NetBSD Problem Report #24702
Received: (qmail 27981 invoked by uid 605); 8 Mar 2004 04:17:35 -0000
Message-Id: <20040308041730.GA22513@epita.fr>
Date: Mon, 8 Mar 2004 05:17:30 +0100
From: gabriel ware <ware_g@epita.fr>
Sender: gnats-bugs-owner@NetBSD.org
To: "Todd C. Miller" <Todd.Miller@courtesan.com>
Cc: bugs@cvs.openbsd.org, netbsd-help@netbsd.org, gnats-bugs@gnats.netbsd.org
In-Reply-To: <200403031915.i23JF1vq012718@cvs.openbsd.org>
Subject: Re: user/3698: chsh incorrectly changes login name
References: <200403031915.i23JF1vq012718@cvs.openbsd.org>
>Number: 24702
>Category: bin
>Synopsis: chsh incorrectly changes login name
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: bin-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Mon Mar 08 04:18:00 +0000 2004
>Closed-Date:
>Last-Modified: Mon Mar 22 06:10:42 +0000 2004
>Originator:
>Release:
>Organization:
>Environment:
>Description:
On Wed, Mar 03, 2004 at 12:15:01PM -0700, Todd C. Miller wrote:
> The following reply was made to PR user/3698; it has been noted by GNATS.
>
> From: "Todd C. Miller" <Todd.Miller@courtesan.com>
>
> There are two problems:
> 1) pw_copy(3) matches existing entries based on the passed in passwd struct
> This can be fixed by adding an additional username param.
Since its behavior is the same as the man page describes I don't think
pw_copy needs a fix. And as you said it'll end up breaking all the
packages using pw_copy.
>
> 2) chpass is calling pw_mkdb with a username even if the username changed.
> This can be fixed in chpass itself.
>
I don't really understand why is it a bug, could you explain ?
> Both of these are fixable but #1 will affect other consumers of pw_copy()
>
Maybe we should use another function to copy to /etc/ptmp instead of
pw_copy. If the old pw_name differs from the new one we should use a
function like the one used in userdel. Otherwise we can use pw_copy.
Below is a patch I made to the netbsd's chpass. It seems to work.
I hope I didn't break anything.
If you want me to make the same patch to OpenBSD you just have to ask ;)
Best regards,
Gabriel
patch : apply to chpass.c
-------------------------------------------------
64a65,66
> #define MAXENTRYLEN 2048
>
91a94,99
> char buf[MAXENTRYLEN];
> char *colon;
> int namlen, collen, len, cc, error;
> FILE *master;
>
> master = NULL;
274a283,331
> if (strcmp(pw->pw_name, old_pw.pw_name)) {
> if ((master = fdopen(pfd, "r")) == NULL) {
> pw_abort();
> err(-1, "can't open fd for %s", _PATH_MASTERPASSWD);
> }
> namlen = strlen(old_pw.pw_name);
> while (fgets(buf, sizeof(buf), master)) {
> if ((colon = strchr(buf, ':')) == NULL) {
> warnx("Malformed entry %s. Skipping", buf);
> continue ;
> }
> collen = (size_t) (colon - buf);
> if (namlen == collen &&
> strncmp(old_pw.pw_name, buf, namlen) == 0) {
> /* modifying login entry */
> len = snprintf(buf, sizeof(buf), "%s:%s:%d:%d:"
> #ifdef EXTENSIONS
> "%s"
> #endif
> ":%ld:%ld:%s:%s:%s\n",
> pw->pw_name,
> pw->pw_passwd,
> pw->pw_uid,
> pw->pw_gid,
> #ifdef EXTENSIONS
> pw->pw_class,
> #endif
> (long)pw->pw_change,
> (long)pw->pw_expire,
> pw->pw_gecos,
> pw->pw_dir,
> pw->pw_shell);
> if (write(tfd, buf, len) != len) {
> pw_abort();
> err(-1, "can't add '%s'", buf);
> }
> } else {
> /* copying */
> len = strlen(buf);
> if ((cc = write(tfd, buf, len)) != len) {
> pw_abort();
> err(-1, "short write to /etc/ptmp (%lld not %lld chars)",
> (long long)cc,
> (long long)len);
> }
> }
>
> }
> } else {
275a333
> }
278,279c336,342
< if (pw_mkdb(username, 0) < 0)
< pw_error(NULL, 0, 1);
---
> if (strcmp(pw->pw_name, old_pw.pw_name) == 0)
> error = pw_mkdb(username, 0);
> else
> error = pw_mkdb(NULL, 0);
>
> if (error < 0)
> pw_error(NULL, 0, 1);
--
Gabriel WARE
tel : 06 64 35 91 19
mail : ware_g@epita.fr
http://www.epita.fr/~ware_g
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
This is OpenBSD PR: user/3698, apparently.
Responsible-Changed-From-To: gnats-admin->bin-bug-people
Responsible-Changed-By: fair
Responsible-Changed-When: Mon Mar 22 06:06:40 UTC 2004
Responsible-Changed-Why:
This was not a PR, but deserves review, and therefore has been
reformatted as a proper problem report and is assigned to the
proper category and default responsible party.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.