Jump to content


p4v browse showing root user


  • Please log in to reply
4 replies to this topic

#1 kashmir

kashmir

    Newbie

  • Members
  • Pip
  • 3 posts

Posted 12 February 2018 - 12:46 AM

Hi everyone,

For background info:
I'm using perforce 16.1 release
I configured auto boot on ubuntu 14.04 using systemd, and running the command ps aux, shows me the user is correct


After setting dm.user.noautocreate=2, and failing to create a user through the p4v interface, i selected the browse existing users options and the user root was listed.

I'm incredibly confused as to what i'm doing wrong, but i don't think this is supposed to happen.

I know this is an old version, but any help is appreciated. Thanks in advance!

#2 Sambwise

Sambwise

    Advanced Member

  • Members
  • PipPipPip
  • 664 posts

Posted 12 February 2018 - 03:39 PM

Do:

p4 user -d -f root

That will prevent the "root" user from being displayed as a Perforce user unless someone explicitly creates a Perforce user by that name.

#3 kashmir

kashmir

    Newbie

  • Members
  • Pip
  • 3 posts

Posted 12 February 2018 - 04:39 PM

View PostSambwise, on 12 February 2018 - 03:39 PM, said:

Do:

p4 user -d -f root

That will prevent the "root" user from being displayed as a Perforce user unless someone explicitly creates a Perforce user by that name.

Thanks that solves part of the problem!

But that raises two questions for me:

1) I followed this in attempt to create the auto boot: http://answers.perfo...ticles/KB/10832
I also have a user called 'perforce' with limited permissions, and if start p4d manually through that user, i get 'perforce' listed on members.
But if i use the auto boot from the service it gives me the user root, despite ps aux telling me the user for that process is indeed perforce, what am i doing wrong? (i know it's not an easy situation to debug like this so thanks)

2) Given the current scenario, only the admin can create users but supposing someone could create the perforce user 'root' could that pose a security issue?

#4 Sambwise

Sambwise

    Advanced Member

  • Members
  • PipPipPip
  • 664 posts

Posted 12 February 2018 - 04:55 PM

1) The user "root" showing up in "p4 users" isn't related to how you started p4d, because p4d doesn't (shouldn't?) create a user.  Complete red herring.  That user was most likely created at some point in the past by a client connection that someone ran from their own "root" account, since P4USER defaults to the current system login.  If you happened to notice the user's Email field before you deleted it that'd probably give you a clue as to who did it, since the default email is user@host (so you'd see root@host for whatever host was the culprit).

2) A user called "root" has no special powers or permissions in Perforce unless you grant them those permissions via "p4 protect".  Since you've set autocreate to 2, users will not be able to do this in the future; only a superuser (which presumably you have locked down via protections and passwords) is allowed to create new users now.

If you have not set up a protection table yet by running "p4 protect", of course, the door is wide open for anyone to do anything.

#5 kashmir

kashmir

    Newbie

  • Members
  • Pip
  • 3 posts

Posted 12 February 2018 - 05:40 PM

View PostSambwise, on 12 February 2018 - 04:55 PM, said:

1) The user "root" showing up in "p4 users" isn't related to how you started p4d, because p4d doesn't (shouldn't?) create a user.  Complete red herring.  That user was most likely created at some point in the past by a client connection that someone ran from their own "root" account, since P4USER defaults to the current system login.  If you happened to notice the user's Email field before you deleted it that'd probably give you a clue as to who did it, since the default email is user@host (so you'd see root@host for whatever host was the culprit).

2) A user called "root" has no special powers or permissions in Perforce unless you grant them those permissions via "p4 protect".  Since you've set autocreate to 2, users will not be able to do this in the future; only a superuser (which presumably you have locked down via protections and passwords) is allowed to create new users now.

If you have not set up a protection table yet by running "p4 protect", of course, the door is wide open for anyone to do anything.

That cleared a lot of stuff up for me, thank you so much i was starting to lose my mind to be honest!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users