Red Hat Bugzilla – Bug 66862
su can't chdir to homedir when user only has group access
Last modified: 2007-04-18 12:43:14 EDT
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.0) Gecko/20020606 Description of problem: If you have a situation where only membership of a group allows permission to the parent of a user's homedir and you try to su to that user you get the warning: su: warning: cannot change directory to /home/test1: Permission denied and consequently the user's initialization scripts such as ~/.bashrc don't run properly. This problem was noticed in 7.1 but it continues to be evident in 7.3 The problem is that before the chdir to the user's homedir su calls setfsuid but it doesn't call setfsgid. Therefore if the only access the new user has to the directory is through its group then the following chdir will fail. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. adduser test1 2. chmod 750 /home 3. chgrp test1 /home 4. chmod 700 /home/test1 5. su - test1 Actual Results: [root@xenophanes root]# su - test1 su: warning: cannot change directory to /home/test1: Permission denied (And the .bashrc and other scripts don't run properly unless you put a cd as their first line) Expected Results: it works Additional info: This problem does not exist in the normal version of su. It was somthing that RH introduced with the sh-utils-2.0.11-pam.patch patch.
Created attachment 61304 [details] patch that fixes this problem
This may appear on the surface to be a very small issue but it has caused a lot of problems here and an errata would be appriciated.
Created attachment 61305 [details] no really this is the patch.
Created -14.1gid pkg which fixes this problem. Verified to work correctly.
Fixed in 2.0.11-16
Additional testing regarding this problem here at LLNL have shown that the solution that I proposed is inadequate due to the fact that it doesn't take into account secondary as opposed to primary groups. I was considering suggesting removing the whole conditional compilation of that section of code and reverting the code to the way that it was in the pristine version of the source where it calls change_identity() before it changes directories. However, I was not sure if there was some subtle security reason for using the setfs[sg]id functions here as opposed to actually going ahead and changing the credentials. I posted this query to tech but have not recieved a response as of yet.
Created attachment 61585 [details] Here is a patch which applies on top of the previous one and which should fix the problem with secondary groups.
Red Hat Linux and Red Hat Powertools are currently no longer supported by Red Hat, Inc. In an effort to clean up bugzilla, we are closing all bugs in MODIFIED state for these products. However, we do want to make sure that nothing important slips through the cracks. If, in fact, these issues are not resolved in a current Fedora Core Release (such as Fedora Core 5), please open a new issues stating so. Thanks.