[OpenAFS-devel] Re: [OpenAFS] pagsh and big uid with linux

Derek Atkins openafs-info@openafs.org
01 Feb 2002 10:18:41 -0500 

This is normal behavior for AFS.  It has always done this.

-derek

PS: Why do you have so many groups?  Perhaps if you move to AFS
then you can move all your "groups" into AFS groups and then
you can remove them from /etc/group?

-derek

Balazs GAL <balsa@vectra.startv.hu> writes:

> 2002-02-01, F Derek Atkins wrote:
> 
> Hi !
> 
> > In all my years of using AFS I have NEVER seen these be 'real' groups.
> 
> The groups are in the /etc/group file before i call
> setpag().
> 
> I can read and write files. Only I can't unlink files.
> 
> > Sure, you can shoot yourself in the foot by trying to force the issue,
> > but why?
> > 
> > There is a saying in the US: A patient goes to the Doctor and says,
> > "Doctor, Doctor, it hurts when I do this."  The Doctor responds, "Don't
> > do that."
> 
> This was not only an ugly demo. I really have group id-s in this range.
> 
> But this is only test:
> 
> www:/etc# grep test8 /etc/group
> test8:x:44302:
> www:/etc# echo "This IS the big secret" > /etc/big_secret
> www:/etc# chown root:test8 /etc/big_secret
> www:/etc# chmod 660 /etc/big_secret
> www:/etc# ls -al /etc/big_secret
> -rw-rw----    1 root     test8          23 Feb  1 10:26 /etc/big_secret
> www:/etc# su balsa
> balsa@www:/etc$ id
> uid=60004(balsa) gid=100(users)
> ,100(users),102(doksi),1015(ftpssl),1022(tanszek)
> balsa@www:/etc$ pagsh
> balsa@www:/etc$ id
> uid=60004(balsa) gid=100(users)
> groups=33892,44302(test8),100(users),102(doksi),1015(ftpssl),1022(tanszek)
> balsa@www:/etc$ cat /etc/big_secret
> This IS the big secret
> balsa@www:/etc$ cat >> /etc/big_secret
> This WAS the big secret
> ^D
> balsa@www:/etc$ cat /etc/big_secret
> This IS the big secret
> This WAS the big secret
> balsa@www:/etc$ exit
> balsa@www:/etc$ exit
> www:/etc# ls -al /etc/big_secret
> -rw-rw----    1 root     test8          47 Feb  1 10:28 /etc/big_secret
> www:/etc# ls -al /
> total 100
> drwxr-xr-x   20 root     root         4096 Dec  4 19:09 .
> drwxr-xr-x   20 root     root         4096 Dec  4 19:09 ..
> [...]
> drwxr-xr-x   57 root     root         4096 Feb  1 10:26 etc
> [...]
> www:/etc#
> 
> 
> This is not a joke.
> I don't belive it that this is normal.
> 
> balsa
> 
> 

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available