Bug 3799
| Summary: | sh-utils-1.16-nostdin.patch breaks cronjob su | ||
|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | juergen.mayerhofer |
| Component: | sh-utils | Assignee: | Jay Turner <jturner> |
| Status: | CLOSED WONTFIX | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 6.0 | CC: | srevivo |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 1999-08-28 21:51:52 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Can you supply an example of what this patch breaks? Remove the patch to fix your problem. Red Hat will not remove the patch because it attempts to prevent using su to acquire another users password. |
Is there anything usefull beside breaking my cronjobs? I can't do a su (in my case a su to an account with uid 0 and a shellscript as loginshell, nothing dangerous on this machine because there are no accounts besides mine, but very important for putting new dhcpd.conf's in place and restarting my dhcpd). This is new to rh-6.0 as "strings /bin/su | grep tty" on my 5.x boxes told me. root@rfhpc0014:/usr/src/redhat/SOURCES # more sh-utils-1.16-nostdin.patch --- sh-utils-1.16/src/su.c.nostdin Thu Apr 1 10:26:02 1999 +++ sh-utils-1.16/src/su.c Thu Apr 1 10:32:12 1999 @@ -376,7 +376,6 @@ correct_password (const struct passwd *pw) { #ifdef USE_PAM - /* root always succeeds; this isn't an authentication question (no * extra privs are being granted) so it shouldn't authenticate with PAM. * However, we want to create the pam_handle so that proper credentials @@ -385,6 +384,13 @@ PAM_BAIL_P; if (getuid () == 0) return 1; + + if (!isatty(0)) { + fprintf(stderr, "standard in must be a tty\n"); + exit(1); + } + + retval = pam_authenticate(pamh, 0); PAM_BAIL_P; retval = pam_acct_mgmt(pamh, 0);