NetBSD Problem Report #24702

Received: (qmail 27981 invoked by uid 605); 8 Mar 2004 04:17:35 -0000
Message-Id: <20040308041730.GA22513@epita.fr>
Date: Mon, 8 Mar 2004 05:17:30 +0100
From: gabriel ware <ware_g@epita.fr>
Sender: gnats-bugs-owner@NetBSD.org
To: "Todd C. Miller" <Todd.Miller@courtesan.com>
Cc: bugs@cvs.openbsd.org, netbsd-help@netbsd.org, gnats-bugs@gnats.netbsd.org
In-Reply-To: <200403031915.i23JF1vq012718@cvs.openbsd.org>
Subject: Re: user/3698: chsh incorrectly changes login name
References: <200403031915.i23JF1vq012718@cvs.openbsd.org>

>Number:         24702
>Category:       bin
>Synopsis:       chsh incorrectly changes login name
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Mar 08 04:18:00 +0000 2004
>Closed-Date:    
>Last-Modified:  Mon Mar 22 06:10:42 +0000 2004
>Originator:     
>Release:        
>Organization:
>Environment:
>Description:
 On Wed, Mar 03, 2004 at 12:15:01PM -0700, Todd C. Miller wrote:
 > The following reply was made to PR user/3698; it has been noted by GNATS.
 > 
 > From: "Todd C. Miller" <Todd.Miller@courtesan.com>
 > 
 >  There are two problems:
 >   1) pw_copy(3) matches existing entries based on the passed in passwd struct
 >      This can be fixed by adding an additional username param.

 Since its behavior is the same as the man page describes I don't think
 pw_copy needs a fix. And as you said it'll end up breaking all the
 packages using pw_copy.

 >  
 >   2) chpass is calling pw_mkdb with a username even if the username changed.
 >      This can be fixed in chpass itself.
 >

 I don't really understand why is it a bug, could you explain ?

 >  Both of these are fixable but #1 will affect other consumers of pw_copy()
 >  

 Maybe we should use another function to copy to /etc/ptmp instead of
 pw_copy. If the old pw_name differs from the new one we should use a
 function like the one used in userdel. Otherwise we can use pw_copy.

 Below is a patch I made to the netbsd's chpass. It seems to work.
 I hope I didn't break anything.

 If you want me to make the same patch to OpenBSD you just have to ask ;)

 Best regards,
   Gabriel

 patch : apply to chpass.c
 -------------------------------------------------
 64a65,66
 > #define MAXENTRYLEN 2048
 > 
 91a94,99
 > 	char buf[MAXENTRYLEN];
 > 	char *colon;
 > 	int  namlen, collen, len, cc, error;
 > 	FILE *master;
 > 
 > 	master = NULL;
 274a283,331
 > 	if (strcmp(pw->pw_name, old_pw.pw_name)) {
 > 	  if ((master = fdopen(pfd, "r")) == NULL) {
 > 	    pw_abort();
 > 	    err(-1, "can't open fd for %s", _PATH_MASTERPASSWD);
 > 	  }
 > 	  namlen = strlen(old_pw.pw_name);
 > 	  while (fgets(buf, sizeof(buf), master)) {
 > 	    if ((colon = strchr(buf, ':')) == NULL) {
 > 	      warnx("Malformed entry %s. Skipping", buf);
 > 	      continue ;
 > 	    }
 > 	    collen = (size_t) (colon - buf);
 > 	    if (namlen == collen && 
 > 		strncmp(old_pw.pw_name, buf, namlen) == 0) {
 > 	      /* modifying login entry */
 > 	      len = snprintf(buf, sizeof(buf), "%s:%s:%d:%d:"
 > #ifdef EXTENSIONS
 > 		  				"%s"
 > #endif
 > 						":%ld:%ld:%s:%s:%s\n",
 > 				pw->pw_name,
 > 				pw->pw_passwd,
 > 				pw->pw_uid,
 > 				pw->pw_gid,
 > #ifdef EXTENSIONS
 > 				pw->pw_class,
 > #endif 
 > 				(long)pw->pw_change,
 > 				(long)pw->pw_expire,
 > 				pw->pw_gecos,
 > 				pw->pw_dir,
 > 				pw->pw_shell);
 > 	      if (write(tfd, buf, len) != len) {
 > 		pw_abort();
 > 		err(-1, "can't add '%s'", buf);
 > 	      }
 > 	    } else {
 > 	      /* copying */
 > 	      len = strlen(buf);
 > 	      if ((cc = write(tfd, buf, len)) != len) {
 > 		pw_abort();
 > 		err(-1, "short write to /etc/ptmp (%lld not %lld chars)",
 > 		    (long long)cc,
 > 		    (long long)len);
 > 	      }
 > 	    }
 > 	
 > 	  }
 > 	} else {
 275a333
 > 	}
 278,279c336,342
 < 	if (pw_mkdb(username, 0) < 0)
 < 		pw_error(NULL, 0, 1);
 ---
 > 	if (strcmp(pw->pw_name, old_pw.pw_name) == 0)
 > 	  error = pw_mkdb(username, 0);
 > 	else
 > 	  error = pw_mkdb(NULL, 0);
 > 
 > 	if (error < 0)
 > 	  pw_error(NULL, 0, 1);

 -- 
 Gabriel WARE
 tel  :  06 64 35 91 19
 mail :  ware_g@epita.fr
 http://www.epita.fr/~ware_g
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:

 This is OpenBSD PR: user/3698, apparently.

Responsible-Changed-From-To: gnats-admin->bin-bug-people 
Responsible-Changed-By: fair 
Responsible-Changed-When: Mon Mar 22 06:06:40 UTC 2004 
Responsible-Changed-Why:  

This was not a PR, but deserves review, and therefore has been 
reformatted as a proper problem report and is assigned to the 
proper category and default responsible party. 
>Unformatted:

Home	PR Database Search