strange pw behaviour
jonas.sonntag at jbhosting.de
Fri Jul 2 05:52:45 PDT 2004
first of all, thanks for the input!
On Friday 02 July 2004 13:58, Bill Moran wrote:
> Did you add the users/groups to the jail, or to the host system? Make sure
> that the group file you added this to is the same group file that is being
> used by the program. For example, on one of my jail systems, I have
> /etc/group, which is pretty stock, and /jail/cgi-jail/etc/group, which has
> special groups for CGI clients, and /jail/frontpage/etc/group which has
> groups for clients who use frontpage ... etc.
I'm within the jail only. I'm using pw from the host system, as you can see
from the -V switch to pw, but from thereon I'm logging on to the sshd running
inside the jail. So I'm talking about user www inside the jail and /etc/group
inside the jail.
> Make sure that ownerships show up properly in the environment you're using.
> For example, if you have a user "wmoran" with uid 1501 in the host system,
> then a user "wmoran" in the jail with uid 1427, you're going to find that
> the permissions don't work out right, because file permissions are based on
> uid, and the user name is just displayed to make it human-readable. Group
> IDs are similar.
I don't have any of the groups on the host system, all of them are inside the
Within the jail: All group names are displayed right, according to the entries
in /etc/group. User www is a member of all 10 groups. User www can list 6
directories and gets Permission denied on 4 directories.
> Have you looked at /etc/group (or whatever file is applicable) in a text
> editor to make sure everything is correct? The format is described in
> "man group" and is pretty easy to eye parse.
The format is correct, since all modification is done by pw. The text editor
part is the funny one: As soon as I move one of my problematic group entries
to another position inside the file using vi, it might work and eventually it
might break one of the other groups.
I just reordered the file so that the entries are sorted by group id which
resulted in 7 directories showing and only 3 showing Permission denied.
Sounds weird, right?
Still I have no indication what's wrong with the other 3... I would suspect it
might be a host/jail issue, but since I have none of the groups on the host
while some _do_ work this is not it.
Also, I'm really only working inside the jail enviroment and everything looks
like it should there.
As a sidenote: I have null-mounted the directory in which those 10 directories
are located to another jail on the same host system where I have the same
problem (showing 5, permission denied on 5 here).
Since I don't suspect a bug in pw, maybe someone could enlighten me which
other programs might be involved here and I could recompile those before I
reinstall the whole world to those jails (not that I think reinstalling
something will help, but I'm lost here).
Thanks again for the input,
More information about the freebsd-questions