Emacs port installs files with a non-root owner
in [FreeBSD]
|
Prev: MPT Timeouts on FreeBSD 8.0 VM
Next: NYC LOCAL: Tuesday 11 May 2010 Lisp NYC Meet and NYLUG Hack Meet
From: Giorgos Keramidas on 9 May 2010 17:46 On Sun, 09 May 2010 12:12:08 +0200, Fr�d�ric Perrin <fred(a)resel.fr> wrote: > Hello, > > I just noticed that the emacs port (editors/emacs-nox11) installs > files with a non-root owner : > > root(a)perso:/usr/local/share/emacs/23.1# ls -l > total 24 > drwxr-xr-x 10 fred wheel 1536 9 mai 11:52 etc/ > drwxr-xr-x 4 fred wheel 512 9 mai 11:53 leim/ > drwxr-xr-x 22 fred wheel 14336 9 mai 11:52 lisp/ > drwxr-xr-x 2 root wheel 512 9 mai 11:53 site-lisp/ > drwxr-xr-x 2 root wheel 3584 9 mai 11:53 src/ > > (in addition, the contents of those dirs are also owned by `fred') > > This is happening in a jail ; I ssh in under the `fred' account and > then `su -l toor' (toor is an account with $SHELL=zsh). This is a problem that I've seen reported with shells that don't override USER. Can you check after 'su -l' whether LOGNAME and USER match and are set? The Makefiles of Emacs run "chown $${installuser}" and this is set by trying to check the numeric id of the following: set_installuser=for installuser in $${LOGNAME} $${USERNAME} $${USER} \ `id -un 2> /dev/null`; do \ [ -n "$${installuser}" ] && break ; \ done So LOGNAME overrides USERNAME, and USERNAME overrides USER.
From: Frédéric Perrin on 9 May 2010 18:10 Giorgos Keramidas <keramida(a)ceid.upatras.gr> writes: > On Sun, 09 May 2010 12:12:08 +0200, Frédéric Perrin <fred(a)resel.fr> wrote: >> I just noticed that the emacs port (editors/emacs-nox11) installs >> files with a non-root owner : >> >> root(a)perso:/usr/local/share/emacs/23.1# ls -l >> total 24 >> drwxr-xr-x 10 fred wheel 1536 9 mai 11:52 etc/ >> >> This is happening in a jail ; I ssh in under the `fred' account and >> then `su -l toor' (toor is an account with $SHELL=zsh). > > This is a problem that I've seen reported with shells that don't > override USER. Can you check after 'su -l' whether LOGNAME and USER > match and are set? perso:~% echo $SHELL - $USER - $USERNAME - $LOGNAME /usr/local/bin/zsh - fred - fred - fred perso:~% su -l toor Password: root(a)perso:~# echo $SHELL - $USER - $USERNAME - $LOGNAME /usr/local/bin/zsh - toor - root - fred root(a)perso:~# logout ^^^^^^^^^ toor is the user I use for administrative purposes perso:~% su -l root Password: # echo $SHELL - $USER - $USERNAME - $LOGNAME /bin/sh - root - - > The Makefiles of Emacs run "chown $${installuser}" and this is set > by trying to check the numeric id of the following: > > So LOGNAME overrides USERNAME, and USERNAME overrides USER. I'm not sure I follow the reasonning behind this order of precedence. Why would my "real" user be used over the user to which I su(8)ed to before the installation? Or is it my $SHELL not setting $LOGNAME as it should? -- Fred
From: Giorgos Keramidas on 9 May 2010 21:05 On Mon, 10 May 2010 00:10:43 +0200, Fr�d�ric Perrin <fred(a)resel.fr> wrote: > Giorgos Keramidas <keramida(a)ceid.upatras.gr> writes: >> On Sun, 09 May 2010 12:12:08 +0200, Fr�d�ric Perrin <fred(a)resel.fr> wrote: >>> I just noticed that the emacs port (editors/emacs-nox11) installs >>> files with a non-root owner : >>> >>> root(a)perso:/usr/local/share/emacs/23.1# ls -l >>> total 24 >>> drwxr-xr-x 10 fred wheel 1536 9 mai 11:52 etc/ >>> >>> This is happening in a jail ; I ssh in under the `fred' account and >>> then `su -l toor' (toor is an account with $SHELL=zsh). >> >> This is a problem that I've seen reported with shells that don't >> override USER. Can you check after 'su -l' whether LOGNAME and USER >> match and are set? > > perso:~% echo $SHELL - $USER - $USERNAME - $LOGNAME > /usr/local/bin/zsh - fred - fred - fred > perso:~% su -l toor > Password: > root(a)perso:~# echo $SHELL - $USER - $USERNAME - $LOGNAME > /usr/local/bin/zsh - toor - root - fred > root(a)perso:~# logout > > ^^^^^^^^^ toor is the user I use for administrative purposes > > perso:~% su -l root > Password: > # echo $SHELL - $USER - $USERNAME - $LOGNAME > /bin/sh - root - - > >> The Makefiles of Emacs run "chown $${installuser}" and this is set >> by trying to check the numeric id of the following: >> >> So LOGNAME overrides USERNAME, and USERNAME overrides USER. > > I'm not sure I follow the reasonning behind this order of precedence. > Why would my "real" user be used over the user to which I su(8)ed to > before the installation? Or is it my $SHELL not setting $LOGNAME as > it should? zsh used to handle LOGNAME specially, but there are patches floating around that disable this special behavior. See e.g. http://www.zsh.org/mla/workers/1995/msg00267.html The current behavior of zsh for login shells is to change LOGNAME to the login name of the current login session. Can you try another small experiment for me? fred$ su - Password: *** root# exec env SHELL=/usr/local/bin/zsh zsh -l root(zsh)$ echo $SHELL - $USER - $USERNAME - $LOGNAME This should run zsh as a *login* shell from a root login session. I am not sure if the environment will have a correct LOGNAME in this case, but it may be useful to know. If this doesn't work correctly, we may have to talk with the upstream developers and see if something that checks the numeric ID of the current user is a better solution to the install user shell code.
From: Frédéric Perrin on 10 May 2010 03:22 Giorgos Keramidas <keramida(a)ceid.upatras.gr> writes: > On Mon, 10 May 2010 00:10:43 +0200, Frédéric Perrin <fred(a)resel.fr> wrote: >> Giorgos Keramidas <keramida(a)ceid.upatras.gr> writes: >>> The Makefiles of Emacs run "chown $${installuser}" and this is set >>> by trying to check the numeric id of the following: >>> >>> So LOGNAME overrides USERNAME, and USERNAME overrides USER. >> >> I'm not sure I follow the reasonning behind this order of >> precedence. Why would my "real" user be used over the user to which >> I su(8)ed to before the installation? Or is it my $SHELL not >> setting $LOGNAME as it should? > > zsh used to handle LOGNAME specially, but there are patches floating > around that disable this special behavior. See e.g. > > http://www.zsh.org/mla/workers/1995/msg00267.html From this thread (and the other one started just before, 'logname in zsh-2.6b9', handling LOGNAME doesn't seem so trivial after all... > The current behavior of zsh for login shells is to change LOGNAME to > the login name of the current login session. Can you try another > small experiment for me? > > fred$ su - > Password: *** > root# exec env SHELL=/usr/local/bin/zsh zsh -l > root(zsh)$ echo $SHELL - $USER - $USERNAME - $LOGNAME > > This should run zsh as a *login* shell from a root login session. I > am not sure if the environment will have a correct LOGNAME in this > case, but it may be useful to know. fred(a)perso:~% su - toor <-- used again toor Password: root(a)perso:~# exec env SHELL=/usr/local/bin/zsh zsh -l root(a)perso:~# echo $SHELL - $USER - $USERNAME - $LOGNAME /usr/local/bin/zsh - toor - root - fred root(a)perso:~# /usr/bin/login -f toor Last login: Sun May 2 13:33:22 on pts/3 Copyright (c) 1992-2009 The FreeBSD Project. [... snip ...] root(a)perso:~# echo $SHELL - $USER - $USERNAME - $LOGNAME /usr/local/bin/zsh - toor - root - toor > If this doesn't work correctly, we may have to talk with the > upstream developers and see if something that checks the numeric ID > of the current user is a better solution to the install user shell > code. What about using $(whoami) ? -- Fred
From: Giorgos Keramidas on 13 May 2010 18:27
On Mon, 10 May 2010 09:22:46 +0200, Fr�d�ric Perrin <fred(a)resel.fr> wrote: >> zsh used to handle LOGNAME specially, but there are patches floating >> around that disable this special behavior. See e.g. >> >> http://www.zsh.org/mla/workers/1995/msg00267.html > > From this thread (and the other one started just before, 'logname in > zsh-2.6b9', handling LOGNAME doesn't seem so trivial after all... > >> The current behavior of zsh for login shells is to change LOGNAME to >> the login name of the current login session. Can you try another >> small experiment for me? >> >> fred$ su - >> Password: *** >> root# exec env SHELL=/usr/local/bin/zsh zsh -l >> root(zsh)$ echo $SHELL - $USER - $USERNAME - $LOGNAME >> >> This should run zsh as a *login* shell from a root login session. I >> am not sure if the environment will have a correct LOGNAME in this >> case, but it may be useful to know. > > fred(a)perso:~% su - toor <-- used again toor > Password: > root(a)perso:~# exec env SHELL=/usr/local/bin/zsh zsh -l > root(a)perso:~# echo $SHELL - $USER - $USERNAME - $LOGNAME > /usr/local/bin/zsh - toor - root - fred > root(a)perso:~# /usr/bin/login -f toor > Last login: Sun May 2 13:33:22 on pts/3 > Copyright (c) 1992-2009 The FreeBSD Project. > [... snip ...] > root(a)perso:~# echo $SHELL - $USER - $USERNAME - $LOGNAME > /usr/local/bin/zsh - toor - root - toor Hi Fr�d�ric, Hmmm, that's... "interesting" to say the least. I didn't realize zsh is behind all the install user oddities. I haven't used it as my shell for more than a decade now, and without all the tests you ran I'd probably _never_ guess at why/how this bug appears. >> If this doesn't work correctly, we may have to talk with the >> upstream developers and see if something that checks the numeric ID >> of the current user is a better solution to the install user shell >> code. > > What about using $(whoami) ? This may be good as a FreeBSD specific patch. I don't know if it makes sense as an upstream patch, since Emacs runs under many shells on many different UNIX-like systems. But I'll have a chat with the emacs-devel folks and we'll see. In the meantime, can you try adding this patch in your port's files/ subdir, e.g. as a filename called "patch-zz-installuser"? Then rebuild the port, reinstall it and let me know if it works better? %%% --- Makefile.in.orig 2010-05-14 01:23:12.000000000 +0300 +++ Makefile.in 2010-05-14 01:23:28.000000000 +0300 @@ -431,7 +431,7 @@ ## http://lists.gnu.org/archive/html/emacs-devel/2007-10/msg01672.html ## Needs to be the user running install, so configure can't set it. -set_installuser=for installuser in $${LOGNAME} $${USERNAME} $${USER} \ +set_installuser=for installuser in `whoami` $${LOGNAME} $${USERNAME} $${USER} \ `id -un 2> /dev/null`; do \ [ -n "$${installuser}" ] && break ; \ done --- leim/Makefile.in.orig 2010-05-14 01:23:12.000000000 +0300 +++ leim/Makefile.in 2010-05-14 01:23:42.000000000 +0300 @@ -255,7 +255,7 @@ done) \ else true; fi -chmod -R a+r ${INSTALLDIR} - for installuser in $${LOGNAME} $${USERNAME} $${USER} \ + for installuser in `whoami` $${LOGNAME} $${USERNAME} $${USER} \ `id -un 2> /dev/null`; do \ [ -n "$${installuser}" ] && break ; \ done ; \ %%% If my news server corrupts the TAB characters in this patch, an online copy is also available at: http://people.freebsd.org/~keramida/emacs.patch-zz-installuser.diff Thanks for all the helpful tests. We'll fix this now that we know why and how it's caused! - Giorgos |