[Xorp-users] user group problem to run xorpsh
Mark Handley
M.Handley@cs.ucl.ac.uk
Tue, 30 Nov 2004 11:16:56 +0000
>> > I'm a newbie to this group. I just installed Xorp on a Linux machine and
>> > could start the xorp_rtrmgr without problems. But I'm not able to enter
>> > the 'configure mode' using xorpsh. I've logged in as a user who belongs
>> > to group 'xorp'.
>> >
>> > Here are the relevant details:
>> >
>> > Xorp> configure
>> > ERROR: You do not have permission for this operation..
>> > Xorp> quit
>> > [xorpuser@multicast rtrmgr]$ whoami
>> > xorpuser
>> > [xorpuser@multicast rtrmgr]$ id
>> > uid=511(xorpuser) gid=511(xorp) groups=511(xorp)
>> > [xorpuser@multicast rtrmgr]$
I did some testing, and it appears that Linux has an interesting
quirk when it comes to groups. If you list the user as being in a
group by listing them in /etc/group, then getgrnam will say the user
is in a group. If you set the group as the user's default group in
/etc/passwd, then getgrnam will not list the user as being in the
group. And we currently use getgrnam to find out who is in the xorp
group.
So the simple workaround is to explicitly add xorpuser to the xorp
group in /etc/group
The correct solution is for us to handle this more gracefully, and
I'll submit a patch for this shortly.
- Mark