Package: adduser
Version: 3.134
Severity: wishlist
Tags: patch
Dear Maintainer,
The UID_POOL (and GID_POOL) files contains UIDs that should be used for given
name. It would be helpful to reserve the UIDs for the future, so that the order
of adding users to the system won't affect the usability of the UIDs/names.
I.e. if a UID is in the pool, it won't be used unless for the specific name in
the pool.
Attached is a patch that accompilshes this. The RESERVE_UID_POOL and
RESERVE_GID_POOL configurations can be used to enable/disable this feature.
This could also be used to solve bug 248500.
Thanks,
Yair.
-- System Information:
Debian Release: 12.5
APT prefers stable-security
APT policy: (990, 'stable-security'), (990, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.6.20-aufs-1 (SMP w/32 CPU threads; PREEMPT)
Kernel taint flags: TAINT_CPU_OUT_OF_SPEC
Locale: LANG=en_IL.UTF-8, LC_CTYPE=en_IL.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages adduser depends on:
ii passwd 1:4.13+dfsg1-1+b1
adduser recommends no packages.
Versions of packages adduser suggests:
ii cron 3.0pl1-162
ii liblocale-gettext-perl 1.07-5
ii perl 5.36.0-7+deb12u1
ii quota 4.06-1+b2
-- Configuration Files:
/etc/adduser.conf changed [not included]
-- no debconf information
--- a/AdduserCommon.pm
+++ b/AdduserCommon.pm
@@ -132,7 +132,7 @@
if ($type eq "uid") {
($name, $id, $comment, $home, $shell) = split (/:/);
if (!$name || $name !~ /^([_a-zA-Z0-9-]+)$/ ||
- !$id || $id !~ /^(\d+)$/) {
+ !defined($id) || $id !~ /^(\d+)$/) {
warnf gtx("Couldn't parse `%s', line %d.\n"),$pool_file,$.;
next;
}
@@ -145,7 +145,7 @@
} elsif ($type eq "gid") {
($name, $id) = split (/:/);
if (!$name || $name !~ /^([_a-zA-Z0-9-]+)$/ ||
- !$id || $id !~ /^(\d+)$/) {
+ !defined($id) || $id !~ /^(\d+)$/) {
warnf gtx("Couldn't parse `%s', line %d.\n"),$pool_file,$.;
next;
}
@@ -314,6 +314,8 @@
add_extra_groups => 0,
uid_pool => "",
gid_pool => "",
+ reserve_uid_pool => 1,
+ reserve_gid_pool => 1,
);
# Initialize to the set of known variables.
--- a/adduser
+++ b/adduser
@@ -123,6 +123,8 @@
my $perm = undef;
my %uid_pool;
my %gid_pool;
+my %reserved_uid_pool;
+my %reserved_gid_pool;
our @names;
@@ -260,9 +262,15 @@
# read the uid and gid pool
if ($config{"uid_pool"}) {
read_pool ($config{"uid_pool"}, "uid", \%uid_pool);
+ if ($config{"reserve_uid_pool"}) {
+ %reserved_uid_pool = map {$uid_pool{$_}{id} => $_} keys %uid_pool;
+ }
}
if ($config{"gid_pool"}) {
read_pool ($config{"gid_pool"}, "gid", \%gid_pool);
+ if ($config{"reserve_gid_pool"}) {
+ %reserved_gid_pool = map {$gid_pool{$_}{id} => $_} keys %gid_pool;
+ }
}
&checkname($new_name) if defined $new_name;
@@ -1128,7 +1136,7 @@
my $t = $min;
while ($t <= $max) {
- return $t if (!defined(getpwuid($t)));
+ return $t if (!exists($reserved_uid_pool{$t}) and
!defined(getpwuid($t)));
$t++;
}
return -1; # nothing available
@@ -1151,7 +1159,7 @@
my $t = $min;
while ($t <= $max) {
- return $t if (!defined(getgrgid($t)));
+ return $t if (!exists($reserved_gid_pool{$t}) and
!defined(getgrgid($t)));
$t++;
}
return -1; # nothing available
@@ -1175,7 +1183,8 @@
my $t = $min;
while ($t <= $max) {
- return $t if (!defined(getgrgid($t)) && !defined(getpwuid($t)));
+ return $t if (!exists($reserved_uid_pool{$t}) &&
!exists($reserved_gid_pool{$t}) &&
+ !defined(getgrgid($t)) && !defined(getpwuid($t)));
$t++;
}
return -1; # nothing available
