git: 83731cdde6c6 - stable/14 - adduser: create dataset only if home is directly within dataset
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 23 May 2024 12:53:31 UTC
The branch stable/14 has been updated by karels:
URL: https://cgit.FreeBSD.org/src/commit/?id=83731cdde6c672b16338de4c6a0c4939c02c0928
commit 83731cdde6c672b16338de4c6a0c4939c02c0928
Author: Mike Karels <karels@FreeBSD.org>
AuthorDate: 2024-05-20 13:43:34 +0000
Commit: Mike Karels <karels@FreeBSD.org>
CommitDate: 2024-05-23 12:52:37 +0000
adduser: create dataset only if home is directly within dataset
Currently, if the prefix of the new home directory is a subdirectory
of a ZFS dataset, adduser will create a new dataset up one or more
levels from the intended destination. "pw useradd" will then create
a normal directory in the desired location, leaving an unused dataset.
Check for this situation when determining whether to create a dataset,
and let pw create the directory.
Reviewed by: des
Differential Revision: https://reviews.freebsd.org/D45229
(cherry picked from commit 0b39b2e2ddb2df1d1325e042893ddcb1a1c12b8e)
---
usr.sbin/adduser/adduser.sh | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/usr.sbin/adduser/adduser.sh b/usr.sbin/adduser/adduser.sh
index 7c3fdb418179..ecac7478befd 100644
--- a/usr.sbin/adduser/adduser.sh
+++ b/usr.sbin/adduser/adduser.sh
@@ -474,7 +474,7 @@ get_homeperm() {
# so, enable ZFS home dataset creation.
#
get_zfs_home() {
- local _prefix=
+ local _prefix= _tmp=
# check if zfs kernel module is loaded before attempting to run zfs to
# prevent loading the kernel module on systems that don't use ZFS
@@ -487,6 +487,13 @@ get_zfs_home() {
Zcreate="no"
return
fi
+ # Make sure that _prefix is not a subdirectory within a dataset. If it
+ # is, the containing dataset will be the same for it and its parent.
+ _tmp=$(${ZFSCMD} list -Ho name "$(dirname "${homeprefix}")" 2>/dev/null)
+ if [ "${_tmp}" = "${_prefix}" ]; then
+ Zcreate="no"
+ return
+ fi
zhome="${_prefix}/${username}"
}