Re: Re:Re: utmps privilege

2023-06-24 Thread Alexis 



Hi Eric,

Unfortunately, re-sharing the contents of your initial email won't 
help: the issue isn't a transitory corruption, it's a combination 
of your email client sending HTML-only emails (i.e. emails that 
aren't simply plain text or that don't have a text/plain MIME 
part), and the fact that the HTML produced by your email client is 
appallingly bad. To get an idea of what it looks like (to at least 
Laurent and myself, and i'm pretty sure to a number of others as 
well):


   https://skarnet.org/lists/skaware/1848.html


Alexis.

Re:Re: utmps privilege

2023-06-24 Thread Eric 
Laurent:Thanksforyourreplyandpatience.Thefollowingistheoriginalpuretextmailjustforthereference.-originalmail-inthedocumentofAnoverviewofutmps,howtounderstandthestatement:Themainadvantage,ontheotherhand,isthatnoprogramneedstobesuidorsgid,andpermissionscanactuallybequitefine-grained.Hereismyobservation:afterusethefollowingcommandtosetmyapplicationtousethesamegroupwhichutmpsisrunning.%adduserideutmpIstillcantwritetotheutmpdatabase.Hereideismyaccountname.Theutmpsserviceisrunningwiththerecommendedopenrcscript.--environmentstartopenrc-ssh:~/develop/aprilsh/cmd$whoamiideopenrc-ssh:~/develop/aprilsh/cmd$iduid=1000(ide)gid=1000(develop)groups=406(utmp),1000(develop),1000(develop)--environmentendtheoutputoftopcommand,showthatutmpsdaemonisrunningastheutmpaccount.---topstartMem:4952892Kused,1132768Kfree,308464Kshrd,347760Kbuff,3436632KcachedCPU:0%usr0%sys0%nic100%idle0%io0%irq0%sirqLoadaverage:0.000.000.012/6499376PIDPPIDUSERSTATVSZ%VSZCPU%CPUCOMMAND286190rootS68240%20%sshd:root@pts/1293291ideS67480%00%sshd:ide@pts/2291190rootS65040%50%sshd:ide[priv]1901rootS64920%20%sshd:/usr/sbin/sshd[listener]0of10-100startups296293ideS17280%30%-ash288286rootS17240%00%-ash9376296ideR16240%40%top10rootS16120%40%/sbin/init2171utmpS10400%00%s6-ipcserverd--utmps-utmpd1541utmpS10400%50%s6-ipcserverd--utmps-wtmpdbtmp2451utmpS10400%00%s6-ipcserverd--utmps-wtmpdwtmp---topendOriginalFrom:LaurentBercotlt;ska-skaw...@skarnet.orggt;;Date:2023/6/251:53To:skawarelt;skaware@list.skarnet.orggt;;Subject:Re:utmpsprivilegePleaseavoidusingaHTMLclient,itlookslikeyourconverterisbuggyandgivingsomegarbledoutput(yourtopoutputisunreadable).Whatshappeningisthatutmps-utmpdonlychecksthevalueofthe*primary*gidoftheclient.Itdoesnotchecksupplementarygroups.Iagreethatitscounter-intuitive,andwillseeIcanfixthat.Thanksforthereport.--Laurent

Re: utmps privilege

2023-06-24 Thread Laurent Bercot 



 Please avoid using a HTML client, it looks like your converter is
buggy and giving some garbled output (your top output is unreadable).

 What's happening is that utmps-utmpd only checks the value of the
*primary* gid of the client. It does not check supplementary groups.
I agree that it's counter-intuitive, and will see I can fix that.
Thanks for the report.

--
 Laurent