Skip site navigation (1)Skip section navigation (2) 
Date:      Thu,  1 May 2014 04:04:11 -0500 (CDT)
From:      "Matthew D.Fuller" <fullermd@over-yonder.net>
To:        FreeBSD-gnats-submit@freebsd.org
Subject:   bin/189172: [PATCH] pw usermod breaks on changing username
Message-ID:  <3gK9d75Gycz2VH@draco.over-yonder.net>
Resent-Message-ID: <201405010910.s419A0A1049405@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         189172
>Category:       bin
>Synopsis:       [PATCH] pw usermod breaks on changing username
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu May 01 09:10:00 UTC 2014
>Closed-Date:
>Last-Modified:
>Originator:     Matthew D. Fuller
>Release:        FreeBSD 9.1-STABLE amd64
>Organization:
>Environment:
System: FreeBSD draco.over-yonder.net 9.1-STABLE FreeBSD 9.1-STABLE #0 r251584: Sun Jun 9 14:23:33 CDT 2013 root@draco.over-yonder.net:/usr/obj/usr/src/sys/DRACO amd64


	
>Description:
	When calling `pw usermod` with -l to change the username, the
	password database doesn't get updated correctly.
	
	pw_mkdb() gets called with the original username (which works fine
	for every OTHER call to usermod), which means that while the
	master.passwd gets the new correct info, the *pwd.db's do not, as
	they get (attemped) updated with a nonexistent username.  As a
	result, the old name remains and the new one isn't brought in.  With
	repeated calls this can lead to multiple lines being added to
	master.passwd, as the scan fails to find what it's looking for and
	keeps trying to add it as a new user.

>How-To-Repeat:
	Add a 'pwtst' user with uid 999

	pw usermod 999 -l pwt
	pw usermod 999 -l pwt
	pw usermod 999 -l pwt

	Look at the 3 pwt lines in [master.]passwd, and how finger(1) shows
	pwtst still but no pwt.

>Fix:


Index: pwupd.c
===================================================================
--- pwupd.c	(revision 264991)
+++ pwupd.c	(working copy)
@@ -150,7 +150,7 @@
 		 * in case of deletion of a user, the whole database
 		 * needs to be regenerated
 		 */
-		if (pw_mkdb(pw != NULL ? user : NULL) == -1) {
+		if (pw_mkdb(pw != NULL ? pw->pw_name : NULL) == -1) {
 			pw_fini();
 			err(1, "pw_mkdb()");
 		}

>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3gK9d75Gycz2VH>