Date: Mon, 16 Sep 96 10:27:27 -0700 From: Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca> To: freebsd-security@freebsd.org Cc: cy@passer.osg.gov.bc.ca Subject: Vipw/pwd_mkdb Bug (?) Message-ID: <199609161727.KAA27232@passer.osg.gov.bc.ca>
next in thread | raw e-mail | index | archive | help
I had the opportunity to upgrade from 2.1R to 2.1.5 and have found a rather
interesting bug in vipw and pwd_mkdb. My envronment consists of two machines in
an NIS domain. (NIS security is not an issue since these machines are not
connected to the Internet except for an hour or two a day via a dialup line with
kernel firewalling enabled).
Everything worked fine until I did a vipw. After that no NIS users could log in
on the machine that the vipw was performed. When I restored, from backup,
master.passwd, passwd, spwd.db, and pwd.db, NIS users could once again log in.
I subsequently tried pwd_mkdb from 2.1R on the 2.1.5 system and NIS users could
still log in. (I assume the 2.1R version of vipw would have worked as well). I
then compiled pwd_mkdb.c with the 2.1 version of pwd.h. NIS users could still
use log in. I tried the -current version of pwd_mkdb and NIS users could not
log in.
I noticed that ls and ps worked while login and su did not for NIS users, so the
problem appears to be related to getpwnam(2).
I started to look at the differences between the 2.1R and the 2.1.5 version of
pwd_mkdb and after a little bit of hacking I've managed to isolate the problem,
though I cannot explain why it works.
Since I don't have the source here with me I'll try to explain the problem from
memory. Pwd_mkdb appears to have been changed to replace the "pluscnt" and
"minuscnt" variables with a "ypcnt" variable. Adding some code to pwd_mkdb to
write ypcnt to the database with the same key as the old _PW_KEYYPPLUSCNT key
used in the 2.1R pwd_mkdb appears to have fixed the problem, however I don't
fully understand why since getpwnam(2) doesn't appear to reference that key.
In short I with the new pwd_mkdb and vipw, the "+" is not handled properly since
the count of lines containing "+" or "-" is not written to the database, or
getpwnam(2) is using this informatin and I cannot see it.
Any ideas?
Regards, Phone: (604)389-3827
Cy Schubert OV/VM: BCSC02(CSCHUBER)
Open Systems Support BITNET: CSCHUBER@BCSC02.BITNET
ITSD Internet: cschuber@uumail.gov.bc.ca
cschuber@bcsc02.gov.bc.ca
"Quit spooling around, JES do it."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199609161727.KAA27232>