Date: Mon, 17 Mar 2014 08:33:33 GMT From: Tomasz Walaszek <tmwalaszek@gmail.com> To: freebsd-gnats-submit@FreeBSD.org Subject: misc/187653: 'pw user mod' is creating users instead of changing them. Message-ID: <201403170833.s2H8XX65068629@cgiserv.freebsd.org> Resent-Message-ID: <201403170840.s2H8e0Aj064411@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 187653 >Category: misc >Synopsis: 'pw user mod' is creating users instead of changing them. >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Mar 17 08:40:00 UTC 2014 >Closed-Date: >Last-Modified: >Originator: Tomasz Walaszek >Release: FreeBSD 10.0 >Organization: >Environment: FreeBSD ldap 10.0-RELEASE FreeBSD 10.0-RELEASE #0 r260789: Thu Jan 16 22:34:59 UTC 2014 root@snap.freebsd.org:/usr/obj/usr/src/sys/GENERIC amd64 >Description: In my setup the system is searching for users in 2 sources, files and ldap. passwd: files ldap If we have for example user 'test' in our ldap database and we try to change shell for user 'test' we will see strange behaviour: root@ldap:~ # getent passwd | grep test test:*:1000:1000:test:/home/test:/usr/local/bin/bash root@ldap:~ # grep 'test' /etc/passwd root@ldap:~ # root@ldap:~ # pw mod user -n test -s /bin/sh root@ldap:~ # grep 'test' /etc/passwd test:*:1000:1000:test:/home/test:/bin/sh root@ldap:~ # root@ldap:~ # getent passwd | grep test test:*:1000:1000:test:/home/test:/bin/sh test:*:1000:1000:test:/home/test:/usr/local/bin/bash The pw tool created new user instead of fail with 'no such user' message. Maybe this is desirable behaviour but in my opinion 'mod' switch should only change users not creating them. >How-To-Repeat: To repeat the problem we need to setup ldap server and configure our system to use it as the user source. After that create in ldap user 'test' and try to change it shell using pw. >Fix: This behavior is caused by getpwnam getpwuid functions. Pw uses those functions to search for the users, when we have user test in ldap those function will return it. Pw dont know anything about ldap so it will create new entry in passwd files. Fixes: 1. Use pw with -V /etc. Pw with -V will not use getpwnam getpwuid but vgetpnam, vgetpwuid and search for the users in passwd files in /etc directory. 2. Mayebe use functions defined in struct pwf VPWF ? >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201403170833.s2H8XX65068629>