news@datlog.co.uk (news service) (09/07/89)
Apologies if this has already been raised. After having worked on trying to get an ordinary (i.e. non super user, and non news account ) to write out using postnews I wonder what the secret is. Problem: Ordinary lackey wants to send news. Invokes postnews, and writes article. Postnews calls inews, which munges headers etc, and then calls relaynews. Relaynews fails because it will not change its operating id to news. Attempted solutions: Setting sid bit on relaynews. Setting up setnewsids with root priviledge, with sid bit set. Findings: Regardless of all changes, the call from inews to relaynews does not run relaynews as either news or root. Curiosities: relaynews run from the command line works ok (the user id is as expected) relaynews run from a shell script works ok (we had thought maybe the sid did not work when called from a shell script - but no, all hunky dory). BUT: running relaynews from within inews, which is also a shell script FAILS. Environment: Xenix (SCO 2.3.1) with the Bourne shell. Only one patch - others not seen yet. I am extremely curious about what is wrong - and will be more than delighted to learn what the problem is. Thanks in anticipation, Mike
henry@utzoo.uucp (Henry Spencer) (09/08/89)
In article <1989Sep7.121749.26502@datlog.co.uk> news@datlog.co.uk (news service) writes: >Relaynews fails because it will not change its operating id to news. Most probable reason is misconfiguration, notably that your $NEWSCTL/bin/config does not agree with the configuration parameters subst'ed into other files. Relaynews will renounce setuid privileges if it sees environment variables that do not agree with the ones it gets from the library configuration routines. (The environment variables override the library values, and this is very useful for testing, but security considerations make it unwise to retain setuid powers in this situation.) Note that one of our most recent patches added a comment to $NEWSCTL/bin/config to warn people that it is *not* a master configuration file, and changing things there and only there will *not* change them everywhere. -- V7 /bin/mail source: 554 lines.| Henry Spencer at U of Toronto Zoology 1989 X.400 specs: 2200+ pages. | uunet!attcan!utzoo!henry henry@zoo.toronto.edu