Re: Bizarre setlogin propagation in 14.0/14.1
- Reply: Steve Watt: "RE: Bizarre setlogin propagation in 14.0/14.1"
- In reply to: Steve Watt: "Bizarre setlogin propagation in 14.0/14.1"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 23 Jul 2024 04:23:59 UTC
On 7/22/24 23:01, Steve Watt wrote: > Greetings, > > I have been slowly chasing a very strange issue that’s been bugging me > since I upgraded to 14.0 (and now 14.1). > > The presenting symptom was that the periodic daily and security runs > were appearing with random users as the envelope sender. > > Much poking later (it takes a long time to run experiments if you want > to make sure they run in the real cron/periodic environment), I have > isolated it down to the daily/300.calendar, which several users on my > system use. > > Somehow, it seems that the setusercontext call in calendar.c is … rather > effective. It appears to be setting the login ID for the parent process > somehow? > > Easy-to-demonstrate sample: > > (root@rivendell) 336# sh > > # id -p > > uid root > > groups users wheel www vboxusers > > # calendar -a > > # id -p > > login jpick3543 > > uid root > > groups users wheel www vboxusers > > # exit > > (root@rivendell) 337# id -p > > login jpick3543 > > uid root > > (root@rivendell) 338# > > It’s been a lot of years since I dug deeply into a POSIX TTY subsystem > (I briefly worked on one for an RTOS in the mid-‘90s), but this behavior > is rather startling. It also seems to be different from at least 12.4, > which was the last production release I was running – I skipped 13.x. > > Is this somehow expected behavior? Or is there some weird corner case > being worked over here? > I don't think this is expected, but rather just an oversight. `calendar -a` should almost certainly setsid() after fork() to avoid setlogin(2) clobbering the session login name for the caller. diff --git a/usr.bin/calendar/calendar.c b/usr.bin/calendar/calendar.c index 7610ad034759..e07dee52403e 100644 --- a/usr.bin/calendar/calendar.c +++ b/usr.bin/calendar/calendar.c @@ -209,6 +209,7 @@ main(int argc, char *argv[]) if (pid == 0) { login_cap_t *lc; + setsid(); lc = login_getpwclass(pw); if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETALL) != 0)