From kazulakm@vol2.iem.pw.edu.pl  Fri Dec  7 23:07:06 2007
Return-Path: <kazulakm@vol2.iem.pw.edu.pl>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id BCE4716A41A
	for <FreeBSD-gnats-submit@freebsd.org>; Fri,  7 Dec 2007 23:07:06 +0000 (UTC)
	(envelope-from kazulakm@vol2.iem.pw.edu.pl)
Received: from vol2.iem.pw.edu.pl (vol2.iem.pw.edu.pl [194.29.146.33])
	by mx1.freebsd.org (Postfix) with ESMTP id 7B38B13C469
	for <FreeBSD-gnats-submit@freebsd.org>; Fri,  7 Dec 2007 23:07:06 +0000 (UTC)
	(envelope-from kazulakm@vol2.iem.pw.edu.pl)
Received: by vol2.iem.pw.edu.pl (Postfix, from userid 5382)
	id BF40FA666B2; Fri,  7 Dec 2007 23:50:15 +0100 (CET)
Message-Id: <20071207225015.BF40FA666B2@vol2.iem.pw.edu.pl>
Date: Fri,  7 Dec 2007 23:50:15 +0100 (CET)
From: Maciej Kazulak <kazulakm@iem.pw.edu.pl>
Reply-To: Maciej Kazulak <kazulakm@iem.pw.edu.pl>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: pw usershow doesn't print password hashes when run as root
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         118488
>Category:       bin
>Synopsis:       [patch] pw(8) usershow doesn't print password hashes when run as root
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Dec 07 23:10:02 UTC 2007
>Closed-Date:    Sat Apr 04 19:52:30 UTC 2009
>Last-Modified:  Sat Apr 04 19:52:30 UTC 2009
>Originator:     Maciej Kazulak
>Release:        FreeBSD 8.0-CURRENT amd64
>Organization:
>Environment:
System: FreeBSD vol2 8.0-CURRENT FreeBSD 8.0-CURRENT #4: Mon Nov 19 21:24:34 CET 2007 ato@vol2:/tmp/obj/usr/src/sys/VOLT64 amd64


	
>Description:
$ sudo pw usershow test
test:*:1002:1002::0:0:test:/home/test:/bin/sh

Even when run as root pw won't print password hashes. This is due to the
way fmtpwentry() is called inside print_user().

fmtpwentry(buf, pwd, v7 ? PWF_PASSWD : PWF_STANDARD);

For the hash to be printed the third argument (type) must be PWF_MASTER.
From pwupd.h:

enum pwdfmttype
{
        PWF_STANDARD,           /* MASTER format but with '*' as password
*/
        PWF_PASSWD,             /* V7 format */
        PWF_GROUP = PWF_PASSWD,
        PWF_MASTER              /* MASTER format with password */
};

>How-To-Repeat:
	
>Fix:
Make print_user() pass PWF_MASTER to fmtpwentry() if -7 was not given on
the command line and euid == 0.

--- patch.diff begins here ---
--- /usr/src/usr.sbin/pw/pw_user.c.orig 2007-12-07 01:04:47.000000000 +0100
+++ /usr/src/usr.sbin/pw/pw_user.c      2007-12-07 02:52:40.000000000 +0100
@@ -1146,7 +1146,7 @@
        if (!pretty) {
                char            buf[_UC_MAXLINE];

-               fmtpwentry(buf, pwd, v7 ? PWF_PASSWD : PWF_STANDARD);
+               fmtpwentry(buf, pwd, v7 ? PWF_PASSWD : (geteuid() ? PWF_STANDARD : PWF_MASTER));
                fputs(buf, stdout);
        } else {
                int             j;
--- patch.diff ends here ---


>Release-Note:
>Audit-Trail:

From: Jaakko Heinonen <jh@saunalahti.fi>
To: bug-followup@FreeBSD.org, kazulakm@iem.pw.edu.pl
Cc:  
Subject: Re: bin/118488: [patch] pw(8) usershow doesn't print password
	hashes when run as root
Date: Thu, 27 Mar 2008 10:31:06 +0200

 Why do you think this is a bug?
 
 From pw(8) manual page:
 
      The usershow command allows viewing of an account in one of two formats.
      By default, the format is identical to the format used in
      /etc/master.passwd with the password field replaced with a `*'.  If the
      -P option is used, then pw outputs the account details in a more human
      readable form.  If the -7 option is used, the account details are shown
      in v7 format.  The -a option lists all users currently on file.  Using -F
      forces pw to print the details of an account even if it does not exist.
 
 Maybe you intended to file this as a change-request? If so, you need to
 patch the manual page too.
 
 -- 
 Jaakko
State-Changed-From-To: open->feedback 
State-Changed-By: vwe 
State-Changed-When: Fri Mar 28 14:08:58 UTC 2008 
State-Changed-Why:  

Note that submitter has been asked for feedback. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=118488 
State-Changed-From-To: feedback->closed  
State-Changed-By: brucec 
State-Changed-When: Sat Apr 4 19:51:51 UTC 2009 
State-Changed-Why:  
Feedback timeout (12 months) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=118488 
>Unformatted:
