From owner-svn-src-head@freebsd.org Thu Jul 26 20:03:12 2018 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 57A9B1058759; Thu, 26 Jul 2018 20:03:12 +0000 (UTC) (envelope-from ian@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E2CA6767E0; Thu, 26 Jul 2018 20:03:11 +0000 (UTC) (envelope-from ian@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id A3AE86009; Thu, 26 Jul 2018 20:03:11 +0000 (UTC) (envelope-from ian@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w6QK3BX2026935; Thu, 26 Jul 2018 20:03:11 GMT (envelope-from ian@FreeBSD.org) Received: (from ian@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w6QK3B7E026934; Thu, 26 Jul 2018 20:03:11 GMT (envelope-from ian@FreeBSD.org) Message-Id: <201807262003.w6QK3B7E026934@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: ian set sender to ian@FreeBSD.org using -f From: Ian Lepore Date: Thu, 26 Jul 2018 20:03:11 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r336751 - head/usr.sbin/pw X-SVN-Group: head X-SVN-Commit-Author: ian X-SVN-Commit-Paths: head/usr.sbin/pw X-SVN-Commit-Revision: 336751 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Jul 2018 20:03:12 -0000 Author: ian Date: Thu Jul 26 20:03:11 2018 New Revision: 336751 URL: https://svnweb.freebsd.org/changeset/base/336751 Log: Re-apply r336625 which was reverted with r336638, now that the underlying pw_scan(3) has been fixed in a way that doesn't perturb other callers of it or the getpwnam(3) family. Make pw(8) showuser work the same with or without -R for non-root users. Without -R, pw(8) uses getpwnam(3), which will open master.passwd for the root user or passwd for non-root users. With -R pw(8) was always opening /master.passwd, which would fail for a non-root user, then falsely claim the userid you're trying to show doesn't exist. Now for a non-root user it opens /passwd, and populates the fields in the returned struct passwd which aren't present in that file with well-known canonical values, which duplicates the behavior of getpwnam(3). The net effect is that the showuser output is identical whether using -R or not. Modified: head/usr.sbin/pw/pw_vpw.c Modified: head/usr.sbin/pw/pw_vpw.c ============================================================================== --- head/usr.sbin/pw/pw_vpw.c Thu Jul 26 19:42:23 2018 (r336750) +++ head/usr.sbin/pw/pw_vpw.c Thu Jul 26 20:03:11 2018 (r336751) @@ -39,10 +39,13 @@ static const char rcsid[] = #include #include #include +#include #include "pwupd.h" static FILE * pwd_fp = NULL; +static int pwd_scanflag; +static const char *pwd_filename; void vendpwent(void) @@ -71,7 +74,18 @@ vnextpwent(char const *nam, uid_t uid, int doclose) line = NULL; linecap = 0; - if (pwd_fp != NULL || (pwd_fp = fopen(getpwpath(_MASTERPASSWD), "r")) != NULL) { + if (pwd_fp == NULL) { + if (geteuid() == 0) { + pwd_filename = _MASTERPASSWD; + pwd_scanflag = PWSCAN_MASTER; + } else { + pwd_filename = _PASSWD; + pwd_scanflag = 0; + } + pwd_fp = fopen(getpwpath(pwd_filename), "r"); + } + + if (pwd_fp != NULL) { while ((linelen = getline(&line, &linecap, pwd_fp)) > 0) { /* Skip comments and empty lines */ if (*line == '\n' || *line == '#') @@ -79,10 +93,10 @@ vnextpwent(char const *nam, uid_t uid, int doclose) /* trim latest \n */ if (line[linelen - 1 ] == '\n') line[linelen - 1] = '\0'; - pw = pw_scan(line, PWSCAN_MASTER); + pw = pw_scan(line, pwd_scanflag); if (pw == NULL) errx(EXIT_FAILURE, "Invalid user entry in '%s':" - " '%s'", getpwpath(_MASTERPASSWD), line); + " '%s'", getpwpath(pwd_filename), line); if (uid != (uid_t)-1) { if (uid == pw->pw_uid) break; @@ -98,6 +112,18 @@ vnextpwent(char const *nam, uid_t uid, int doclose) vendpwent(); } free(line); + + /* + * If we read the non-master passwd, some fields may not have been + * populated. Clean them up so that the output looks the same as that + * generated using getpwnam() which also inits them to these values. + */ + if (!(pw->pw_fields & _PWF_CLASS)) + pw->pw_class = ""; + if (!(pw->pw_fields & _PWF_CHANGE)) + pw->pw_change = 0; + if (!(pw->pw_fields & _PWF_EXPIRE)) + pw->pw_expire = 0; return (pw); }