From nobody@FreeBSD.org  Tue Jun 26 23:13:52 2012
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id EB382106564A
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 26 Jun 2012 23:13:52 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22])
	by mx1.freebsd.org (Postfix) with ESMTP id D5D6C8FC21
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 26 Jun 2012 23:13:52 +0000 (UTC)
Received: from red.freebsd.org (localhost [127.0.0.1])
	by red.freebsd.org (8.14.4/8.14.4) with ESMTP id q5QNDqKr030595
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 26 Jun 2012 23:13:52 GMT
	(envelope-from nobody@red.freebsd.org)
Received: (from nobody@localhost)
	by red.freebsd.org (8.14.4/8.14.4/Submit) id q5QNDq7K030594;
	Tue, 26 Jun 2012 23:13:52 GMT
	(envelope-from nobody)
Message-Id: <201206262313.q5QNDq7K030594@red.freebsd.org>
Date: Tue, 26 Jun 2012 23:13:52 GMT
From: Devin Teske <dteske@FreeBSD.org>
To: freebsd-gnats-submit@FreeBSD.org
Subject: pw(8) deletes group "username" on userdel even if group "username" is not assoc. w/user "username"
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         169471
>Category:       bin
>Synopsis:       [patch] pw(8) deletes group "username" on userdel even if group "username" is not assoc. w/user "username"
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-bugs
>State:          patched
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Jun 26 23:20:06 UTC 2012
>Closed-Date:    
>Last-Modified:  Thu Mar 13 18:30:00 UTC 2014
>Originator:     Devin Teske
>Release:        FreeBSD 9.0-RELEASE i386
>Organization:
FIS Global, Inc.
>Environment:
FreeBSD scribe9.vicor.com 9.0-RELEASE FreeBSD 9.0-RELEASE #0: Tue Jan  3 07:15:25 UTC 2012     root@obrian.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC  i386
>Description:
When performing "pw userdel USERNAME", pw(8) will delete a group by the same name regardless of association (or lack thereof) between a group and a user by the same name.

NOTE: Imagine if you had created a user named "wheel" and then executed "pw userdel wheel". The "wheel" group was just deleted silently without warning. No [simple] mechanism is provided to prevent the deletion of the group when deleting a user by the same name.
>How-To-Repeat:
pw useradd foo -g wheel
# This creates user "foo" with primary gid of existing wheel group (0)
pw groupadd foo
# This adds a group with the same name
pw userdel foo
# This deletes both the user and the group (despite the fact that they are unrelated to each other -- read: user foo was not a member of group foo, nor did it have group foo as its primary gid).
>Fix:
I see a couple solutions, such as:
1. patch pw(8) to not touch groups during userdel (this requires scripts to adjust if they were relying on this feature), or...
2. patch pw(8) to check that the primary gid of the user being deleted is that of the group sharing the same name as the user.

>Release-Note:
>Audit-Trail:

From: Alexander Pyhalov <apyhalov@gmail.com>
To: bug-followup@FreeBSD.org, dteske@FreeBSD.org
Cc:  
Subject: Re: bin/169471: pw(8) deletes group &quot;username&quot; on userdel
 even if group &quot;username&quot; is not assoc. w/user &quot;username&quot;
Date: Sat, 8 Sep 2012 23:12:52 +0400

 --047d7b670717d2cebb04c9358285
 Content-Type: text/plain; charset=ISO-8859-1
 
 This patch should solve the problem.
 
 --
 Best regards,
 Alexander Pyhalov
 
 --047d7b670717d2cebb04c9358285
 Content-Type: text/plain; charset=US-ASCII; name="patch_bin_169471.txt"
 Content-Disposition: attachment; filename="patch_bin_169471.txt"
 Content-Transfer-Encoding: base64
 X-Attachment-Id: f_h6v3cfi90
 
 LS0tIC91c3Ivc3JjL3Vzci5zYmluL3B3L3B3X3VzZXIuYwkyMDEyLTA2LTA2IDIxOjQ3OjQzLjY2
 NjY1MjI1NCArMDQwMAorKysgcHdfdXNlci5jCTIwMTItMDktMDggMjM6MDY6NDAuNjc3NDM1Nzcy
 ICswNDAwCkBAIC0zODUsNiArMzg1LDggQEAKIAkJCWNoYXIgICAgICAgICAgICBmaWxlW01BWFBB
 VEhMRU5dOwogCQkJY2hhciAgICAgICAgICAgIGhvbWVbTUFYUEFUSExFTl07CiAJCQl1aWRfdCAg
 ICAgICAgICAgdWlkID0gcHdkLT5wd191aWQ7CisJCQlzdHJ1Y3QgZ3JvdXAJKmdyOworCQkJY2hh
 cgkJZ3JuYW1lW0xPR05BTUVTSVpFXTsKIAogCQkJaWYgKHN0cmNtcChwd2QtPnB3X25hbWUsICJy
 b290IikgPT0gMCkKIAkJCQllcnJ4KEVYX0RBVEFFUlIsICJjYW5ub3QgcmVtb3ZlIHVzZXIgJ3Jv
 b3QnIik7CkBAIC00MTEsNiArNDEzLDEyIEBACiAJCQkgKi8KIAkJCXNwcmludGYoZmlsZSwgIiVz
 LyVzIiwgX1BBVEhfTUFJTERJUiwgcHdkLT5wd19uYW1lKTsKIAkJCXN0cmxjcHkoaG9tZSwgcHdk
 LT5wd19kaXIsIHNpemVvZihob21lKSk7CisJCQlncj1HRVRHUkdJRChwd2QtPnB3X2dpZCk7CisJ
 CQlpZihncil7CisJCQkJc3RybGNweShncm5hbWUsZ3ItPmdyX25hbWUsTE9HTkFNRVNJWkUpOwor
 CQkJfSBlbHNlIHsKKwkJCQlncm5hbWVbMF09J1wwJzsKKwkJCX0KIAogCQkJcmMgPSBkZWxwd2Vu
 dChwd2QpOwogCQkJaWYgKHJjID09IC0xKQpAQCAtNDI4LDggKzQzNiw4IEBACiAJCQkJCXdhcm4o
 IldBUk5JTkc6IE5JUyBwYXNzd2QgdXBkYXRlIik7CiAJCQkJLyogbm9uLWZhdGFsICovCiAJCQl9
 Ci0KLQkJCWVkaXRncm91cHMoYV9uYW1lLT52YWwsIE5VTEwpOworCQkJaWYoIXN0cm5jbXAoYV9u
 YW1lLT52YWwsZ3JuYW1lLExPR05BTUVTSVpFKSkKKwkJCQllZGl0Z3JvdXBzKGFfbmFtZS0+dmFs
 LCBOVUxMKTsKIAogCQkJcHdfbG9nKGNuZiwgbW9kZSwgV19VU0VSLCAiJXMoJWxkKSBhY2NvdW50
 IHJlbW92ZWQiLCBhX25hbWUtPnZhbCwgKGxvbmcpIHVpZCk7CiAK
 --047d7b670717d2cebb04c9358285--
State-Changed-From-To: open->patched 
State-Changed-By: dteske 
State-Changed-When: Thu Mar 13 18:17:56 UTC 2014 
State-Changed-Why:  
Tested submitted patch successfully and committed with minor style(9) 
changes as SVN r263114. Thanks! (and sorry for the ~18mo delay, ugh). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=169471 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/169471: commit references a PR
Date: Thu, 13 Mar 2014 18:16:50 +0000 (UTC)

 Author: dteske
 Date: Thu Mar 13 18:16:42 2014
 New Revision: 263114
 URL: http://svnweb.freebsd.org/changeset/base/263114
 
 Log:
   Fix pw(8) deletion of group "username" on userdel even if group "username"
   is not associated with user "username". E.g., user "foo" has primary group
   "wheel" and is unassociated with group "foo", yet userdel would delete the
   group "foo" when deleting user "foo" (despite the fact that user "foo" is
   not associated with group "foo" in any way).
   
   Patch committed with minor style(9) changes.
   
   PR:		bin/169471
   Submitted by:	Alexander Pyhalov <apyhalov@gmail.com>
 
 Modified:
   head/usr.sbin/pw/pw_user.c
 
 Modified: head/usr.sbin/pw/pw_user.c
 ==============================================================================
 --- head/usr.sbin/pw/pw_user.c	Thu Mar 13 18:11:42 2014	(r263113)
 +++ head/usr.sbin/pw/pw_user.c	Thu Mar 13 18:16:42 2014	(r263114)
 @@ -380,6 +380,8 @@ pw_user(struct userconf * cnf, int mode,
  			char            file[MAXPATHLEN];
  			char            home[MAXPATHLEN];
  			uid_t           uid = pwd->pw_uid;
 +			struct group    *gr;
 +			char            grname[LOGNAMESIZE];
  
  			if (strcmp(pwd->pw_name, "root") == 0)
  				errx(EX_DATAERR, "cannot remove user 'root'");
 @@ -406,6 +408,11 @@ pw_user(struct userconf * cnf, int mode,
  			 */
  			sprintf(file, "%s/%s", _PATH_MAILDIR, pwd->pw_name);
  			strlcpy(home, pwd->pw_dir, sizeof(home));
 +			gr = GETGRGID(pwd->pw_gid);
 +			if (gr != NULL)
 +				strlcpy(grname, gr->gr_name, LOGNAMESIZE);
 +			else
 +				grname[0] = '\0';
  
  			rc = delpwent(pwd);
  			if (rc == -1)
 @@ -426,7 +433,8 @@ pw_user(struct userconf * cnf, int mode,
  
  			grp = GETGRNAM(a_name->val);
  			if (grp != NULL &&
 -			    (grp->gr_mem == NULL || *grp->gr_mem == NULL))
 +			    (grp->gr_mem == NULL || *grp->gr_mem == NULL) &&
 +			    strcmp(a_name->val, grname) == 0)
  				delgrent(GETGRNAM(a_name->val));
  			SETGRENT();
  			while ((grp = GETGRENT()) != NULL) {
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
>Unformatted:
