is "groupmems" not being setgid worth a bugzilla report?

g geleem at bellsouth.net
Sun Feb 9 14:11:22 UTC 2014 

hi p.j.,

On 02/09/2014 03:27 AM, Robert P. J. Day wrote:
> On Sun, 9 Feb 2014, Ed Greshko wrote:
>
>> On 02/09/14 17:07, Robert P. J. Day wrote:
>>>    on my f20 system, perusing the account-related commands and ran
>>> across the "groupmems" command, whose man page reads:
>>>
>>> "SETUP
>>>         The groupmems executable should be in mode 2770 as user root and in group groups. The system administrator can
>>>         add users to group groups to allow or disallow them using the groupmems utility to manage their own group
>>>         membership list.
>>>
>>>                  $ groupadd -r groups
>>>                  $ chmod 2770 groupmems
>>>                  $ chown root.groups groupmems
>>>                  $ groupmems -g groups -a gk4"
>>>
>>>    currently, /usr/sbin/groupmems has the following properties:
>>>
>>> # ls -l /usr/sbin/groupmems
>>> -rwxr-x---. 1 root root 56960 Jul 26  2013 /usr/sbin/groupmems
>>> #
>>>
>>>    so how should i interpret the man page? should groupmems be setgid?
>>> or is the man page suggesting how the reader might set it to setgid
>>> for further customization? the way the man page is worded seems
>>> ambiguous.
>>
>> You should interpret the man page to say....  *If* you want to give
>> users the ability to administer their own group membership list then
>> follow the instructions in the "SETUP" section.
>>
>> By default, this feature is not enable, thus it is not released with
>> mode 2770 set.
>
>    i thought as much, which means that the man page is still
> confusingly worded and, IMHO, still merits a BZ report.
>
> pedantically yours,
> rday

if you want to be "technickly" correct, something else to consider
for your bz report:

   ]$ man groupmems
   ]$
   ]$ ls -l /usr/sbin/groupmems
   -rwxr-x---. 1 root root 49356 Dec  9  2011 /usr/sbin/groupmems*
   ]$
   ]$
   ]$ groupadd -r groups
   bash: /usr/sbin/groupadd: Permission denied
   ]$ su
   Password:
   ]#
   ]# groupadd -r groups
   ]# chmod 2770 groupmems
   chmod: cannot access `groupmems': No such file or directory
   ]# chmod 2770 /usr/sbin/groupmems
   ]# chown root:groups groupmems
   chown: cannot access `groupmems': No such file or directory
   ]# chown root:groups /usr/sbin/groupmems
   ]# groupmems -g groups -a gk4"
   > ^C
   ]#
   ]# ls -l /usr/sbin/groupmems
   -rwxrwx---. 1 root groups 49356 Dec  9  2011 /usr/sbin/groupmems
   ]#

note closely the 1st 9 lines and the last 7 lines.

so, _technickly_ the man page "groupmems" is *incorrect*. ;-)

-- 

peace out.

in a world with out fences, who needs gates.

tc.hago.

g
.

More information about the users mailing list