/security/op on -current?

Randy Bush randy at psg.com
Sat Oct 16 13:32:33 PDT 2004 

> I think you missed my point :) It could be a pam interaction or some
> other dark magic, but you've not given much information upon which to
> base a guess.

sorry.  too much happening here to get it today.

% id
uid=106(robot) gid=10 groups=10

% ls -l /usr/home/robot/cr /var/dns/INC.cr
-rw-------  1 robot  staff  19951 Oct 16 05:31 /usr/home/robot/cr
-rw-r--r--  1 bind   bind   23087 Nov  5  2003 /var/dns/INC.cr

# cat /usr/local/etc/op.access
DEFAULT users=robot
dns.cr.cp /bin/cp $1 $2
          /bin/chmod 644 $2
          /usr/sbin/chown bind:bind $2

% ktrace op dns.cr.cp /usr/home/robot/cr /var/dns/INC.cr
line 1: cmd='DEFAULT' add opt 'users=robot'
line 2: cmd='dns.cr.cp' add arg '/bin/cp'
line 2: cmd='dns.cr.cp' add arg '$1'
line 2: cmd='dns.cr.cp' add arg '$2'
line 3: cmd='dns.cr.cp' add arg '/bin/chmod'
line 3: cmd='dns.cr.cp' add arg '644'
line 3: cmd='dns.cr.cp' add arg '$2'
line 4: cmd='dns.cr.cp' add arg '/usr/sbin/chown'
line 4: cmd='dns.cr.cp' add arg 'bind:bind'
line 4: cmd='dns.cr.cp' add arg '$2'
line 5: cmd='' add arg '/bin/cp'
line 5: cmd='' add arg '$1'
line 5: cmd='' add arg '$2'
line 5: cmd='' add arg '/bin/chmod'
line 5: cmd='' add arg '644'
line 5: cmd='' add arg '$2'
line 5: cmd='' add arg '/usr/sbin/chown'
line 5: cmd='' add arg 'bind:bind'
line 5: cmd='' add arg '$2'
line 5: cmd='' add opt 'users=robot'
Permission denied by op

% kdump
 99278 ktrace   RET   ktrace 0
 99278 ktrace   CALL  execve(0xbfbfe560,0xbfbfea8c,0xbfbfeaa0)
 99278 ktrace   NAMI  "/bin/op"
 99278 ktrace   RET   execve -1 errno 2 No such file or directory
 99278 ktrace   CALL  execve(0xbfbfe560,0xbfbfea8c,0xbfbfeaa0)
 99278 ktrace   NAMI  "/sbin/op"
 99278 ktrace   RET   execve -1 errno 2 No such file or directory
 99278 ktrace   CALL  execve(0xbfbfe560,0xbfbfea8c,0xbfbfeaa0)
 99278 ktrace   NAMI  "/usr/bin/op"
 99278 ktrace   RET   execve -1 errno 2 No such file or directory
 99278 ktrace   CALL  execve(0xbfbfe560,0xbfbfea8c,0xbfbfeaa0)
 99278 ktrace   NAMI  "/usr/sbin/op"
 99278 ktrace   RET   execve -1 errno 2 No such file or directory
 99278 ktrace   CALL  execve(0xbfbfe560,0xbfbfea8c,0xbfbfeaa0)
 99278 ktrace   NAMI  "/usr/X11R6/bin/op"
 99278 ktrace   RET   execve -1 errno 2 No such file or directory
 99278 ktrace   CALL  execve(0xbfbfe560,0xbfbfea8c,0xbfbfeaa0)
 99278 ktrace   NAMI  "/usr/local/bin/op"
 99278 ktrace   NAMI  "/libexec/ld-elf.so.1"

More information about the freebsd-current mailing list