ING_Disclaimer.txtDescription: Text document
|
| From: | VAN HOOSTE, Wim |
| Subject: | sh-utils 2.0, id command, parameter -r returns unexpected user (e ffective instead of real) |
| Date: | Thu, 13 Mar 2003 10:55:56 +0100 |
Hi,
We, ING Insurances - a Belgian insurance company, opened a call at IBM for a
problem with the id-command. The problem seemed to go beyond the AIX OS and
also affects GNU sh-utils 2.0.
Here you find a copy of the pmr we opend at IBM, i don't realy care abouth the
fact there is critical info in here or not but please do not make it readable
for the whole world.
appreciating the feedback,
W. Van Hooste.
PMR 56251
"id" command, incorrect return for real uid
Status Open
Contact Name AIX ING Insurance
Contact Phone Number +32 32446899
Alternate Phone Number +32 32444126
Last Updated 03/03/13
Severity 4
Created 03/03/07
Branch 300
Country/Region 624
Customer Number 0817003
APAR Number _______
PMR Contents:
-ROBO ITSSWG5 ROB-FORMAT 1654-L25L/-------P3S3-03/03/07-15:39--FA
*** FA1654 *********** /ITSSWG/**** v6 ***** Cust FE information *****
Cust willing to work with BO/BE in English? _ phone _ elect _ email _
International dialling No. __________________________ TimeZone ______
Cust email: _________________________________________________________
FO email/XMIT __________________________________ FO keyword _________
Non-defect Support? _ P/B to FO Q: ______,___ P/B to FE Q: ______,___
+AIXSERV - -L22H/WFEAIX-P4S4-03/03/07-12:59--CE
*** RS/6000 SUPPORT LINE ENTITLED R1S2S3L4
*** Electronic creation by customer devader
*** Please contact customer by EMAIL
***
*** Fax Number: +32 32446709
***
Problem Details
E-Mail: address@hidden
.
Abstract:
"id" command, incorrect return for real uid
.
System Model: rs/6000
Operating System: AIX 5L
Product Group: System Administration (backups, security, cron, auditing
)
.
Environment:
AIX 5100-02, bos.rte.security 5.1.0.37 A F Base
Security Function
AIX 4330-09, bos.rte.security 4.3.3.75 A Base
Security Function
.
Problem:
the id command shuold be able (see man page) to return the real UID
instead of the effective UID. I log on using user wva0331 do a su
to root:
$id
uid=308(wva0331) gid=0(system) groups=1(staff),2(bin),3(sys),4
(adm),8(cron),9(printq)
address@hidden [/home/wva0331] su -
root's Password:
address@hidden /var/root # id
uid=0(root) gid=0(system) groups=1(staff),205(thalere),2003
(thopxx),500(dbprgadm),501(dbtstadm),502(dbexpadm),503(dbdbaadm),206
(db2asgrp),506(dbpudadm)
When i execute the following commands, as root, i get the same
result (that is not what should happen):
$id -u -n
root
# here i expect root - so thats oke.
$id -u -nr
root
# here i expect wva0331 - so thats NOT oke.
-r Specifies that the id command write the real ID instead of the
effective ID. This flag can be invoked with either the -g flag to
write the real group ID, or the -u flag to write the real user ID.
--end cut--
-VANDECASTEELE, F -5765E6100 -L22H/WFEAIX-P3S3-03/03/07-15:26--CR
Env. : AIX 4.3.3 or 5.1
Desc. : question about the -r option for the id command.
-r should give the real user, and not the effective. What does it mean,
since using -r or not gives always the same result.
.
Action : tested here :indeed, output is always the same.
login with user fvdc.
#id -un
fvdc
#id -unr
fvdc
#su -
root's password
#id -un
root
#id -unr
root
.
==> shouldn't it give fvdc here ?
.
Hello BO,
.
could you please clarify the role of this -r option.
The document specify that it should show the real user.
.
I didn't found any hits on this (behalve a document asking to add a -l
option, similar to the -r).
.
Thanks,
Frederic
-VOCI , GEA -5765E6100 -L289/EBEAIX-P3S3-03/03/07-15:31--CT
NO CONTACT IS REQUIRED
-VOCI , GEA -5765E6100 -L289/EBEAIX-P3S3-03/03/07-15:31--CR
Moving to working directory.
Gea
-VOCI , GEA -5765E6100 -L289/EBWAIX-P3S3-03/03/11-15:29--CR
Hello,
.
can you give a final statement on the above problem description, I did
the same test on AIX and also on other vendor UNIX and the behaviour is
the same.
Is id working as designed or not ?
Let me know if you need more infos.
Thanks,
ciao,
Gea Voci PB=EBEAIX,165
-RAMAGIRI, VANI -5765E6100 -L165/VANI -P3S3-03/03/12-04:40--CR
ACTION TAKEN:
Investigating the issue with the -r flag of id command.
ACTION PLAN:
Will update the pmr with the results of my research.
-RAMAGIRI, VANI -5765E6100 -L165/VANI -P3S3-03/03/12-17:29--CR
ACTION TAKEN:
There seems to be a problem with the id command that it doesn't behave
the way it is documented.
....The id command writes the following information, when applicable:
o User name and real user ID
o Name of the user's group and real group ID
.....
.....
I am logged in as root and then su to user 'vani'.
# su vani
$
The real user id is root and the effective user id is 'vani'. But it
doesn't output the real user id as documented.
$ id
uid=212(vani) gid=1(staff)
>From the man page: ...If the effective and real IDs for the invoking use
r are different, the id command writes the following effective ID inform
ation, when applicable:
o Effective user name and effective user ID
o Name of effective user's group and effective group ID
$ id -nu <-- you would expect this to give you the effective user name
vani <--- it does.
$ id -nur <--- You would expect this to give you the real user name,
here the root
vani <--- it still outputs the effective user name
>From the manpage: ...-r Specifies that the id command write the real ID
instead of the effective ID.
.
ACTION PLAN:
Over to the cmddev,165 queue for further analysis.
-SUBRAMANIAM, M. -5765E6100 -L165/CMDDEV-P3S3-03/03/12-18:04--CR
ACTION TAKEN: Over to Girish for further analysis.
pbq:msubbu,165 email:address@hidden ph:512-838-8256 t/l:678-8256
+AIXSERV - -L165/GIRISH-P4S4-03/03/13-09:45-SCE
*** Electronic update by customer
*** SEVERITY HAS CHANGED
***
Additional Information:
Sorry, forgot to change the severety when i created this pmr.
just to be sure extra info as requested on top of this pmr...
Cust willing to work with BO/BE in English? yes
Cust. email address@hidden
International dialling No. +32 3 244 68 99
TimeZone GMT+1
btw.
"VOCI , GEA ... the same test on AIX and also on other vendor UNIX
and the behaviour is the same..."
I can confirm this for GNU sh-utils 2.0
Kind regards, W. Van Hooste
System Engineer Unix
ING Insurance - IT - IM - SE
Tel: +32 3 244 68 99
E-mail : address@hidden
Address : ING Insurance - Desguillei 92 B-2018 Antwerpen
ING_Disclaimer.txt
Description: Text document
| [Prev in Thread] | Current Thread | [Next in Thread] |