rcbc@cs.cornell.edu (Robert Cooper) (09/12/90)
When running the twenty questions demo on some Sun systems "twenty"
may fail with the following error:
ISIS: unable to exec <twenty>: setgid(-2)Invalid argument
This happens if the isis "rexec" utility is running as root, and
you issue an "isis_rexec" call with a username of "nobody" (or a
null username). This is what the twenty questions demo does.
Under these circumstances the "rexec" utility tries to start up the
job under the username "nobody". Now rexec does this by calling
setgid and setuid giving as ids the values obtained from the passwd
database (i.e. /etc/passwd and/or yp). However the /etc/passwd supplied
by Sun gives -2 as the uid and gid for "nobody". These are *illegal*
when supplied to setgid from what I've been able to tell. They
are fixing this in the "next release".
Obviously we're not going to let "rexec" run a job as "root" that
was supposed to be run as "nobody"!
The workarounds include:
o run rexec as something other than "root", e.g. some special "isis"
userid. This means that jobs it starts up will run under that userid.
Note that regardless of this problem your system administrator may
take a dim view of running a piece of software off the net like "isis"
as root anyway.
o "fix" the /etc/passwd entry for "nobody" giving user and group ids
that are reasonable such as 999 or whatever.
o "fix" your copy of the twenty questions demo to supply a legitimate userid
and passwd.
-- Robert Cooper