git: 0ebe6df086f3 - releng/13.4 - adduser: create dataset only if home is directly within dataset

From: Dag-Erling Smørgrav <des_at_FreeBSD.org>
Date: Wed, 21 Aug 2024 17:15:01 UTC
The branch releng/13.4 has been updated by des:

URL: https://cgit.FreeBSD.org/src/commit/?id=0ebe6df086f3bac96945415965a8e0ea1431259a

commit 0ebe6df086f3bac96945415965a8e0ea1431259a
Author:     Mike Karels <karels@FreeBSD.org>
AuthorDate: 2024-05-20 13:43:34 +0000
Commit:     Dag-Erling Smørgrav <des@FreeBSD.org>
CommitDate: 2024-08-21 17:13:22 +0000

    adduser: create dataset only if home is directly within dataset
    
    Currently, if the prefix of the new home directory is a subdirectory
    of a ZFS dataset, adduser will create a new dataset up one or more
    levels from the intended destination.  "pw useradd" will then create
    a normal directory in the desired location, leaving an unused dataset.
    Check for this situation when determining whether to create a dataset,
    and let pw create the directory.
    
    Reviewed by:    des
    Differential Revision:  https://reviews.freebsd.org/D45229
    MFC after:      3 days
    Approved by:    re (cperciva)
    
    (cherry picked from commit 0b39b2e2ddb2df1d1325e042893ddcb1a1c12b8e)
    (cherry picked from commit da384ffbd5adebd7079b4dadd2592e82232566e0)
---
 usr.sbin/adduser/adduser.sh | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/usr.sbin/adduser/adduser.sh b/usr.sbin/adduser/adduser.sh
index 7c3fdb418179..ecac7478befd 100644
--- a/usr.sbin/adduser/adduser.sh
+++ b/usr.sbin/adduser/adduser.sh
@@ -474,7 +474,7 @@ get_homeperm() {
 #	so, enable ZFS home dataset creation.
 #
 get_zfs_home() {
-	local _prefix=
+	local _prefix= _tmp=
 
 	# check if zfs kernel module is loaded before attempting to run zfs to
 	# prevent loading the kernel module on systems that don't use ZFS
@@ -487,6 +487,13 @@ get_zfs_home() {
 		Zcreate="no"
 		return
 	fi
+	# Make sure that _prefix is not a subdirectory within a dataset.  If it
+	# is, the containing dataset will be the same for it and its parent.
+	_tmp=$(${ZFSCMD} list -Ho name "$(dirname "${homeprefix}")" 2>/dev/null)
+	if [ "${_tmp}" = "${_prefix}" ]; then
+		Zcreate="no"
+		return
+	fi
 	zhome="${_prefix}/${username}"
 }