Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 28 Jul 2015 21:49:39 +0000 (UTC)
From:      Baptiste Daroussin <bapt@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r285989 - head/usr.sbin/pw
Message-ID:  <201507282149.t6SLndDQ050933@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: bapt
Date: Tue Jul 28 21:49:38 2015
New Revision: 285989
URL: https://svnweb.freebsd.org/changeset/base/285989

Log:
  Reject usermod and userdel if the user concerned is not on the user database
  supposed to be manipulated
  
  This prevent pw usermod creating a new local user when requesting to usermod on
  a username is defined in LDAP.
  
  This issue only happens when modifying the local user database (not inpacting
  commands when -V or -R are used).
  
  PR:		187653
  Submitted by:	tmwalaszek@gmail.com

Modified:
  head/usr.sbin/pw/pw_user.c

Modified: head/usr.sbin/pw/pw_user.c
==============================================================================
--- head/usr.sbin/pw/pw_user.c	Tue Jul 28 21:47:37 2015	(r285988)
+++ head/usr.sbin/pw/pw_user.c	Tue Jul 28 21:49:38 2015	(r285989)
@@ -310,6 +310,7 @@ pw_user(int mode, char *name, long id, s
 	FILE	       *fp;
 	char *dmode_c;
 	void *set = NULL;
+	int valid_type = _PWF_FILES;
 
 	static struct passwd fakeuser =
 	{
@@ -505,6 +506,14 @@ pw_user(int mode, char *name, long id, s
 			errx(EX_NOUSER, "no such user `%s'", name);
 		}
 
+		if (conf.userconf->nispasswd && *conf.userconf->nispasswd == '/')
+			valid_type = _PWF_NIS;
+
+		if (PWF._altdir == PWF_REGULAR &&
+		    ((pwd->pw_fields & _PWF_SOURCE) != valid_type))
+			errx(EX_NOUSER, "no such %s user `%s'",
+			    valid_type == _PWF_FILES ? "local" : "NIS"  , name);
+
 		if (name == NULL)
 			name = pwd->pw_name;
 
@@ -1076,6 +1085,7 @@ pw_userdel(char *name, long id)
 	char		 grname[LOGNAMESIZE];
 	int		 rc;
 	struct stat	 st;
+	int		 valid_type = _PWF_FILES;
 
 	if (id < 0 && name == NULL)
 		errx(EX_DATAERR, "username or id required");
@@ -1086,6 +1096,15 @@ pw_userdel(char *name, long id)
 			errx(EX_NOUSER, "no such uid `%ld'", id);
 		errx(EX_NOUSER, "no such user `%s'", name);
 	}
+
+	if (conf.userconf->nispasswd && *conf.userconf->nispasswd == '/')
+		valid_type = _PWF_NIS;
+
+	if (PWF._altdir == PWF_REGULAR &&
+	    ((pwd->pw_fields & _PWF_SOURCE) != valid_type))
+		errx(EX_NOUSER, "no such %s user `%s'",
+		    valid_type == _PWF_FILES ? "local" : "NIS"  , name);
+
 	uid = pwd->pw_uid;
 	if (name == NULL)
 		name = pwd->pw_name;

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201507282149.t6SLndDQ050933>