Bug 66881 - incomplete consolehelper functionality
incomplete consolehelper functionality
Product: Red Hat Linux
Classification: Retired
Component: usermode (Show other bugs)
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Jindrich Novy
Aaron Brown
: FutureFeature
Depends On:
  Show dependency treegraph
Reported: 2002-06-17 20:45 EDT by Need Real Name
Modified: 2013-07-02 18:56 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-04-07 08:26:12 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Need Real Name 2002-06-17 20:45:31 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.9) Gecko/20020513

Description of problem:
I created an rpm installer account, and gave it "rpm" group permissions. I set
all the necessary files to 750, except for links, root:rpm under /bin and
/usr/bin and ensured that consolehelper was set to 755. I tested it and worked
as expected. I went to my sa account, which did not have "rpm" priviledges, but
it does have "root" group, and launched gnorpm from the menu. First, I did not
expect the consolehelper to launch. Second, when I click on "run as
unpriviledged user", it closes out without a message stating "lack of permissions". 

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.create an account and give it "rpm" group
2.create an account and give it "root" group
3.chmod 750 and chown :rpm on all rpm files under /usr/bin and /bin, except for
4. on all link files, chown :rpm
5. login as second account, and launch gnorpm from the menu
6. click on "run as unpriviledged user"

Actual Results:  The consolehelper disappears never to re-appear and never gives
a reason why

Expected Results:  It should not have come up in the first place; because the
2nd account did not even have access to /usr/bin/gnorpm-auth, minus the fact
that it did have access to consolehelper itself. Second, if it did come up and
the user did click on "run as unpriviledged user", it should have told the user
to "go-away".

Additional info:

This was the set-up I tried. I don't know how many user/group configurations
this same behavior might manifest itself. Personally, I don't know how many
people might even try this kind of set-up.
Comment 1 Jindrich Novy 2004-10-31 14:33:22 EST
Yes, this setup is not very usual, maybe the new feature of "UGROUPS"
in usermode-1.74-1 would help you somehow.
Comment 2 Jindrich Novy 2005-04-07 08:26:12 EDT
Closing as WONTFIX.

Note You need to log in before you can comment on or make changes to this bug.