Re: su command problem
Thank you very much! I had checked the password file, but had been focused on the mysql account. I only just noticed that the root account was set to use /bin/csh for it's shell. When I changed it to /usr/local/bin/bash, suddenly everything started working. Thank you for your direction, I really appreciate it. Thank you to everybody who helped me on this. Insert huge sigh of relief here God Bless John --- Kevin Kinsey [EMAIL PROTECTED] wrote: John Public wrote: I'm apologize for being unclear. Let me try again. I have not modified the mysql-server.sh script in any way. The 'su -m mysql -c date' line is merely an example of what I used to see if 'su' is having a problem. All that line does is run the 'date' command as the mysql user. I used this for testing between the 5.3 system and the 5.2.1 system to see if there was a difference. Indeed there was a difference. On the 5.2.1 system the command ran 'date' w/o any problem and then returned control to the root shell, but on the 5.3 system, it su'ed me to the mysql account, but did not execute the 'date' command and stayed w/ the mysql account. This is how I have come to the conclusion that it has something to do w/ the su command or security relating to it, rather than the scripts which are used to run mysql or nagios. I guess I'm trying to determine if this is a bug in the 'su' command or if there is a security setting somewhere in 5.3 which changes the behavior of 'su'. Thanks again for your attention. John So, we need to check on a few things between the two systems; I'd start with the contents of /etc/passwd, which should be the same on both machines. FWIW, I can't reproduce the problem on 5.3 nor 4.11, as long as I'm running as root or using sudo. Running without privileges gives a Password prompt, as expected Kevin Kinsey __ Do you Yahoo!? Yahoo! Mail - Easier than ever with enhanced search. Learn more. http://info.mail.yahoo.com/mail_250 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: su command problem
On Tue, 29 Mar 2005 08:25:10 -0800 (PST), John Public [EMAIL PROTECTED] wrote: Thank you very much! I had checked the password file, but had been focused on the mysql account. I only just noticed that the root account was set to use /bin/csh for it's shell. When I changed it to /usr/local/bin/bash, suddenly everything started working. It's usually considered dangerous to change root's shell outside of 'sh' or 'csh'. You may end up with a broken shell if you need to drop to single user mode. -jw ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: su command problem
I am running into an issue using rc.conf to run applications at startup. Specifically, nagios, and mysql. When the system boots, it goes to a command prompt at the stage of the boot process when those applications would be run and then stops. If I exit out of the prompt, booting continues normally. I believe I have traced the problem to the su command which is used in the rc. In attempting to run the mysql w/ mysql_enable=YES in the rc.conf, it su's to the mysql account and is supposed to run a command and exit. It su's to mysql OK, but never runs the command and exits. I have attempted this manually and received the same results. hmmm. (going under the assumption that you installed from ports 4.1.x ?) There should be a startup script in /usr/local/etc/rc.d that launches mysql. Using the new style, it does check rc.conf to see if it should start, mode, etc. As far as the 'su' bit, the script itself doesn't do this. The mysql daemon has a 'user' switch that is used to start mysqld as a user other then root. Do you get the same behavior when you run the start-up script manually? -jw ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: su command problem
To whom it may concern: I am running into an issue using rc.conf to run applications at startup. Specifically, nagios, and mysql. When the system boots, it goes to a command prompt at the stage of the boot process when those applications would be run and then stops. If I exit out of the prompt, booting continues normally. Maybe it really traces to the fact that you should not run any command from rc.conf. It is not treated as a script. Rather, rc.conf is merely a list of variable settings that the startup scripts for various programs read up when they need it. If you want to run something at startup, put them in /usr/local/etc/rc.d give them a name ending in .sh and make them executable. Those scripts will be run in roughly 'sort' order. I believe I have traced the problem to the su command which is used in the rc. In attempting to run the mysql w/ mysql_enable=YES in the rc.conf, it su's to the mysql account and is supposed to run a command and exit. It su's to mysql OK, but never runs the command and exits. I have attempted this manually and received the same results. You don't want to run mysql in rc.conf, just do the setting of mysql_enable=YES in there and put something like mysql-server.sh in /usr/local/etc/rc.d In fact, the normal mysql install from ports puts the script there. You may have to change its permissions to make it executable. jerry This system is running FreeBSD 5.3. I have another system which uses FreeBSD 5.2.1 and doesn't have this problem. I'm not sure if this is a security fix that has been implemented in 5.3 or if the issue lies elsewhere. I have been able to implement a workaround to make them work by changing their startup scripts to not use su, but would like to resolve the issue. I have check the problem reports on the FreeBSD website and don't see anything that appears to be related. I have also google'd this and found nothing. I also didn't find anything in the manual. Any help would be greatly appreciated. Thanks in advance. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: su command problem
On Mon, 28 Mar 2005 11:03:23 -0800 (PST), John Public [EMAIL PROTECTED] wrote: Thanks for your quick reply. In answer to your query, NP yes, I installed mysql 4.1 from ports, and it works just fine if I start it using mysqld_safe. However, if I attempt to run it from /usr/local/etc/rc.d/mysql-server.sh, the same behavior occurs. My reasoning for thinking it is a problem w/ the su command is as follows: su -m mysql -c date first, I don't think the 'mysql' binary even has a '-c' option. If I'm following you here, you modify the default startup script (/usr/local/etc/rc.d/mysql-server.sh) to run `su -m mysql -c date`. Instead of the default (w/flags): /usr/local/bin/mysqld_safe --user=${mysql_user} --datadir=${mysql_dbdir} --bind-address=${bind_address} --pid-file=${pidfile} /dev/null why? When I got to digging around in the rc system while I was having the same problem w/ nagios, I discovered that it is using the su command. Hope this makes sense. Once again, thanks for your input and any further insight would be appreciated. I would take a look at the default mysql startup script and compare it to what you currently have in place. (/path/to/ports/database/mysql41-server/files/mysql-server.sh) -jw ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: su command problem
I'm apologize for being unclear. Let me try again. I have not modified the mysql-server.sh script in any way. The 'su -m mysql -c date' line is merely an example of what I used to see if 'su' is having a problem. All that line does is run the 'date' command as the mysql user. I used this for testing between the 5.3 system and the 5.2.1 system to see if there was a difference. Indeed there was a difference. On the 5.2.1 system the command ran 'date' w/o any problem and then returned control to the root shell, but on the 5.3 system, it su'ed me to the mysql account, but did not execute the 'date' command and stayed w/ the mysql account. This is how I have come to the conclusion that it has something to do w/ the su command or security relating to it, rather than the scripts which are used to run mysql or nagios. I guess I'm trying to determine if this is a bug in the 'su' command or if there is a security setting somewhere in 5.3 which changes the behavior of 'su'. Thanks again for your attention. John --- Jeff Wirth [EMAIL PROTECTED] wrote: On Mon, 28 Mar 2005 11:03:23 -0800 (PST), John Public [EMAIL PROTECTED] wrote: Thanks for your quick reply. In answer to your query, NP yes, I installed mysql 4.1 from ports, and it works just fine if I start it using mysqld_safe. However, if I attempt to run it from /usr/local/etc/rc.d/mysql-server.sh, the same behavior occurs. My reasoning for thinking it is a problem w/ the su command is as follows: su -m mysql -c date first, I don't think the 'mysql' binary even has a '-c' option. If I'm following you here, you modify the default startup script (/usr/local/etc/rc.d/mysql-server.sh) to run `su -m mysql -c date`. Instead of the default (w/flags): /usr/local/bin/mysqld_safe --user=${mysql_user} --datadir=${mysql_dbdir} --bind-address=${bind_address} --pid-file=${pidfile} /dev/null why? When I got to digging around in the rc system while I was having the same problem w/ nagios, I discovered that it is using the su command. Hope this makes sense. Once again, thanks for your input and any further insight would be appreciated. I would take a look at the default mysql startup script and compare it to what you currently have in place. (/path/to/ports/database/mysql41-server/files/mysql-server.sh) -jw __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: su command problem
John Public wrote: I'm apologize for being unclear. Let me try again. I have not modified the mysql-server.sh script in any way. The 'su -m mysql -c date' line is merely an example of what I used to see if 'su' is having a problem. All that line does is run the 'date' command as the mysql user. I used this for testing between the 5.3 system and the 5.2.1 system to see if there was a difference. Indeed there was a difference. On the 5.2.1 system the command ran 'date' w/o any problem and then returned control to the root shell, but on the 5.3 system, it su'ed me to the mysql account, but did not execute the 'date' command and stayed w/ the mysql account. This is how I have come to the conclusion that it has something to do w/ the su command or security relating to it, rather than the scripts which are used to run mysql or nagios. I guess I'm trying to determine if this is a bug in the 'su' command or if there is a security setting somewhere in 5.3 which changes the behavior of 'su'. Thanks again for your attention. John So, we need to check on a few things between the two systems; I'd start with the contents of /etc/passwd, which should be the same on both machines. FWIW, I can't reproduce the problem on 5.3 nor 4.11, as long as I'm running as root or using sudo. Running without privileges gives a Password prompt, as expected Kevin Kinsey ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]