Re: tmux - open terminal failed
On Sep 03 20:01:53, Nicholas Marriott wrote: This should work in -current. Yes it does. Older tmux, including 4.6, would need to reopen the tty device node which meant permissions would get in the way, in -current it uses imsg and passes the tty fd that has already been opened from the client up to the server so it doesn't need to care about file permissions. If you can't run -current, right now you should be able to build and use the -current tmux on 4.6 or 4.5 without problems (although this may not be the case in future). I cvs'ed up my src tree and just did a 'make clean ; make ; make install' in the usr.bin/tmux directory. What happens now is: ~$ id uid=1000(hans) gid=1000(hans) groups=1000(hans), 0(wheel), 5(operator) $ ls -l `tty` crw--w 1 hans tty5, 2 Sep 4 10:51 /dev/ttyp2 $ su - test Password: $ id uid=1001(test) gid=999(test) groups=999(test) $ ls -l `tty` crw--w 1 hans tty5, 2 Sep 4 10:51 /dev/ttyp2 $ tmux # starts $ ls -l `tty` # in tmux crw--w 1 test tty5, 4 Sep 4 10:51 /dev/ttyp4 Thanks! Jan On Thu, Sep 03, 2009 at 02:58:13PM +0200, Jan Stary wrote: While switching from screen to tmux and trying out things, I noticed that being su'd to another user (who does not own the terminal I am running in) I cannot start tmux: $ id uid=1000(hans) gid=1000(hans) groups=1000(hans), 0(wheel), 5(operator) $ su - test Password: $ id uid=1001(test) gid=999(test) groups=999(test) $ tmux open terminal failed: /dev/ttyp4: Permission denied $ ls -l `tty` crw--w 1 hans tty5, 4 Sep 3 14:41 /dev/ttyp4 This happens on both 4.5 (tmux package) and 4.6 (base tmux). (In fact, screen behaves the same in this respect.) Obviously, this doesn't apply when I am su root, which - luckilly - is the most common case of using tmux for me. But I believe the following is a pretty common situation: an admin is only allowed to log in remotely via his 'regular' user account (say, 'joe'). Once he's logged in, he su's to 'admin' (who is in wheel and all that), and does his thing. Now, what if the 'admin' work calls for tmux? 'admin' cannot run tmux, because his terminal is owned by joe:tty. Is this a problem? If so, what would be the most elegant way of allowing su'd users to run tmux? Thanks for your time Jan
tmux - open terminal failed
While switching from screen to tmux and trying out things, I noticed that being su'd to another user (who does not own the terminal I am running in) I cannot start tmux: $ id uid=1000(hans) gid=1000(hans) groups=1000(hans), 0(wheel), 5(operator) $ su - test Password: $ id uid=1001(test) gid=999(test) groups=999(test) $ tmux open terminal failed: /dev/ttyp4: Permission denied $ ls -l `tty` crw--w 1 hans tty5, 4 Sep 3 14:41 /dev/ttyp4 This happens on both 4.5 (tmux package) and 4.6 (base tmux). (In fact, screen behaves the same in this respect.) Obviously, this doesn't apply when I am su root, which - luckilly - is the most common case of using tmux for me. But I believe the following is a pretty common situation: an admin is only allowed to log in remotely via his 'regular' user account (say, 'joe'). Once he's logged in, he su's to 'admin' (who is in wheel and all that), and does his thing. Now, what if the 'admin' work calls for tmux? 'admin' cannot run tmux, because his terminal is owned by joe:tty. Is this a problem? If so, what would be the most elegant way of allowing su'd users to run tmux? Thanks for your time Jan
Re: tmux - open terminal failed
On Thu, Sep 03, 2009 at 02:58:13PM +0200, Jan Stary wrote: | While switching from screen to tmux and trying out things, | I noticed that being su'd to another user (who does not | own the terminal I am running in) I cannot start tmux: | | $ id | uid=1000(hans) gid=1000(hans) groups=1000(hans), 0(wheel), 5(operator) | | $ su - test | Password: | | $ id | uid=1001(test) gid=999(test) groups=999(test) | | $ tmux | open terminal failed: /dev/ttyp4: Permission denied | | $ ls -l `tty` | crw--w 1 hans tty5, 4 Sep 3 14:41 /dev/ttyp4 | | This happens on both 4.5 (tmux package) and 4.6 (base tmux). | (In fact, screen behaves the same in this respect.) | | Obviously, this doesn't apply when I am su root, which | - luckilly - is the most common case of using tmux for me. | But I believe the following is a pretty common situation: | an admin is only allowed to log in remotely via his 'regular' | user account (say, 'joe'). Once he's logged in, he su's to | 'admin' (who is in wheel and all that), and does his thing. | Now, what if the 'admin' work calls for tmux? 'admin' cannot | run tmux, because his terminal is owned by joe:tty. | | Is this a problem? If so, what would be the most elegant | way of allowing su'd users to run tmux? THIS IS BAD ADVISE, SECURITY-WISE chmod a+w `tty` # before you su, of course Please realize what this does before using it. Paul 'WEiRD' de Weerd -- [++-]+++.+++[---].+++[+ +++-].++[-]+.--.[-] http://www.weirdnet.nl/
Re: tmux - open terminal failed
admin can also start tmux and su to admin in his tmux session :-) Gilles On Thu, Sep 03, 2009 at 02:58:13PM +0200, Jan Stary wrote: While switching from screen to tmux and trying out things, I noticed that being su'd to another user (who does not own the terminal I am running in) I cannot start tmux: $ id uid=1000(hans) gid=1000(hans) groups=1000(hans), 0(wheel), 5(operator) $ su - test Password: $ id uid=1001(test) gid=999(test) groups=999(test) $ tmux open terminal failed: /dev/ttyp4: Permission denied $ ls -l `tty` crw--w 1 hans tty5, 4 Sep 3 14:41 /dev/ttyp4 This happens on both 4.5 (tmux package) and 4.6 (base tmux). (In fact, screen behaves the same in this respect.) Obviously, this doesn't apply when I am su root, which - luckilly - is the most common case of using tmux for me. But I believe the following is a pretty common situation: an admin is only allowed to log in remotely via his 'regular' user account (say, 'joe'). Once he's logged in, he su's to 'admin' (who is in wheel and all that), and does his thing. Now, what if the 'admin' work calls for tmux? 'admin' cannot run tmux, because his terminal is owned by joe:tty. Is this a problem? If so, what would be the most elegant way of allowing su'd users to run tmux? Thanks for your time Jan -- Gilles Chehade freelance developer/sysadmin/consultant http://www.poolp.org
Re: tmux - open terminal failed
Hi This should work in -current. Older tmux, including 4.6, would need to reopen the tty device node which meant permissions would get in the way, in -current it uses imsg and passes the tty fd that has already been opened from the client up to the server so it doesn't need to care about file permissions. If you can't run -current, right now you should be able to build and use the -current tmux on 4.6 or 4.5 without problems (although this may not be the case in future). On Thu, Sep 03, 2009 at 02:58:13PM +0200, Jan Stary wrote: While switching from screen to tmux and trying out things, I noticed that being su'd to another user (who does not own the terminal I am running in) I cannot start tmux: $ id uid=1000(hans) gid=1000(hans) groups=1000(hans), 0(wheel), 5(operator) $ su - test Password: $ id uid=1001(test) gid=999(test) groups=999(test) $ tmux open terminal failed: /dev/ttyp4: Permission denied $ ls -l `tty` crw--w 1 hans tty5, 4 Sep 3 14:41 /dev/ttyp4 This happens on both 4.5 (tmux package) and 4.6 (base tmux). (In fact, screen behaves the same in this respect.) Obviously, this doesn't apply when I am su root, which - luckilly - is the most common case of using tmux for me. But I believe the following is a pretty common situation: an admin is only allowed to log in remotely via his 'regular' user account (say, 'joe'). Once he's logged in, he su's to 'admin' (who is in wheel and all that), and does his thing. Now, what if the 'admin' work calls for tmux? 'admin' cannot run tmux, because his terminal is owned by joe:tty. Is this a problem? If so, what would be the most elegant way of allowing su'd users to run tmux? Thanks for your time Jan