On 2016 Jan 08 (Fri) at 05:52:32 -0500 (-0500), Jiri B wrote: :On Fri, Jan 08, 2016 at 12:04:15PM +0200, Alexey Kurinnij wrote: :> And what about difference? Explain please. :> :> > > I discovered an article about sudo and globbing[1] and :> > > there's difference how it does work on Linux and OpenBSD. :> > :> > http://zurlinux.com/?p=2244 :> > :> > > - openbsd :> > > :> > > # su -s /usr/local/bin/bash - nobody :> > > No home directory /nonexistent! :> > > Logging in with home = "/". :> > > -bash-4.3$ sudo bash -c "ls -l /var/tor/cache*" :> > > -rw------- 1 _tor _tor 20442 Dec 10 11:32 /var/tor/cached-certs :> > > -rw------- 1 _tor _tor 1409287 Jan 7 15:56 :> > /var/tor/cached-microdesc-consensus :> > > -rw------- 1 _tor _tor 5107307 Jan 7 17:23 /var/tor/cached-microdescs :> > > -rw------- 1 _tor _tor 0 Jan 7 17:23 :> > /var/tor/cached-microdescs.new :> > > -bash-4.3$ sudo -s bash -c "ls -l /var/tor/cache*" :> > > .cshrc .profile altroot bin bsd bsd.rd bsd.sp dev :> > etc home mnt root sbin sys tftpboot tmp :> > usr var : : ^^^ here '*' gets expanded inside original user's shell. : :> > > - linux :> > > :> > > [root@slot-1 ~]# su -s /bin/bash nobody :> > > bash-4.2$ sudo bash -c "ls -l /var/cache/ldconfig/aux*" :> > > -rw-------. 1 root root 26470 Dec 22 17:52 /var/cache/ldconfig/aux-cache :> > > bash-4.2$ sudo -s bash -c "ls -l /var/cache/ldconfig/aux*" :> > > -rw-------. 1 root root 26470 Dec 22 17:52 /var/cache/ldconfig/aux-cache : : ^^^ here '*' gets expanded probably later, as original user does :not have access to /var/cache/ldconfig at all. : :In both cases original user does not have access to /var/tor, respecively :to /var/cache/ldconfig. : :So the question is: why does same command on equally "restricted" dir :path gets different output - why on openbsd does '*' get expanded :immediatelly but on linux is it taken into account somehow by sudo (?)... : :j. :
$ ls -l /var/spool/smtpd/* | head ls: /var/spool/smtpd/*: No such file or directory $ ls -l /var/spool/smtpd ls: smtpd: Permission denied $ doas bash -c "ls -l /var/spool/smtpd/*" | head /var/spool/smtpd/corrupt: /var/spool/smtpd/incoming: /var/spool/smtpd/offline: /var/spool/smtpd/purge: total 352 drwx------ 2 _smtpq wheel 512 Jan 14 2015 1040272804 drwx------ 2 _smtpq wheel 512 Jan 14 2015 1056615683 $ sudo bash -c "ls -l /var/spool/smtpd/*" | head /var/spool/smtpd/corrupt: /var/spool/smtpd/incoming: /var/spool/smtpd/offline: /var/spool/smtpd/purge: total 352 drwx------ 2 _smtpq wheel 512 Jan 14 2015 1040272804 drwx------ 2 _smtpq wheel 512 Jan 14 2015 1056615683 $ uname -a OpenBSD dante.berlin.hsgate.de 5.9 GENERIC.MP#2 amd64 I can't reproduce your failure on -current. I'm assuming there was some spaces or quotation failures when you generated your example. -- "A radioactive cat has eighteen half-lives."
