master.passwd out of sync

Per Hedeland per at
Tue Sep 3 20:38:56 UTC 2019

On 2019-09-03 15:08, Albert Shih wrote:
> Le 03/09/2019 à 13:46:17+0200, Per Hedeland a écrit
>>> Of course, you can still do as you state here and run pwd_mkdb(8) but better to use the right tool for the job.
>> Well, the "new" pw(8) that Albert uses is just as much "the right
>> tool" as the traditional vipw(8), and arguably more "user friendly".
>> With vipw(8) you obviously update /etc/master.passwd yourself, while
>> pw(8) does that for you - and both of them update /etc/passwd and the
>> databases /etc/spwd.db and /etc/pwd.db, from /etc/master.passwd,
>> ultimately using pwd_mkdb(8).
>> The other difference is that vipw(8) completely re-generates
>> /etc/passwd and the databases, while pw(8) updates only the specific
>> user entry (the -u option is passed to pwd_mkdb(8)). Apparently it's
>> this single user entry update that is failing - or at least the
>> getpwnam() check for the added user that pw(8) does fails - vipw(8)
>> (or pwdb(8) without -u) doesn't do any such check, since they update
>> "everything".
>> Anyway Albert, you obviously "shouldn't" get that error message from
>> pw(8), and you "shouldn't" need to run pwd_mkdb(8) yourself after
>> using pw(8). Are you running NIS? And if so, do you use the -Y option
>> to pw(8)? Since you say that you only get the problem "sometimes", one
>> *guess* is that NIS may not be updated (yet) at the point when pw(8)
>> does the getpwnam() check. *If* that is the case, running pwd_mkdb(8)
>> surely won't help - but the passing of time may fix it...
> To be precise.
> The creation of the account are launch through puppet agent. The agent
> crash on the error :
> Error: Could not create user XXXXXX: Execution of '/usr/sbin/pw useradd XXXXXX -d /home/XXXXXX -u 22607 -g YYY -s /usr/local/bin/bash -G network,wheel -m' returned 67: pw: user 'XXXXXX' disappeared during update
> Error: /Stage[main]/ZZZ::Accounts::XXXXXX_account/User[XXXXXX]/ensure: change from 'absent' to 'present' failed: Could not create user XXXXXX: Execution of '/usr/sbin/pw useradd XXXXXX -d /home/XXXXXX -u 22607 -g YYY -s /usr/local/bin/bash -G nagios,network,wheel -m' returned 67: pw: user 'XXXXXX' disappeared during update
> So I try the command manually, and end up with the same error (whew....). I
> check the puppet provider and it indeed do exactly what it say (and just it say)
> No account are create actually manually on those server, well more than
> that generaly no connexion on those server.
> So I run the pwd_mkdb -u and everything work again.

Did you see something not work (besides the error message) before
running pwd_mkdb? E.g. was the new user actually missing from

> When I writing this answer, something occur to me....all server with
> problem are no so long ago upgrade from 11.2 to 12.0 with freebsd-update.
> So maybe the problem are from the freebsd-update, they are a old bug report
> (fix according ) about this problem.

It's not about "this problem", but about the fact that the upgrade
adds a user (ntpd) to /etc/master.passwd without running pwd_mkdb *at
all* - thus the new user effectively doesn't exist. But it might be a
possibility that the out-of-date /etc/passwd / /etc/spwd.db /
/etc/pwd.db somehow causes the "single user entry update" to fail.


> I will try again with the next upgrade from 11.2 to 12.
> Regards
> --
> Albert SHIH
> Observatoire de Paris
> xmpp: jas at
> Heure local/Local time:
> Tue 03 Sep 2019 02:57:01 PM CEST
> _______________________________________________
> freebsd-questions at mailing list
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at"

More information about the freebsd-questions mailing list