bin/189172: [PATCH] pw usermod breaks on changing username

Matthew D.Fuller fullermd at
Thu May 1 09:10:01 UTC 2014

>Number:         189172
>Category:       bin
>Synopsis:       [PATCH] pw usermod breaks on changing username
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu May 01 09:10:00 UTC 2014
>Originator:     Matthew D. Fuller
>Release:        FreeBSD 9.1-STABLE amd64
System: FreeBSD 9.1-STABLE FreeBSD 9.1-STABLE #0 r251584: Sun Jun 9 14:23:33 CDT 2013 root at amd64

	When calling `pw usermod` with -l to change the username, the
	password database doesn't get updated correctly.
	pw_mkdb() gets called with the original username (which works fine
	for every OTHER call to usermod), which means that while the
	master.passwd gets the new correct info, the *pwd.db's do not, as
	they get (attemped) updated with a nonexistent username.  As a
	result, the old name remains and the new one isn't brought in.  With
	repeated calls this can lead to multiple lines being added to
	master.passwd, as the scan fails to find what it's looking for and
	keeps trying to add it as a new user.

	Add a 'pwtst' user with uid 999

	pw usermod 999 -l pwt
	pw usermod 999 -l pwt
	pw usermod 999 -l pwt

	Look at the 3 pwt lines in [master.]passwd, and how finger(1) shows
	pwtst still but no pwt.


Index: pwupd.c
--- pwupd.c	(revision 264991)
+++ pwupd.c	(working copy)
@@ -150,7 +150,7 @@
 		 * in case of deletion of a user, the whole database
 		 * needs to be regenerated
-		if (pw_mkdb(pw != NULL ? user : NULL) == -1) {
+		if (pw_mkdb(pw != NULL ? pw->pw_name : NULL) == -1) {
 			err(1, "pw_mkdb()");


More information about the freebsd-bugs mailing list