After a few suggestions, I figured the problem out myself. I ended up with
two versions of the program; one worked and one didn't. It turns out that
when you do an sia_ses_authent before calling sia_chg_passwd, it screws
things up so that no matter what your real and effective uid is,
sia_chg_passwd won't work. *sigh*
================================================================================
Don Newcomer Dickinson College
Associate Director, System and Network Services P.O. Box 1773
newcomer_at_dickinson.edu Carlisle, PA 17013
Phone: (717) 245-1256
FAX: (717) 245-1690
On Wed, 25 Apr 2001, Don Newcomer wrote:
> I'm trying to write a program that will allow users to change their
> password (security implications aside). I have it set up as setuid 'root'
> and setgid 'auth' and call setreuid and setregid to set both the real and
> effective uid to 'root' and the real and effective gid to 'auth'. I can
> make it work for my personal account, likely because I'm in the 'system'
> and 'auth' group. When I try from my test account I get the error
> "Password not changed: not authorized to change another user's password."
> What am I missing here? The only thing I can think to try is
> sia_become_user but it looks pretty unwieldy. Any ideas would be greatly
> appreciated.
>
> ================================================================================
> Don Newcomer Dickinson College
> Associate Director, System and Network Services P.O. Box 1773
> newcomer_at_dickinson.edu Carlisle, PA 17013
> Phone: (717) 245-1256
> FAX: (717) 245-1690
>
>
Received on Thu May 03 2001 - 13:57:46 NZST