sys-apps/which-2.20 - `which` improperly reports executable path when execute permission granted to group but not user $ ls -l /usr/bin/VirtualBox lrwxrwxrwx 1 root root 28 Dec 3 04:32 /usr/bin/VirtualBox -> /usr/lib/virtualbox-ose/VBox $ ls -l /usr/lib/virtualbox-ose/VBox -rwxr-x--- 1 root vboxusers 2931 Dec 3 04:29 /usr/lib/virtualbox-ose/VBox As root: # which VirtualBox /usr/bin/VirtualBox As non-root (user is member of vboxusers group): $ which VirtualBox which: no VirtualBox in (/sbin:/usr/sbin:/opt/nessus/bin:/opt/nessus/sbin:/opt/vmware/player/bin:/usr/local/bin:/usr/bin:/bin:/opt/bin:/usr/i686-pc-linux-gnu/gcc-bin/4.4.2:/usr/i686-pc-linux-gnu/mingw32/gcc-bin/4.4.2:/usr/qt/3/bin:/usr/games/bin:/opt/nessus/bin:/opt/nessus/sbin:/opt/vmware/vix/bin:/home/wdawson/bin) After changing perms on /usr/lib/virtualbox-ose/VBox): # chmod a+rx /usr/lib/virtualbox-ose/VBox wdawsonlt framework3 # exit wdawson@wdawsonlt ~/Software/metasploit/framework3 $ which VirtualBox /usr/bin/VirtualBox Reproducible: Always
works fine for me. are you sure you're in the vboxusers group ? you also need to provide `emerge --info` like the bug reporting page told you to. # touch /usr/bin/TTT # ln -s TTT /usr/bin/TT # chmod 750 /usr/bin/TT # chown root:root /usr/bin/TT $ which TT which: no TT in (...) # chmod a+rx /usr/bin/TT $ which TT /usr/bin/TT # chmod 750 /usr/bin/TT $ which TT which: no TT in (...) $ groups tty wheel uucp cron audio cdrom usb users portage games src vboxusers # chgrp vboxusers /usr/bin/TT $ which TT /usr/bin/TT
(In reply to comment #1) > works fine for me. are you sure you're in the vboxusers group ? Yes. $ id uid=1000(wdawson) gid=1011(wdawson) groups=1011(wdawson),0(root),1(bin),2(daemon),3(sys),4(adm),5(tty),6(disk),7(lp),8(mem),9(kmem),10(wheel),11(floppy),12(mail),13(news),14(uucp),15(man),16(cron),17(console),18(audio),19(cdrom),20(dialout),22(sshd),26(tape),27(video),35(games),60(mysql),70(postgres),80(cdrw),81(apache),85(usb),100(users),106(lpadmin),123(ntp),200(nofiles),209(smmsp),245(locate),250(portage),265(tomcat),406(utmp),439(ldap),1000(ssmtp),1001(crontab),1002(messagebus),1003(netdev),1004(avahi),1005(haldaemon),1006(plugdev),1007(realtime),1008(pulse-access),1009(pulse),1010(scanner),1012(vmware),1013(openvpn),1014(tcpdump),1015(clamav),1016(ngrep),1017(ntop),1018(wireshark),1019(dhcp),1020(kismet),1021(speech),1022(tor),1023(privoxy),1024(vboxusers),1025(test),1026(nxpgsql),65533(nogroup),65534(nobody) > you also need > to provide `emerge --info` like the bug reporting page told you to. So, there: # emerge --info Portage 2.1.7.15 (default/linux/x86/10.0, gcc-4.4.2, glibc-2.11-r1, 2.6.30-gentoo-r6 i686) ================================================================= System uname: Linux-2.6.30-gentoo-r6-i686-Intel-R-_Pentium-R-_M_processor_2.00GHz-with-gentoo-2.0.1 Timestamp of tree: Tue, 22 Dec 2009 17:00:01 +0000 app-shells/bash: 4.0_p35 dev-java/java-config: 2.1.10 dev-lang/python: 2.5.4-r3, 2.6.4, 3.1.1-r1 dev-python/pycrypto: 2.1.0 dev-util/cmake: 2.8.0 sys-apps/baselayout: 2.0.1 sys-apps/openrc: 0.6.0 sys-apps/sandbox: 2.2 sys-devel/autoconf: 2.13, 2.64 sys-devel/automake: 1.5-r1, 1.7.9-r2, 1.8.5-r4, 1.9.6-r3, 1.10.3, 1.11.1 sys-devel/binutils: 2.20 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6b virtual/os-headers: 2.6.30-r1 ACCEPT_KEYWORDS="x86 ~x86" ACCEPT_LICENSE="* -@EULA PUEL dlj-1.1 Nessus-EULA sun-bcla-java-vm" CBUILD="i686-pc-linux-gnu" CFLAGS="-march=i686 -O2 -pipe -ggdb" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-march=i686 -O2 -pipe -ggdb" DISTDIR="/usr/portage/distfiles" FEATURES="assume-digests distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" LDFLAGS="-Wl,-O1" MAKEOPTS="" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="3dnow 3dnowext X a52 aac acl acpi aiglx alsa apache2 apm ati audiofile avahi avi bash-completion berkdb bitmap-fonts bzip2 cairo caps cardbus cdio cdr cli consolekit cracklib crypt ctype cups cxx dba dbtool dbus digitalradio diskio djvu dri dts dvdread eds emboss encode esd ethereal exif expat fastbuild ffmpeg fftw fglrx foomaticdb force-cgi-redirect fortran ftp fuse gamin gd gdbm gif glib glitz glut gmp gpm gstreamer gtk gtk2 gtkhtml guile hal iconv idn imlib ipv6 ithreads jack java jpeg kde kerberos kqemu lcms ldap libclamav libg++ libwww lirc live lm_sensors lua mad madwifi matroska mdnsresponder-compat memlimit mhash mikmod mmx mmxext mng modules mono motif mozilla mp3 mpeg mudflap mysql ncurses netboot netjack networking nforce2 nls nptl nptlonly nsplugin nvidia ocaml ogg oggvorbis opengl openmp oss pam pango pch pcmcia pcre pdf pdflib pear perl php pmu png policykit portaudio posix pppd pulseaudio python qt qt3support qtmt quicktime readline reflection ruby samba sasl sdl session simplexml slang sndfile snmp soap sockets spell spl sql sqlite sse sse2 ssl svg sysfs tcl tcltk tcpd theora threads threadsafe tiff tk tokenizer truetype truetype-fonts type1-fonts udev unicode utempter vorbis webkit wifi win32codecs x86 xanim xinerama xml xmlrpc xorg xscreensaver xsl xulrunner xv zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" FOO2ZJS_DEVICES="hp2600n" INPUT_DEVICES="evdev keyboard mouse synaptics" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="radeon" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS > > # touch /usr/bin/TTT > # ln -s TTT /usr/bin/TT > # chmod 750 /usr/bin/TT > # chown root:root /usr/bin/TT > $ which TT > which: no TT in (...) > > # chmod a+rx /usr/bin/TT > $ which TT > /usr/bin/TT > > # chmod 750 /usr/bin/TT > $ which TT > which: no TT in (...) > > $ groups > tty wheel uucp cron audio cdrom usb users portage games src vboxusers > # chgrp vboxusers /usr/bin/TT > $ which TT > /usr/bin/TT >
it makes absolutely no sense to be in the majority of those groups. perhaps you're in too many -- remove yourself from all the useless ones and try again.
(In reply to comment #3) > it makes absolutely no sense to be in the majority of those groups. perhaps > you're in too many -- remove yourself from all the useless ones and try again. > Nice. I will check into that. In the meantime, perhaps there's a bug in the manner in which `which` processes such things.
if you arent actually placed into the vboxusers group, then `which` isnt broken
(In reply to comment #5) > if you arent actually placed into the vboxusers group, then `which` isnt broken > I was and still am a member of vboxusers group. At the time I opened this bug report, I was a member of every group on the system (all 70). As you pointed out, that was a rather large number. It's not necessary to be a group member of them all, of course. I removed myself from all but a few and restarted my login session, after which 'which' works as expected. There is probably a threshold of group memberships that cause 'which' to no longer work as expected. In my case, 'vboxusers' appears on line 66 of /etc/group.
being listed in /etc/group is not the same thing as being placed into a group
*** This bug has been marked as a duplicate of bug 67791 ***
(In reply to comment #7) > being listed in /etc/group is not the same thing as being placed into a group > Really? That's actually how it's done, as far as I know. Can you elaborate on that, as it makes no sense to me.
check the output of 'id'.
(In reply to comment #10) > check the output of 'id'. > Done that, and it's in the bug (comment #2). But, for the mechanics of adding a user to a group, "being listed in /etc/group" == "being placed into a group", contrary to comment #7. As far as I know, at least.
Add yourself to /etc/group, don't logout, and run id.
you have to read my wording more carefully. just because you're *supposed* to be added to a group doesnt mean the system actually places you into it at runtime. because you're in too many.
