From jay@gambit.ess.harris.com Mon Jan 13 13:00:50 1997 Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id NAA07197 for ; Mon, 13 Jan 1997 13:00:49 -0500 Received: from su15a.ess.harris.com by MIT.EDU with SMTP id AA11319; Mon, 13 Jan 97 13:00:48 EST Received: from gambit.ess.harris.com (gambit.ess.harris.com [130.41.34.214]) by ess.harris.com (8.8.4/8.8.4) with ESMTP id MAA07428 for ; Mon, 13 Jan 1997 12:59:57 -0500 (EST) Received: (from jay@localhost) by gambit.ess.harris.com (8.8.4/8.8.4) id MAA03071; Mon, 13 Jan 1997 12:59:55 -0500 (EST) Message-Id: <199701131759.MAA03071@gambit.ess.harris.com> Date: Mon, 13 Jan 1997 12:59:55 -0500 (EST) From: jay@gambit.ess.harris.com Reply-To: jay@gambit.ess.harris.com To: krb5-bugs@MIT.EDU Subject: krb5-clients X-Send-Pr-Version: 3.99 >Number: 338 >Category: krb5-clients >Synopsis: ksu fails to swith to root. >Confidential: no >Severity: non-critical >Priority: low >Responsible: krb5-unassigned >State: closed >Class: mistaken >Submitter-Id: unknown >Arrival-Date: Mon Jan 13 13:01:01 EST 1997 >Last-Modified: Fri Jan 24 16:36:53 EST 1997 >Originator: Jay Claybaugh >Organization: __________________________________________________________________________ Jay Claybaugh | EMAIL: jay@gambit.ess.harris.com Harris Corporation, MS 5/5870 | PO Box 91000, Melbourne, FL | PHONE: (407) 729-7492 32902 | FAX: (407) 729-7273 __________________________________________________________________________ >Release: 1.0 >Environment: System: SunOS gambit 5.5 Generic sun4m sparc SUNW,SPARCstation-5 Architecture: sun4 >Description: Invoking "ksu" to switch to root fails with error message: ksu: Not owner while selecting the best principal. Lines #738-741 in src/clients/ksu/main.c are currently: __________________________________________________________________________ /* insist that the target login uses a standard shell (root is omited) */ if (!standard_shell(target_pwd->pw_shell) && source_uid) { fprintf(stderr, "ksu: permission denied (shell).\n"); __________________________________________________________________________ I believe the "!" character is missing to make the source code match the comment as in the following: __________________________________________________________________________ /* insist that the target login uses a standard shell (root is omited) */ if (!standard_shell(target_pwd->pw_shell) && !source_uid) { fprintf(stderr, "ksu: permission denied (shell).\n"); __________________________________________________________________________ >How-To-Repeat: At prompt, type: ksu >Fix: Insert "!" character in line #740 as noted above. >Audit-Trail: State-Changed-From-To: open-feedback State-Changed-By: tytso State-Changed-When: Wed Jan 22 18:02:44 EST 1997 State-Changed-Why: Waiting for user comment..... From: "Theodore Y. Ts'o" To: krb5-bugs@MIT.EDU, jay@gambit.ess.harris.com Cc: krb5-unassigned@RT-11.MIT.EDU, gnats-admin@RT-11.MIT.EDU, krb5-prs@RT-11.MIT.EDU Subject: Re: krb5-clients/338: krb5-clients Date: Wed, 22 Jan 1997 18:02:28 -0500 Why do you think the error message of: Invoking "ksu" to switch to root fails with error message: ksu: Not owner while selecting the best principal. Is related to change the standard shell check in lines 738? The "while selecting the best principal" is from line line 403: if ((retval = get_best_princ_for_target(ksu_context, source_uid, target_uid, source_user, target_user, cc_source, &options, cmd, localhostname, &client, &hp))){ com_err(prog_name,retval, "while selecting the best principal"); exit(1); } The standard shell check in line 738, is, as far as I can tell, correct. - Ted State-Changed-From-To: feedback-closed State-Changed-By: tytso State-Changed-When: Fri Jan 24 16:36:32 1997 State-Changed-Why: Bug report was a mistake >Unformatted: