process 23014 resumed (parent 23013 ready)
] Process 23013 suspended
] [pid 23014] execve("/bin/bash", ["/bin/bash", "-c", "echo $SHELL"], [/* 8=
vars */]) =3D 0
] ^^^^^^^^^^^
] ...
This results in, among other things, $PATH being set to the wrong directory=
list.
Regards,
Jan
--=20
Jan C. Nordholz
<jckn At gmx net>
--0OAP2g/MAC+5xKAE
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDxk96JnGRgaR03R4RAuJrAJ4xiRhq3xDo4T5hbrrokn692aCazwCfYvG8
c3xMx0bLNZOih0NfSgv5pVw=
=if/1
-----END PGP SIGNATURE-----
--0OAP2g/MAC+5xKAE--
---------------------------------------
Received: (at 347747-close) by bugs.debian.org; 15 Jan 2006 15:21:07 +0000
>From katie at ftp-master.debian.org Sun Jan 15 07:21:07 2006
Return-path: <katie at ftp-master.debian.org>
Received: from katie by spohr.debian.org with local (Exim 4.50)
id 1Ey9cy-00017R-Du; Sun, 15 Jan 2006 07:17:08 -0800
From: Christian Perrier <bubulle at debian.org>
To: 347747-close at bugs.debian.org
X-Katie: $Revision: 1.65 $
Subject: Bug#347747: fixed in shadow 1:4.0.14-3
Message-Id: <E1Ey9cy-00017R-Du at spohr.debian.org>
Sender: Archive Administrator <katie at ftp-master.debian.org>
Date: Sun, 15 Jan 2006 07:17:08 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-4.1 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER,
REMOVE_REMOVAL_1WORD autolearn=no
version=2.60-bugs.debian.org_2005_01_02
X-CrossAssassin-Score: 2
Source: shadow
Source-Version: 1:4.0.14-3
We believe that the bug you reported is fixed in the latest version of
shadow, which is due to be installed in the Debian FTP archive:
login_4.0.14-3_i386.deb
to pool/main/s/shadow/login_4.0.14-3_i386.deb
passwd_4.0.14-3_i386.deb
to pool/main/s/shadow/passwd_4.0.14-3_i386.deb
shadow_4.0.14-3.diff.gz
to pool/main/s/shadow/shadow_4.0.14-3.diff.gz
shadow_4.0.14-3.dsc
to pool/main/s/shadow/shadow_4.0.14-3.dsc
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 347747 at bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Christian Perrier <bubulle at debian.org> (supplier of updated shadow package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster at debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 15 Jan 2006 15:03:56 +0100
Source: shadow
Binary: login passwd
Architecture: source i386
Version: 1:4.0.14-3
Distribution: unstable
Urgency: low
Maintainer: Shadow package maintainers <pkg-shadow-devel at lists.alioth.debian.org>
Changed-By: Christian Perrier <bubulle at debian.org>
Description:
login - system login tools
passwd - change and administer password and group data
Closes: 62821 296729 347747 347935
Changes:
shadow (1:4.0.14-3) unstable; urgency=low
.
* The "Pont-L'Évêque" release
* Upstream bugs or fixes not already fixed in upstream releases or CVS:
- 479_chowntty_debug:
- produce more helpful syslog message[s] when is_my_tty() fails
(see bug #332198).
- 462_warn_to_edit_shadow:
- warn users to edit the shadow file when using vipw or vigr
Closes: #62821
- 480_getopt_args_reorder:
- Allow SU options to be passed after - or the username
- 481_userdel_remove_remove_group:
- User's group was removed twice, which caused warnings
- 461_keep_sticky_bit_for_dirs:
- keep the sticky bit in the directory copied by useradd in the
skeleton or by usermod.
Closes: #296729
- 482_libmisc_copydir_check_return_values:
- check the return value of system calls in copy_tree
- 483_su_fakelogin_wrong_arg0:
- shell's name must be -su when su is faking a login shell.
Closes: #347747
- 484_su-p_preserve_PATH:
- -p did not preserve the PATH environment variable when su started a
shell (no -c).
Closes: #347935
* Debian specific fixes:
- debian/rules:
- switch to cdbs for package build
Files:
5185573ff9e0021cb264558d55b1b80b 901 admin required shadow_4.0.14-3.dsc
b24726092ce94b7774b52b6175a288e3 168927 admin required shadow_4.0.14-3.diff.gz
7af97b37fb56b312510247baf4903bde 735912 admin required passwd_4.0.14-3_i386.deb
39bc6a0280eb76da9fc73699d17196a7 657520 admin required login_4.0.14-3_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDymEF1OXtrMAUPS0RAjwSAJ4ivm06aStqJzMgxHG9epF660V5JACfREFS
gfon5rHq7kv9fH03gOa75No=
=QJRC
-----END PGP SIGNATURE-----
More information about the Pkg-shadow-devel
mailing list