From nobody@FreeBSD.org  Mon Sep 27 11:10:31 2010
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id C9A311065696
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 27 Sep 2010 11:10:31 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id B99D28FC17
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 27 Sep 2010 11:10:31 +0000 (UTC)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id o8RBATld037533
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 27 Sep 2010 11:10:29 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id o8RBAT5L037514;
	Mon, 27 Sep 2010 11:10:29 GMT
	(envelope-from nobody)
Message-Id: <201009271110.o8RBAT5L037514@www.freebsd.org>
Date: Mon, 27 Sep 2010 11:10:29 GMT
From: "&#21608;&#26472;" <zrcvic@foxmail.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: 'adduser' problem of directory mode
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         150988
>Category:       bin
>Synopsis:       adduser(8) problem of directory mode
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Sep 27 11:20:02 UTC 2010
>Closed-Date:    
>Last-Modified:  Thu Jun  6 19:10:00 UTC 2013
>Originator:     &#21608;&#26472;
>Release:        FreeBSD 8.1
>Organization:
>Environment:
FreeBSD 8.1-RELEASE FreeBSD 8.1-RELEASE #0: Mon Jul 19 02:55:53 UTC 2010  root@almeida.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC  i386
>Description:
I do not have any initial user except 'root', so there is no /home or /usr/home directory on my system. Then I 'adduser' and set the '/home/myuser' permission to 0700, and the bug appears.

'adduser' tool created a /home directory and then a /home/myuser directory, and set both permission to 0700! The /home directory is owned by root, so the newly created user have no permission to access its own directory!
>How-To-Repeat:
1. remove the /home and /usr/home directory

2. adduser, when it says 'Home directory permissions (Leave empty for default):', input 0700

3. login as the new user
>Fix:


>Release-Note:
>Audit-Trail:

From: jhell <jhell@DataIX.net>
To: zrcvic@foxmail.com
Cc: freebsd-gnats-submit@freebsd.org
Subject: Re: misc/150988: 'adduser' problem of directory mode
Date: Mon, 27 Sep 2010 11:50:43 -0400

 I have verified this does happen. I the case that I tested was with a
 bare jail using a base install of 8.1-RELEASE i386 dvd & most recent
 stable/8 image.
 
 # pwd
 /usr
 # ls -l
 total 44
 drwxr-xr-x   2 root  wheel  445 Jul 19 02:24 bin
 drwx------   3 root  wheel    3 Sep 27 15:41 home
 drwxr-xr-x  47 root  wheel  272 Jul 19 02:24 include
 drwxr-xr-x   6 root  wheel  390 Jul 19 02:57 lib
 drwxr-xr-x   5 root  wheel    5 Jul 19 02:23 libdata
 drwxr-xr-x   5 root  wheel   60 Jul 19 02:24 libexec
 drwxr-xr-x   2 root  wheel    2 Jul 19 02:23 local
 drwxr-xr-x   2 root  wheel  275 Jul 19 02:24 sbin
 drwxr-xr-x  20 root  wheel   20 Jul 19 02:57 share
 drwxr-xr-x   2 root  wheel    2 Jul 19 02:23 src
 
 
 -- 
 
  jhell,v

From: Dmitry Banshchikov <ubique@peterhost.ru>
To: bug-followup@FreeBSD.org, zrcvic@foxmail.com
Cc:  
Subject: Re: bin/150988: adduser(8) problem of directory mode
Date: Fri, 22 Oct 2010 13:16:57 +0400

 Hello,
 
 adduser is shell script, which runs pw utility with gathered arguments.
 There is a check for existence of a home directory in pw_user.c, and if
 homedir does not exist pw will create it with the permissions of target
 user directory (Set by example with -M option to pw). Should pw always
 create homedir with permissions 755 to be accessible by all users?
 
 
 --- pw_user.c	2010-10-22 12:53:19.000000000 +0400
 +++ pw_user.c	2010-10-22 12:56:11.000000000 +0400
 @@ -186,7 +186,10 @@
  			if (strchr(cnf->home+1, '/') == NULL) {
  				strcpy(dbuf, "/usr");
  				strncat(dbuf, cnf->home, MAXPATHLEN-5);
 -				if (mkdir(dbuf, cnf->homemode) != -1 || errno == EEXIST) {
 +				/* Home directory should be accessible by all users,
 +				 * so by default set permissions to 0755
 +				 */
 +				if (mkdir(dbuf, 0755) != -1 || errno == EEXIST) {
  					chown(dbuf, 0, 0);
  					/*
  					 * Skip first "/" and create symlink:
 @@ -202,7 +205,7 @@
  				while ((p = strchr(++p, '/')) != NULL) {
  					*p = '\0';
  					if (stat(dbuf, &st) == -1) {
 -						if (mkdir(dbuf, cnf->homemode) == -1)
 +						if (mkdir(dbuf, 0755) == -1)
  							goto direrr;
  						chown(dbuf, 0, 0);
  					} else if (!S_ISDIR(st.st_mode))
 
 
 -- 
 
 Dmitry Banshchikov

From: Guy Helmer <guy.helmer@gmail.com>
To: bug-followup@FreeBSD.org,
 zrcvic@foxmail.com
Cc:  
Subject: Re: bin/150988: adduser(8) problem of directory mode
Date: Thu, 6 Jun 2013 14:03:02 -0500

 I see that jkim changed the directory creation code to use _DEF_DIRMODE =
 (which is defined in pw.h as S_IRWXU | S_IRWXG | S_IRWXO) in rev 219408.
 
 However, I would expect mkdir() to follow the umask value, so I would =
 not expect your suggested patch to result in any functional difference. =
 I would expect that we should instead chmod() after mkdir() to apply a =
 useful access mode to the directory after creation, or temporarily =
 change the umask before mkdir().
 
>Unformatted:
