Path: utzoo!utgpu!cunews!micor!latour!ecicrl!clewis From: clewis@ferret.ocunix.on.ca (Chris Lewis) Newsgroups: news.software.b Subject: Re: cnews spooling trouble Message-ID: <1509@ecicrl.ocunix.on.ca> Date: 17 May 91 02:14:16 GMT References: <1991May12.234639.18084@xyzoom.info.com> <1991May13.161913.1812@zoo.toronto.edu> <1494@ecicrl.ocunix.on.ca> <1991May15.071141.1990@xyzoom.info.com> Organization: Elegant Communications Inc., Ottawa, Canada Lines: 44 In article <1991May15.071141.1990@xyzoom.info.com> rob@xyzoom.info.com (Rob Lingelbach) writes: >In article <1494@ecicrl.ocunix.on.ca> clewis@ferret.ocunix.on.ca (Chris Lewis) writes: >>Rob answered "yes" to the "can your machine do setuid(geteuid())". ISC >>386/IX cannot. He has to set it to "no" and rebuild. >I made the change and did the rebuild, and the same thing is >happening (newsrun complains that it can't create >/usr/lib/news/L.). I made /usr/lib/news mode 777 and the lock file >was written allowing newsrun to work; as soon as I changed >$NEWSCTL back to 775 it didn't work. I suspect what's happening is that the rebuilds are somehow not doing the whole job of "switching". When you answer "no", relaynews is supposed to be invoked by a small setuid *root* program "setnewsid". This is required on all System V systems (not sure about SVR4, but that doesn't apply to you) I think a make clean is in order, and then a careful examination of what the installation stuff is doing and what it's deciding *not* to do. Did doit.bin create setnewsid? Did "again.root" install it? Did you forget to run all four doit's in the right order? >I am testing (and failing) by feeding an article to rnews while >logged in as a regular user. If I feed an article to rnews while >logged in as news, it works. My newsfeed is via uucp; is rnews invoked >with the caller's permissions, and if the caller is allowed the >command (/usr/bin/rnews) in /usr/lib/uucp/Permissions, shouldn't it work? Rnews is usually invoked as the uid of the process that invoked uuxqt. Which has the real id as *anyone* (but the effective will be "uucp"). In order to get the real and effective id's to be "news", setnewsids has to be invoked for newsspool to work. (I don't have a C-news system up handy at the moment, but setnewsids is definately required on an ISC machine, if setnewsids isn't required, I don't think that the other programs should be setuid news) Doesn't entirely explain why the lock can't be created tho. What are the ownerships on the other files in /usr/lib/news? What owner does the lock file get created? -- Chris Lewis, Phone: (613) 832-0541, Domain: clewis@ferret.ocunix.on.ca UUCP: ...!cunews!latour!ecicrl!clewis; Ferret Mailing List: ferret-request@eci386; Psroff (not Adobe Transcript) enquiries: psroff-request@eci386 or Canada 416-832-0541. Psroff 3.0 in c.s.u soon!