Bug 167741

Summary: group(5): Group Passwords do not work and are not documented properly
Product: Documentation Reporter: Mark Saad <msaad>
Component: Books & ArticlesAssignee: freebsd-doc (Nobody) <doc>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   

Description Mark Saad 2012-05-09 17:20:11 UTC 
	Group Password support appears to be broken , as well as the man pages for group, newgrp, groups do not mention how to use
it.  Eitan Adler noted this is a docs bug however , following his instructions , which appear to be correct do not work.

Fix: 

Part 1. 
  In the group man page man 5 group in the SEE ALSO section should include a refrence to newgrp(1) 
In the man page for newgrp(1) an example of how to set a group passowrd should be included. 
Something similar to my example . 

Part 2. 
   The group password option fails to work, with the users unable to call setgid. A part of a truss of the process is below.


Truss Output

write(3,"Password:",9)                           = 9 (0x9)
read(3,"a",1)                                    = 1 (0x1)
read(3,"\n",1)                                   = 1 (0x1)
write(3,"\n",1)                                  = 1 (0x1)
ioctl(3,TIOCSETAF,0xffffd660)                    = 0 (0x0)
sigaction(SIGALRM,{ SIG_DFL 0x0 ss_t },0x0)      = 0 (0x0)
sigaction(SIGHUP,{ SIG_DFL 0x0 ss_t },0x0)       = 0 (0x0)
sigaction(SIGINT,{ SIG_DFL SA_RESTART ss_t },0x0) = 0 (0x0)
sigaction(SIGQUIT,{ SIG_DFL SA_RESTART ss_t },0x0) = 0 (0x0)
sigaction(SIGPIPE,{ SIG_DFL SA_RESTART ss_t },0x0) = 0 (0x0)
sigaction(SIGTERM,{ SIG_DFL SA_RESTART|SA_SIGINFO ss_t },0x0) = 0 (0x0)
sigaction(SIGTSTP,{ SIG_DFL SA_RESTART ss_t },0x0) = 0 (0x0)
sigaction(SIGTTIN,{ SIG_DFL SA_RESTART ss_t },0x0) = 0 (0x0)
sigaction(SIGTTOU,{ SIG_DFL SA_RESTART ss_t },0x0) = 0 (0x0)
close(3)                                         = 0 (0x0)
open("/etc/auth.conf",O_RDONLY,0141)             = 3 (0x3)
read(3,"#\n# $FreeBSD: src/etc/auth.conf"...,4096) = 237 (0xed)
read(3,0x7fffffffc670,4096)                      = 0 (0x0)
close(3)                                         = 0 (0x0)
__sysctl(0x7fffffffd950,0x2,0x7fffffffd96c,0x7fffffffd960,0x0,0x0) = 0 (0x0)
getgroups(0x400,0x801041000,0x801000658,0x42,0x601f48,0xffffffff) = 3 (0x3)
seteuid(0x3ea,0x801041008,0x3,0x3,0x601f48,0xffffffff) = 0 (0x0)
setgid(0x3eb,0x801041008,0x3,0x3,0x601f48,0xffffffff) ERR#1 'Operation not permitted'
getuid()                                         = 1002 (0x3ea)
seteuid(0x3ea,0x801041008,0xffffffffffffffff,0x1,0x601f48,0xffffffff) = 0 (0x0)
write(2,"newgrp: ",8)                            = 8 (0x8)
write(2,"setgid",6)                              = 6 (0x6)
write(2,": ",2)                                  = 2 (0x2)
stat("/usr/share/nls/C/libc.cat",0x7fffffffd330) ERR#2 'No such file or directory'
stat("/usr/share/nls/libc/C",0x7fffffffd330)     ERR#2 'No such file or directory'
stat("/usr/local/share/nls/C/libc.cat",0x7fffffffd330) ERR#2 'No such file or directory'
stat("/usr/local/share/nls/libc/C",0x7fffffffd330) ERR#2 'No such file or directory'
write(2,"Operation not permitted\n",24)          = 24 (0x18)
seteuid(0x3ea,0x7fffffffd210,0x0,0x18,0x7ff7ff2af0d6,0xffffffff) = 0 (0x0)
getuid()                                         = 1002 (0x3ea)
setuid(0x3ea,0x7fffffffd210,0x0,0x18,0x7ff7ff2af0d6,0xffffffff) = 0 (0x0)
execve("/bin/csh",<missing argument>,<missing argument>) = 0 (0x0)
mmap(0x0,32768,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) = 34366480384 (0x80066e000)
issetugid(0x80086ea20,0x7fffffffefd7,0x40,0x0,0xffff80080086fa49,0x0) = 0 (0x0)
open("/etc/libmap.conf",O_RDONLY,041603500)      ERR#2 'No such file or directory'
open("/var/run/ld-elf.so.hints",O_RDONLY,057)    = 3 (0x3)
read(3,"Ehnt\^A\0\0\0\M^@\0\0\0\M-a\0\0"...,128) = 128 (0x80)
lseek(3,0x80,SEEK_SET)
How-To-Repeat: 

root@blindness:~# pw groupadd testgroup
root@blindness:~# pw group mod testgroup -h 0
New password for group testgroup:   <Enter the passowrd: blahblahblah>
root@blindness:~# exit
logout
msaad@blindness:~% newgrp testgroup
Password:
newgrp: setgid: Operation not permitted
msaad@blindness:~%
Comment 1 Dag-Erling Smørgrav 2013-02-08 08:32:59 UTC 
newgrp(1) fails because it is not setuid root out of the box.  You have
to "chmod u+s /usr/bin/newgrp".  This is intentional, cf. the last
paragraph of the man page.

DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no
Comment 2 dfilter service freebsd_committer freebsd_triage 2013-02-08 14:11:25 UTC 
Author: des
Date: Fri Feb  8 14:11:12 2013
New Revision: 246552
URL: http://svnweb.freebsd.org/changeset/base/246552

Log:
  Cross-reference newgrp(1), and document the use of pw(8) to set the group
  password.
  
  PR:		docs/167741
  MFC after:	3 weeks

Modified:
  head/share/man/man5/group.5

Modified: head/share/man/man5/group.5
==============================================================================
--- head/share/man/man5/group.5	Fri Feb  8 12:53:29 2013	(r246551)
+++ head/share/man/man5/group.5	Fri Feb  8 14:11:12 2013	(r246552)
@@ -32,7 +32,7 @@
 .\"     From: @(#)group.5	8.3 (Berkeley) 4/19/94
 .\" $FreeBSD$
 .\"
-.Dd September 29, 1994
+.Dd February 8, 2013
 .Dt GROUP 5
 .Os
 .Sh NAME
@@ -139,6 +139,7 @@ may still have this limit.
 .It Pa /etc/group
 .El
 .Sh SEE ALSO
+.Xr newgrp 1 ,
 .Xr passwd 1 ,
 .Xr setgroups 2 ,
 .Xr crypt 3 ,
@@ -156,9 +157,14 @@ file format appeared in
 .At v6 .
 Support for comments first appeared in
 .Fx 3.0 .
-.Sh BUGS
+.Sh IMPLEMENTATION NOTES
 The
 .Xr passwd 1
 command does not change the
 .Nm
 passwords.
+The
+.Xr pw 8
+utility's
+.Cm groupmod
+command should be used instead.
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
Comment 3 dfilter service freebsd_committer freebsd_triage 2013-02-08 14:14:13 UTC 
Author: des
Date: Fri Feb  8 14:14:00 2013
New Revision: 246553
URL: http://svnweb.freebsd.org/changeset/base/246553

Log:
  Print a warning if not setuid root.
  Document the need for the setuid bit and how to set it.
  Explain why it isn't set by default, and suggest simply adding users
  to groups instead.
  
  PR:		docs/167741
  MFC after:	3 weeks

Modified:
  head/usr.bin/newgrp/newgrp.1
  head/usr.bin/newgrp/newgrp.c

Modified: head/usr.bin/newgrp/newgrp.1
==============================================================================
--- head/usr.bin/newgrp/newgrp.1	Fri Feb  8 14:11:12 2013	(r246552)
+++ head/usr.bin/newgrp/newgrp.1	Fri Feb  8 14:14:00 2013	(r246553)
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd May 23, 2002
+.Dd February 8, 2013
 .Dt NEWGRP 1
 .Os
 .Sh NAME
@@ -90,6 +90,15 @@ A
 utility appeared in
 .At v6 .
 .Sh BUGS
+For security reasons, the
+.Nm
+utility is normally installed without the setuid bit.
+To enable it, run the following command:
+.Bd -literal -offset indent
+chmod u+s /usr/bin/newgrp
+.Ed
+.Pp
 Group passwords are inherently insecure as there is no way to stop
-users obtaining the crypted passwords from the group database.
+users obtaining the password hash from the group database.
 Their use is discouraged.
+Instead, users should simply be added to the necessary groups.

Modified: head/usr.bin/newgrp/newgrp.c
==============================================================================
--- head/usr.bin/newgrp/newgrp.c	Fri Feb  8 14:11:12 2013	(r246552)
+++ head/usr.bin/newgrp/newgrp.c	Fri Feb  8 14:14:00 2013	(r246553)
@@ -73,7 +73,8 @@ main(int argc, char *argv[])
 {
 	int ch, login;
 
-	euid = geteuid();
+	if ((euid = geteuid()) != 0)
+		warnx("need root permissions to function properly, check setuid bit");
 	if (seteuid(getuid()) < 0)
 		err(1, "seteuid");
 
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
Comment 4 dfilter service freebsd_committer freebsd_triage 2013-07-11 13:47:19 UTC 
Author: des
Date: Thu Jul 11 12:47:06 2013
New Revision: 253205
URL: http://svnweb.freebsd.org/changeset/base/253205

Log:
  MFH (r246553): document and explain need for setuid bit.
  
  PR:		docs/167741

Modified:
  stable/9/usr.bin/newgrp/newgrp.1
  stable/9/usr.bin/newgrp/newgrp.c
Directory Properties:
  stable/9/usr.bin/newgrp/   (props changed)

Modified: stable/9/usr.bin/newgrp/newgrp.1
==============================================================================
--- stable/9/usr.bin/newgrp/newgrp.1	Thu Jul 11 12:46:35 2013	(r253204)
+++ stable/9/usr.bin/newgrp/newgrp.1	Thu Jul 11 12:47:06 2013	(r253205)
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd May 23, 2002
+.Dd February 8, 2013
 .Dt NEWGRP 1
 .Os
 .Sh NAME
@@ -90,6 +90,15 @@ A
 utility appeared in
 .At v6 .
 .Sh BUGS
+For security reasons, the
+.Nm
+utility is normally installed without the setuid bit.
+To enable it, run the following command:
+.Bd -literal -offset indent
+chmod u+s /usr/bin/newgrp
+.Ed
+.Pp
 Group passwords are inherently insecure as there is no way to stop
-users obtaining the crypted passwords from the group database.
+users obtaining the password hash from the group database.
 Their use is discouraged.
+Instead, users should simply be added to the necessary groups.

Modified: stable/9/usr.bin/newgrp/newgrp.c
==============================================================================
--- stable/9/usr.bin/newgrp/newgrp.c	Thu Jul 11 12:46:35 2013	(r253204)
+++ stable/9/usr.bin/newgrp/newgrp.c	Thu Jul 11 12:47:06 2013	(r253205)
@@ -73,7 +73,8 @@ main(int argc, char *argv[])
 {
 	int ch, login;
 
-	euid = geteuid();
+	if ((euid = geteuid()) != 0)
+		warnx("need root permissions to function properly, check setuid bit");
 	if (seteuid(getuid()) < 0)
 		err(1, "seteuid");
 
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
Comment 5 Dag-Erling Smørgrav freebsd_committer freebsd_triage 2013-07-11 13:47:29 UTC 
State Changed
From-To: open->closed

fixed in head and stable/9
Comment 6 dfilter service freebsd_committer freebsd_triage 2013-07-11 13:49:25 UTC 
Author: des
Date: Thu Jul 11 12:49:12 2013
New Revision: 253206
URL: http://svnweb.freebsd.org/changeset/base/253206

Log:
  MFH (r246552): mention newgrp(1) and how to change the group password.
  
  PR:		docs/167741

Modified:
  stable/9/share/man/man5/group.5
Directory Properties:
  stable/9/share/man/man5/   (props changed)

Modified: stable/9/share/man/man5/group.5
==============================================================================
--- stable/9/share/man/man5/group.5	Thu Jul 11 12:47:06 2013	(r253205)
+++ stable/9/share/man/man5/group.5	Thu Jul 11 12:49:12 2013	(r253206)
@@ -32,7 +32,7 @@
 .\"     From: @(#)group.5	8.3 (Berkeley) 4/19/94
 .\" $FreeBSD$
 .\"
-.Dd September 29, 1994
+.Dd February 8, 2013
 .Dt GROUP 5
 .Os
 .Sh NAME
@@ -139,6 +139,7 @@ may still have this limit.
 .It Pa /etc/group
 .El
 .Sh SEE ALSO
+.Xr newgrp 1 ,
 .Xr passwd 1 ,
 .Xr setgroups 2 ,
 .Xr crypt 3 ,
@@ -156,9 +157,14 @@ file format appeared in
 .At v6 .
 Support for comments first appeared in
 .Fx 3.0 .
-.Sh BUGS
+.Sh IMPLEMENTATION NOTES
 The
 .Xr passwd 1
 command does not change the
 .Nm
 passwords.
+The
+.Xr pw 8
+utility's
+.Cm groupmod
+command should be used instead.
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"