Bug 3799 - sh-utils-1.16-nostdin.patch breaks cronjob su
sh-utils-1.16-nostdin.patch breaks cronjob su
Status: CLOSED WONTFIX
Product: Red Hat Linux
Classification: Retired
Component: sh-utils (Show other bugs)
6.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jay Turner
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 1999-06-29 10:39 EDT by juergen.mayerhofer
Modified: 2015-01-07 18:37 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 1999-08-28 17:51:52 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description juergen.mayerhofer 1999-06-29 10:39:05 EDT
Is there anything usefull beside breaking my cronjobs? I
can't do a su (in my case a su to an account with uid 0
and a shellscript as loginshell, nothing dangerous on this
machine because there are no accounts besides mine, but
very important for putting new dhcpd.conf's in place and
restarting my dhcpd). This is new to rh-6.0 as
"strings /bin/su | grep tty" on my 5.x boxes told me.

root@rfhpc0014:/usr/src/redhat/SOURCES # more
sh-utils-1.16-nostdin.patch
--- sh-utils-1.16/src/su.c.nostdin      Thu Apr  1 10:26:02
1999
+++ sh-utils-1.16/src/su.c      Thu Apr  1 10:32:12 1999
@@ -376,7 +376,6 @@
 correct_password (const struct passwd *pw)
 {
 #ifdef USE_PAM
-
   /* root always succeeds; this isn't an authentication
question (no
    * extra privs are being granted) so it shouldn't
authenticate with PAM.
    * However, we want to create the pam_handle so that
proper credentials
@@ -385,6 +384,13 @@
   PAM_BAIL_P;
   if (getuid () == 0)
     return 1;
+
+  if (!isatty(0)) {
+       fprintf(stderr, "standard in must be a tty\n");
+       exit(1);
+  }
+
+
   retval = pam_authenticate(pamh, 0);
   PAM_BAIL_P;
   retval = pam_acct_mgmt(pamh, 0);
Comment 1 Jeff Johnson 1999-06-30 22:55:59 EDT
Can you supply an example of what this patch breaks?
Comment 2 Jeff Johnson 1999-08-28 17:51:59 EDT
Remove the patch to fix your problem. Red Hat will not remove the
patch because it attempts to prevent using su to acquire another
users password.

Note You need to log in before you can comment on or make changes to this bug.