GNU bug report logs -
#8700
Simple way to switch user/group permissions without requiring PAM sessions
Previous Next
Reported by: Colin Watson <cjwatson <at> debian.org>
Date: Thu, 19 May 2011 13:14:03 UTC
Severity: normal
Tags: wontfix
Done: Assaf Gordon <assafgordon <at> gmail.com>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
On 05/24/2012 02:50 PM, Pádraig Brady wrote:
> Note Fedora and Suse use su from coreutils
> while debian use their own:
> http://pkg-shadow.alioth.debian.org/
>
> Note also Fedora has `runuser` which is based on su:
> http://pkgs.fedoraproject.org/gitweb/?p=coreutils.git;a=blob;f=coreutils-8.7-runuser.patch;hb=HEAD
>
> There was also a very related request for
> `runuser` like functionality to be generally available:
> http://bugs.gnu.org/8700
>
> It's probably worth bringing runuser with su,
> no matter where they end up.
So with su being removed in favor of the util-linux implementation,
`runuser` is being implemented there too.
I.E. it will be available outside of redhat/fedora/centos/...
in util-linux >= 2.22, and so should address http://bugs.gnu.org/8700
Note from previous comments in this thread,
it seems like allowing runser to be built (as an option?)
without requiring PAM, would be useful.
For reference, here are utils with similar functionality:
chid,really
Mentioned in feature request from debian
http://bugs.gnu.org/8700
chroot --userspec=U:G --groups=G1,G2,G3 /
since coreutils v7.4-16-gc45c51f
beware of CVE-2005-4890
setuidgid
coreutils internal only
http://git.sv.gnu.org/gitweb/?p=coreutils.git;a=blob;f=src/setuidgid.c;hb=HEAD
sg from pwdutils
http://pubs.opengroup.org/onlinepubs/9699919799/utilities/newgrp.html
sudo -u -g
runas from titantools
cheers,
Pádraig.
This bug report was last modified 6 years and 228 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.