More PATH fallout. Who decided this was a good idea?
Callum Lerwick
seg at haxxed.com
Fri Dec 5 23:27:01 UTC 2008
So, I spent 10 minutes trying to figure out why "userm[tab]" only came
up with usermount. usermod had disappeared from my system! I eventually
figured out that it and all the other account tools have been changed to
mode 750, inaccessible to normal users.
$ ls -l /sbin/ /usr/sbin/|grep \\---
-rwxr-x--- 1 root root 97000 2008-11-05 14:58 audispd
-rwxr-x--- 1 root root 121056 2008-11-05 14:58 auditctl
-rwxr-x--- 1 root root 175416 2008-11-05 14:58 auditd
-rwxr-x--- 1 root root 98496 2008-11-05 14:58 autrace
-rwxr-x--- 1 root root 145472 2008-09-11 23:23 dhcp6c
-rwx------ 1 root root 29664 2008-09-23 09:12 unix_update
-rwxr-x--- 1 root root 23192 2008-11-11 07:59 acpid
-rwx------ 1 root root 648560 2008-11-13 17:23 build-locale-archive
-rwx------ 1 root root 564524 2008-11-13 17:41 glibc_post_upgrade.i686
-rwx------ 1 root root 615608 2008-11-13 17:23 glibc_post_upgrade.x86_64
-rwxr-x--- 1 root root 47704 2008-09-24 08:38 groupadd
-rwxr-x--- 1 root root 38832 2008-09-24 08:38 groupdel
-rwxr-x--- 1 root root 33888 2008-09-24 08:38 groupmems
-rwxr-x--- 1 root root 47608 2008-09-24 08:38 groupmod
-rwsr-x--- 1 root gnokii 10384 2008-10-06 02:50 mgnokiidev
-rwx------ 1 root root 615768 2008-08-28 01:11 redhat_lsb_trigger.x86_64
-rwx------ 1 root root 5512 2008-11-13 17:23 tzdata-update
-rwxr-x--- 1 root root 83864 2008-09-24 08:38 useradd
-rwxr-x--- 1 root root 56528 2008-09-24 08:38 userdel
-rwxr-x--- 1 root root 82296 2008-09-24 08:38 usermod
$ /usr/sbin/usermod
bash: /usr/sbin/usermod: Permission denied
$ sudo /usr/sbin/usermod
Usage: usermod [options] LOGIN
Options:
-c, --comment COMMENT new value of the GECOS field
-d, --home HOME_DIR new home directory for the user account
-e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
-f, --inactive INACTIVE set password inactive after expiration
to INACTIVE
-g, --gid GROUP force use GROUP as new primary group
-G, --groups GROUPS new list of supplementary GROUPS
-a, --append append the user to the supplemental GROUPS
mentioned by the -G option without removing
him/her from other groups
-h, --help display this help message and exit
-l, --login NEW_LOGIN new value of the login name
-L, --lock lock the user account
-m, --move-home move contents of the home directory to the
new location (use only with -d)
-o, --non-unique allow using duplicate (non-unique) UID
-p, --password PASSWORD use encrypted password for the new password
-s, --shell SHELL new login shell for the user account
-u, --uid UID new UID for the user account
-U, --unlock unlock the user account
-Z, --selinux-user new selinux user mapping for the use
As a sudo user, I believe that running admin tools such as usermod as an
unprivileged user to get the help page is a perfectly valid use case,
and this change is a bad idea that should be reversed.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20081205/cd073e49/attachment.sig>
More information about the fedora-devel-list
mailing list