From yohta@bsys.tsukuba.ac.jp  Wed Nov 18 08:46:04 1998
Received: from rishiri.bsys.tsukuba.ac.jp (rishiri.bsys.tsukuba.ac.jp [130.158.223.1])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA29029
          for <FreeBSD-gnats-submit@freebsd.org>; Wed, 18 Nov 1998 08:46:01 -0800 (PST)
          (envelope-from yohta@bsys.tsukuba.ac.jp)
Received: (from yohta@localhost)
	by rishiri.bsys.tsukuba.ac.jp (8.8.8/3.7W) id BAA02656;
	Thu, 19 Nov 1998 01:45:29 +0900 (JST)
Message-Id: <199811181645.BAA02656@rishiri.bsys.tsukuba.ac.jp>
Date: Thu, 19 Nov 1998 01:45:29 +0900 (JST)
From: yohta@bres.tsukuba.ac.jp
To: FreeBSD-gnats-submit@freebsd.org
Subject: adduser permit adding `root' and mail aliased username
X-Send-Pr-Version: 3.2

>Number:         8745
>Category:       bin
>Synopsis:       adduser permit adding `root' and mail aliased username
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    yar
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Nov 18 08:50:01 PST 1998
>Closed-Date:    Fri Feb 15 09:33:44 PST 2002
>Last-Modified:  Fri Feb 15 09:34:30 PST 2002
>Originator:     Yoshihiko OHTA
>Release:        FreeBSD 2.2.7-RELEASE i386
>Organization:
University of Tsukuba
>Environment:

FreeBSD rishiri.bsys.tsukuba.ac.jp 2.2.7-RELEASE FreeBSD 2.2.7-RELEASE #0: Fri
Nov 6 00:01:44 JST 1998
yohta@rishiri.bsys.tsukuba.ac.jp:/usr/src/sys/compile/FMVTP i386

>Description:

adduser(8) checkes username before really add to database if
new username is already used or not. But it can't reject
`root' because its uid = 0 (`if' statement return false).

And I propose to check mail aliases too.

>How-To-Repeat:

# adduser -batch root user default "Charlie &" Password

>Fix:
	
I propose below patch. It may not deal with all potential
problem, and not thought deaply.
I make this patch with 2.2.7-RELEASE(adduser.perl,v 1.19.2.10)
but patchable to FreeBSD-current(adduser.perl,v 1.41).

--- /usr/sbin/adduser	Wed Jul 22 17:15:20 1998
+++ /home/yohta/bin/adduser	Thu Nov 19 01:28:47 1998
@@ -41,6 +41,7 @@
     $home = "/home";		# default HOME
     $etc_shells = "/etc/shells";
     $etc_passwd = "/etc/master.passwd";
+    $sendmail_cf = "/etc/sendmail.cf";
     $group = "/etc/group";
     $pwd_mkdb = "pwd_mkdb -p";	# program for building passwd database
 
@@ -66,6 +67,9 @@
 
     $password = '';		# password for new users
 
+    # mailaliases
+    $aliasname = '';		# mail aliases of sendmail
+
     # group
     $groupname ='';		# $groupname{groupname} = gid
     $groupmembers = '';		# $groupmembers{gid} = members of group/kommalist
@@ -256,6 +260,40 @@
     close P;
 }
 
+# read /etc/aliases and some(if exist)
+sub mailalias_read {
+    local(@aliasfile, $aliases, $item, $description);
+
+    print "Check $sendmail_cf\n" if $verbose;
+    open(A, "$sendmail_cf") || die "$sendmail_cf: $!\n";
+
+    while(<A>) {
+	chop;
+	if (/^O AliasFile=/) {
+	    s/^O AliasFile=//;
+	    s/\s.*$//;
+	    push(@aliasesfile, split(/,/, $_));
+	}
+    }
+    close A;
+
+    foreach $aliases (@aliasesfile) {
+	open(A, $aliases) || die "$aliases: $!\n";
+	while (<A>) {
+	    chop;
+	    # ignore comments
+	    next if /^\s*$/;
+	    next if /^\s*#/;
+	    
+	    ($item, $description) = split(/\s*:\s*/, $_, 2);
+	    print "$item already exists with alias: $aliasname{$item}!\n"
+		if $aliasname{$item} && $verbose;
+	    $aliasname{$item} = $description;
+	}
+	close A;
+    }
+}
+
 # read /etc/group
 sub group_read {
     local($g_groupname,$pw,$g_gid, $memb);
@@ -321,8 +359,17 @@
 	warn "Wrong username. " .
 	    "Please use only lowercase characters or digits\a\n";
 	return 0;
-    } elsif ($username{$name}) {
+    } elsif (defined($username{$name})) {
 	warn "Username ``$name'' already exists!\a\n"; return 0;
+    } elsif ($aliasname{$name})  {
+	warn "Mail alias ``$name'' already exists!\a\n";
+	if ($#batch < 0) {
+	    return 0 unless 
+		&confirm_yn("Really want to continue with this username?", 
+			    "yes");
+	} else {
+	    warn "But going on...\n";
+	}
     }
     return $name;
 }
@@ -1437,6 +1484,7 @@
 &passwd_check;			# check for valid passwdb
 &shells_read;			# read /etc/shells
 &passwd_read;			# read /etc/master.passwd
+&mailalias_read;		# read /etc/aliases and some(if exist)
 &group_read;			# read /etc/group
 &group_check;			# check for incon*
 exit 0 if $check_only;		# only check consistence and exit


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->wosch 
Responsible-Changed-By: wosch 
Responsible-Changed-When: Mon Apr 26 06:26:17 PDT 1999 
Responsible-Changed-Why:  
My area 
Responsible-Changed-From-To: wosch->freebsd-bugs 
Responsible-Changed-By: wosch 
Responsible-Changed-When: Sun Jan 13 03:57:12 PST 2002 
Responsible-Changed-Why:  
I'm no longer the maintainer of adduser. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=8745 
State-Changed-From-To: open->analyzed 
State-Changed-By: yar 
State-Changed-When: Mon Jan 28 10:15:58 PST 2002 
State-Changed-Why:  
The bug concerning root's duplicates has been fixed in -current. 

As for checking mail aliases, the way proposed doesn't seem 
too reasonable since sendmail is not the only MTA around. 
IMHO, let's not touch things beyond the very base of the 
system from adduser(8). 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=8745 
Responsible-Changed-From-To: freebsd-bugs->yar 
Responsible-Changed-By: yar 
Responsible-Changed-When: Mon Jan 28 10:20:05 PST 2002 
Responsible-Changed-Why:  
MFC reminder. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=8745 
State-Changed-From-To: analyzed->closed 
State-Changed-By: yar 
State-Changed-When: Fri Feb 15 09:33:44 PST 2002 
State-Changed-Why:  
The bug fixed in -current and -stable, thanks! 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=8745 
>Unformatted:
