From owner-freebsd-stable@freebsd.org Tue Jul 14 12:24:41 2015 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E51FC99CEDB for ; Tue, 14 Jul 2015 12:24:41 +0000 (UTC) (envelope-from baptiste.daroussin@gmail.com) Received: from mail-wi0-x231.google.com (mail-wi0-x231.google.com [IPv6:2a00:1450:400c:c05::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 796B7FD5 for ; Tue, 14 Jul 2015 12:24:41 +0000 (UTC) (envelope-from baptiste.daroussin@gmail.com) Received: by wicmv11 with SMTP id mv11so12915762wic.1 for ; Tue, 14 Jul 2015 05:24:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=mhkyItO1jIccHITIxF+MRxb+NZLu5uXt1gUfFEjMAN8=; b=jbph/7NWur7hKyMX1OH/S3b0Dc7YZxvFgQ3pM7KguBV39+p0HLw4SrBc2Rahgn80o4 kE2smHoeKReZCrdnjQOro9MW8/sF53ZxrEQk4BhyNkRMqDltXy0oQmeKiOWQtFTEet4y 3LrP64WeQGlVl/R+hO6hbcnauQMq5bWDy9pQE5aaRMme5Nzysec0tTCnKXXMvxEKnngB WGVylenSQiLFH/49N7uiOd7yZpXuSvblTsvpb2r6TallmNdSSLCc7td2TfcI7Euz4xe4 BmjXxKdoStEGpg4JUah09xWh4u9AbC6DSXRyW4WInGClxC0b2R+ShBeDEjVogBXeoXXN oVbA== X-Received: by 10.180.215.101 with SMTP id oh5mr5145143wic.6.1436876678921; Tue, 14 Jul 2015 05:24:38 -0700 (PDT) Received: from ivaldir.etoilebsd.net ([2001:41d0:8:db4c::1]) by smtp.gmail.com with ESMTPSA id u7sm20540999wif.3.2015.07.14.05.24.37 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 14 Jul 2015 05:24:38 -0700 (PDT) Sender: Baptiste Daroussin Date: Tue, 14 Jul 2015 14:24:36 +0200 From: Baptiste Daroussin To: Jan Mikkelsen Cc: FreeBSD Stable Mailing List Subject: Re: 10.2-BETA1: pw(8) does not support "pw useradd name -u 0" Message-ID: <20150714122434.GI37597@ivaldir.etoilebsd.net> References: <00BBEBAC-D7E2-4312-995B-93F7F0EDDD42@transactionware.com> <20150713083628.GA37597@ivaldir.etoilebsd.net> <20150713091006.GB37597@ivaldir.etoilebsd.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="d6d1KVhp94hk3Jrm" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jul 2015 12:24:42 -0000 --d6d1KVhp94hk3Jrm Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jul 14, 2015 at 05:08:19PM +1000, Jan Mikkelsen wrote: >=20 > > On 13 Jul 2015, at 19:10, Baptiste Daroussin wrote: > >=20 > > On Mon, Jul 13, 2015 at 10:36:28AM +0200, Baptiste Daroussin wrote: > >> On Mon, Jul 13, 2015 at 04:57:32PM +1000, Jan Mikkelsen wrote: > >>> Hi, > >>>=20 > >>> In our system build scripts we have this command: > >>>=20 > >>> /usr/sbin/pw -V $d useradd toor -u 0 -g 0 -d /root -s /bin/sh -c "Bou= rne-again Superuser" -g wheel -o > >>>=20 > >>> After 10.2-BETA1, the toor account is being added with UID 1001 inste= ad of UID 0. This looks like a problem with line 754 in pw_user.c, which ha= s this test: > >>>=20 > >>> /* > >>> * Check the given uid, if any > >>> */ > >>> if (id > 0) { > >>> uid =3D (uid_t) id; > >>>=20 > >>> if ((pwd =3D GETPWUID(uid)) !=3D NULL && conf.checkdup= licate) > >>> errx(EX_DATAERR, "uid `%u' has already been al= located", pwd->pw_uid); > >>> } else { > >>> struct bitmap bm; > >>>=20 > >>>=20 > >>> The (id > 0) test should probably be (id >=3D 0) to allow =E2=80=9C-u= 0=E2=80=9D to be passed on the command line. > >>>=20 > >>> This change is from r285092 by bapt@. Was this change in behaviour in= tentional? > >>=20 > >> Nope, I'll fix asap > >>=20 > >> Thanks for reporting > >>=20 > >> Best regards, > >> Bapt > >=20 > > Fixed in head, will be merged soon in stable, I also added a regression= test > > about this. > >=20 > > Please note that you do add -g 0 and -g wheel in your command line, thi= s is > > buggy, only one should be specified. > >=20 > > Best regards, > > bapt >=20 > The next problem is that the meaning of the -o option seems to have been = reversed. Setting -o sets conf.checkduplicate to true, which is then tested= in the code fragment above. Setting -o is meant to prevent duplicate check= ing, not turn it on. >=20 > My guess is that this isn=E2=80=99t intentional either. >=20 > Also: The policy for auto-allocating group identifiers seems to have chan= ged. For UIDs < 1000 the old pw allocated a GID the same as the UID. This p= w allocates the next available above 1000. I can see an argument for both c= ases and I=E2=80=99ve changed our build scripts to deal with this but I=E2= =80=99m curious: Was this intentional also? >=20 > Regards, >=20 All fixes has been merged: https://svnweb.freebsd.org/base?view=3Drevision&revision=3D285536 Do not hesitate to report other regressions if you do find any more. Thank you very much, Bapt --d6d1KVhp94hk3Jrm Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlWk/4IACgkQ8kTtMUmk6EzEiwCgt7O6PxqLtXG1nQaUJiqRzJyR uFIAoJ2WjcBvyP9jI8RiMnLI+rfErodx =Hf+W -----END PGP SIGNATURE----- --d6d1KVhp94hk3Jrm--