Date: Wed, 8 Jan 1997 13:33:25 +1100 From: davidn@unique.usn.blaze.net.au (David Nugent) To: jcwells@u.washington.edu (Jason Wells) Cc: freebsd-questions@FreeBSD.ORG Subject: Re: finger reports the incorrect home directory for users Message-ID: <Mutt.19970108133325.davidn@labs.blaze.net.au> In-Reply-To: <32D2F4BF.3B8D@u.washington.edu>; from Jason Wells on Jan 7, 1997 17:13:35 -0800 References: <32D2F4BF.3B8D@u.washington.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Jason Wells writes: > I adduser-ed three users into the default directory of "/usr/home". I > then moved these directories to the directory "/web/*". "/web" being the > location that I will run my webserver from. After moving these three > directories I edited "/etc/master.passwd" to reflect the changes in the > home directories of the users. You didn't use vipw. Therefore the "insecure" version of the passwd database (/etc/passwd) was not updated, nor the hashed versions. > Thinking this to be an easy fix I just copied "/etc/master.passwd" into > "/etc/passwd". This also did not work. Finger still reports the home > directories incorrectly. OUCH! No, the files are a different format, so you can't do that. /etc/passwd is a "version 7" format file, and /etc/master.passwd is bsd4.4 format. Also, these files are shadowed by (s)pwd.db files, which also need to be updated. vipw takes care of all of that for you. So, the solution is to run vipw, make some trivial change so that a change is detected, and exit. vipw will update /etc/passwd and the anciliary secure and insecure hash tables. Morale 1: don't edit /etc/master.passwd directly unless you know what you're doing and what you want to achieve. I can't even think of any reason you'd need to do so. That your system is still functional at all now is because the getpw*() functions are pulling the data from the database versions of the password files. Simply copying the file would have broken many things had they not been there. If the files were simply duplicates (did you look first?) why would one or the other exist in the first place? Morale 2: Be careful with system information. There is *very* good reason to restrict their manipulation to root/admin or via specialised tools with very restrictive capabilities. It is very easy to hose your entire system as root user. > The basic C programming class that I have taken does not lend me enough > confidence to think that I can code the source to finger better than the > original author. I'm surprised that finger directly accesses /etc/passwd at all (are you sure it does, or does it just mention that in a comment somewhere?). It should be using the library getpw*() interface which may not (and obviously does not, if it still works at all!) access /etc/passwd at all. Regards, David Nugent - Unique Computing Pty Ltd - Melbourne, Australia Voice +61-3-9791-9547 Data/BBS +61-3-9792-3507 3:632/348@fidonet davidn@freebsd.org davidn@blaze.net.au http://www.blaze.net.au/~davidn/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Mutt.19970108133325.davidn>