bin/189172: [PATCH] pw usermod breaks on changing username

Thu, 01 May 2014 02:10:25 -0700 

>Number:         189172
>Category:       bin
>Synopsis:       [PATCH] pw usermod breaks on changing username
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu May 01 09:10:00 UTC 2014
>Closed-Date:
>Last-Modified:
>Originator:     Matthew D. Fuller
>Release:        FreeBSD 9.1-STABLE amd64
>Organization:
>Environment:
System: FreeBSD draco.over-yonder.net 9.1-STABLE FreeBSD 9.1-STABLE #0 r251584: 
Sun Jun 9 14:23:33 CDT 2013 
r...@draco.over-yonder.net:/usr/obj/usr/src/sys/DRACO amd64


        
>Description:
        When calling `pw usermod` with -l to change the username, the
        password database doesn't get updated correctly.
        
        pw_mkdb() gets called with the original username (which works fine
        for every OTHER call to usermod), which means that while the
        master.passwd gets the new correct info, the *pwd.db's do not, as
        they get (attemped) updated with a nonexistent username.  As a
        result, the old name remains and the new one isn't brought in.  With
        repeated calls this can lead to multiple lines being added to
        master.passwd, as the scan fails to find what it's looking for and
        keeps trying to add it as a new user.

>How-To-Repeat:
        Add a 'pwtst' user with uid 999

        pw usermod 999 -l pwt
        pw usermod 999 -l pwt
        pw usermod 999 -l pwt

        Look at the 3 pwt lines in [master.]passwd, and how finger(1) shows
        pwtst still but no pwt.

>Fix:


Index: pwupd.c
===================================================================
--- pwupd.c     (revision 264991)
+++ pwupd.c     (working copy)
@@ -150,7 +150,7 @@
                 * in case of deletion of a user, the whole database
                 * needs to be regenerated
                 */
-               if (pw_mkdb(pw != NULL ? user : NULL) == -1) {
+               if (pw_mkdb(pw != NULL ? pw->pw_name : NULL) == -1) {
                        pw_fini();
                        err(1, "pw_mkdb()");
                }

>Release-Note:
>Audit-Trail:
>Unformatted:
_______________________________________________
freebsd-bugs@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

Reply via email to