Re: Strange problem with user account

2006-02-15 Thread Ian A. Tegebo 
On Fri, Feb 10, 2006 at 08:39:06PM -0800, Ian A. Tegebo wrote:
 Somehow I've foobarred a user account.
The account turned out not to have been foobared.  The account had had
18 groups and this exceeded the kern.ngroups default of 16.  Reducing
the number of groups solved the problem.

 # su USER
 su: setusercontext: Invalid argument
A better ktrace as root is:

# ktrace -di su yontege
# kdump -f ktrace.out
...
1080 su   CALL  setgroups(0x11,0xbfbfe5b0)
1080 su   RET   setgroups -1 errno 22 Invalid argument
...
# man setgroups
-
ERRORS
 The setgroups() system call will fail if:

 [EPERM]The caller is not the super-user.

 [EINVAL]   The number specified in the ngroups argument is larger
than the NGROUPS limit.

 [EFAULT]   The address specified for gidset is outside the
process address space.
-

and then it was elementary.  
 
 I suspect that something funny has happened to the account before the
 migration; something like having been removed from /etc/passwd but
 nowhere else.
And this was an incorrect suspicion which was confirmed by investigating
all of the pwd.db related files.

Hope this helps someone someday.

--
ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Strange problem with user account

2006-02-10 Thread Ian A. Tegebo 
Somehow I've foobarred a user account.  It's on a system that first had
the account in /etc/passwd, but then I moved the system over to using
LDAP for user imformation.  Other accounts are fine, but this one will
not allow auth and gives the following error when trying to su ian as
root:

# su USER
su: setusercontext: Invalid argument

And doing the following shows

# ktrace su ian
# kdump -f ktrace.out
...
   35Feb 10 20:29:20 su: initgroups(ian,100): Invalid
   argument
   ...
is near the end of the output.  Both ian and the GID 100 show up
just fine when I do:

# id ian
uid=1032(ian) gid=100(users) groups=100(users)

I suspect that something funny has happened to the account before the
migration; something like having been removed from /etc/passwd but
nowhere else.

The problem is that I can't figure out where to look now.

--
ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]