bin/189172: [PATCH] pw usermod breaks on changing username
Matthew D.Fuller
fullermd at over-yonder.net
Thu May 1 09:10:01 UTC 2014
>Number: 189172
>Category: bin
>Synopsis: [PATCH] pw usermod breaks on changing username
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu May 01 09:10:00 UTC 2014
>Closed-Date:
>Last-Modified:
>Originator: Matthew D. Fuller
>Release: FreeBSD 9.1-STABLE amd64
>Organization:
>Environment:
System: FreeBSD draco.over-yonder.net 9.1-STABLE FreeBSD 9.1-STABLE #0 r251584: Sun Jun 9 14:23:33 CDT 2013 root at draco.over-yonder.net:/usr/obj/usr/src/sys/DRACO amd64
>Description:
When calling `pw usermod` with -l to change the username, the
password database doesn't get updated correctly.
pw_mkdb() gets called with the original username (which works fine
for every OTHER call to usermod), which means that while the
master.passwd gets the new correct info, the *pwd.db's do not, as
they get (attemped) updated with a nonexistent username. As a
result, the old name remains and the new one isn't brought in. With
repeated calls this can lead to multiple lines being added to
master.passwd, as the scan fails to find what it's looking for and
keeps trying to add it as a new user.
>How-To-Repeat:
Add a 'pwtst' user with uid 999
pw usermod 999 -l pwt
pw usermod 999 -l pwt
pw usermod 999 -l pwt
Look at the 3 pwt lines in [master.]passwd, and how finger(1) shows
pwtst still but no pwt.
>Fix:
Index: pwupd.c
===================================================================
--- pwupd.c (revision 264991)
+++ pwupd.c (working copy)
@@ -150,7 +150,7 @@
* in case of deletion of a user, the whole database
* needs to be regenerated
*/
- if (pw_mkdb(pw != NULL ? user : NULL) == -1) {
+ if (pw_mkdb(pw != NULL ? pw->pw_name : NULL) == -1) {
pw_fini();
err(1, "pw_mkdb()");
}
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list