Skip Menu |

This queue is for tickets about the Passwd-Unix-Alt CPAN distribution.

Report information
The Basics
Id: 75957
Status: resolved
Priority: 0/
Queue: Passwd-Unix-Alt
People
Owner: Nobody in particular
Requestors: christian.kuelker [...] cipworx.org
Cc:
AdminCc:
Bug Information
Severity: Normal
Broken in: 0.5207
Fixed in: (no value)

History Show all quoted text
  Wed Mar 21 18:57:19 2012 christian.kuelker [...] cipworx.org - Ticket created
Subject: wrong warning for non root users
If the module is used as root no warning occur: root@o:/tmp/Passwd-Unix-Alt-0.5207# perl -e 'use lib "lib"; use Passwd::Unix::Alt; my $p=Passwd::Unix::Alt->new;' root@o:/tmp/Passwd-Unix-Alt-0.5207# As non root user you get on the same system perl -e 'use lib "lib"; use Passwd::Unix::Alt; my $p=Passwd::Unix::Alt->new;' Your ENVIRONMENT IS INSANE! Users in files "/etc/passwd" and "/etc/shadow" are different!!! only in passwd: root, daemon, bin, sys, [.. some names omitted ..] I'll continue, but it is YOUR RISK! You'll probably go into BIG troubles! at -e line 1 That seems a little strong and wrong. My environment is not insane. In reality /etc/passwd and /etc/shadow are matching. My guess: of course a non-root user can not see shadow and the compare algorithm counts that as not existent. Suggestion: a readability test and a message like "WARNING: You are using /etc/passwd and /etc/shadow as non-root user, and you have no read access to /etc/shadow. The integrity can not be ensured. Using this software for above specifed files as non-root user is most probably not what you want. You may consider different files, changing the access rights or use this software as root." Or something like this. HTH Christian
  Wed Mar 21 20:53:58 2012 sharyanto [...] cpan.org - Correspondence added
Thanks. I added a check for file readability (-r) so non-root user will see this instead: File not readable: /etc/shadow at -e line 2 Hope that's a bit better. Released v0.5208. Regards, Steven On Wed Mar 21 18:57:19 2012, ckuelker wrote: Show quoted text
> If the module is used as root no warning occur: > > root@o:/tmp/Passwd-Unix-Alt-0.5207# perl -e 'use lib "lib"; use > Passwd::Unix::Alt; my $p=Passwd::Unix::Alt->new;' > root@o:/tmp/Passwd-Unix-Alt-0.5207# > > As non root user you get on the same system > > perl -e 'use lib "lib"; use Passwd::Unix::Alt; my > $p=Passwd::Unix::Alt->new;' > Your ENVIRONMENT IS INSANE! Users in files "/etc/passwd" and > "/etc/shadow" are different!!! > > only in passwd: root, daemon, bin, sys, [.. some names omitted ..] > > I'll continue, but it is YOUR RISK! You'll probably go into BIG
troubles! Show quoted text
> > at -e line 1 > > That seems a little strong and wrong. My environment is not insane. > In reality /etc/passwd and /etc/shadow are matching. > My guess: of course a non-root user can not see > shadow and the compare algorithm counts that as not existent. > > Suggestion: a readability test and a message like > > "WARNING: You are using /etc/passwd and /etc/shadow as non-root user, > and you have no read access to /etc/shadow. The integrity can not > be ensured. Using this software for above specifed files as non-root > user is most probably not what you want. You may consider different > files, changing the access rights or use this software as root." > > Or something like this. > > HTH > Christian > > > > > >
  Wed Mar 21 20:53:58 2012 The RT System itself - Status changed from 'new' to 'open'
  Wed Mar 21 20:53:59 2012 sharyanto [...] cpan.org - Status changed from 'open' to 'resolved'
  Wed Mar 21 21:00:35 2012 sharyanto [...] cpan.org - Correspondence added
On second thought, a more verbose message like the one you suggested could be more helpful. So it's now: File not readable: /etc/shadow. You are trying to access passwd and/or shadow file from /etc/; either use other files or re-run the program as root. The second sentence only shows when running as non-root and trying to access files from /etc. Regards, Steven On Wed Mar 21 20:53:58 2012, SHARYANTO wrote: Show quoted text
> Thanks. I added a check for file readability (-r) so non-root user
will Show quoted text
> see this instead: > > File not readable: /etc/shadow at -e line 2 > > Hope that's a bit better. > > Released v0.5208. > > Regards, > Steven
  Wed Mar 21 21:00:36 2012 The RT System itself - Status changed from 'resolved' to 'open'
  Wed Mar 21 21:03:32 2012 sharyanto [...] cpan.org - Status changed from 'open' to 'resolved'