| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When passwd or group information is changed (by pw, vipw, chpass, ...)
temporary file is created and then a rename() call move it to official file.
This operation didn't have any check to make sure data was written to disk
and if a power cycle happens system could end up with a 0 length passwd
or group database.
There is a pfSense bug with more information about it:
https://redmine.pfsense.org/issues/4523
The following changes were made to protect passwd and group operations:
* lib/libutil/gr_util.c:
- Replace mkstemp() by mkostemp() with O_SYNC flag to create temp file
- After rename(), fsync() call on directory for faster result
* lib/libutil/pw_util.c
- Replace mkstemp() by mkostemp() with O_SYNC flag to create temp file
* usr.sbin/pwd_mkdb/pwd_mkdb.c
- Added O_SYNC flag on dbopen() calls
- After rename(), fsync() call on directory for faster result
* lib/libutil/pw_util.3
- pw_lock() returns a file descriptor to master password file on success
Differential Revision: https://reviews.freebsd.org/D2978
Approved by: re (kib), bapt (implicit agreed)
Sponsored by: Netgate
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a test for bug 191427 where pw(8) will go into an infinite loop
Add some tests for modifying groups
When a group is renamed then the group has been invalidated for sure.
In that case get the group information using the new name.
Fix a regression in pw usermod -G list
The user was perperly adding the to different groups from "list" but was not
removed from the other groups it could have belong to.
Do not delete the group wheel when bad argument is passed to pw groupdel -g
Check that the -g argument is actually a number, if not report an error.
This argument is converted without checking with atoi(3) later so without this
check it converts any alpha entries into 0 meaning it deletes the group wheel
Ensure pw userdel -u <invalid> do not try to remove root
Check the uid passed is actually a number as early as possible
Fix renaming a group via the gr_copy function
Add a regression test to pw(8) because the bug was discovered via using:
pw groupmod
PR: 193704 [1], 185666 [2], 90114 [3], 187189 [4]
Submitted by: Marc de la Gueronniere [4]
Reported by: az [1], sub.mesa@gmail.com [2], bkoenig@cs.tu-berlin.de [3],
mcdouga9@egr.msu.edu [4]
|
| |
|
|
| |
Approved by: theraven
|
| |
|
|
|
|
|
|
|
| |
This is part of ongoing work on sbin/pw
M libutil.h
M gr_util.c
Approved by: theraven
|
| |
|
|
| |
Submitted by: Christoph Mallon <christoph.mallon gmx.de>
|
| |
|
|
| |
Submitted by: Christoph Mallon <christoph.mallon gmx.de>
|
| |
|
|
| |
Submitted by: Christoph Mallon <christoph.mallon gmx.de>
|
| |
|
|
| |
Submitted by: Christoph Mallon <christoph.mallon gmx.de>
|
| |
|
|
|
| |
Submitted by: pjd
Reviewed by: db
|
| |
|
|
| |
Submitted by: gcooper
|
| |
|
|
| |
Submitted by: Christoph Mallon <christoph.mallon@gmx.de>
|
| |
|
|
|
| |
Submitted by: Christoph Mallon <christoph.mallon@gmx.de>
Reported by: pjd
|
| |
|
|
|
| |
Submitted by: pjd
Reviewed by: jilles
|
| |
|
|
|
| |
Reported by: mdf
Submitted by: db
|
| |
|
|
| |
Requested by: jilles
|
| |
|
|
| |
Submitted by: db
|
| |
|
|
|
|
| |
- Fix tinderbox error
Submitted by: db
|
| |
|
|
|
|
| |
into an existing group.
Submitted by: db
|
| | |
|
| |
|
|
|
|
| |
report error if chmod(2) fails
Reported by: jh
|
| | |
|
| |
|
|
| |
Reported by: Garrett Cooper <yanegomi@gmail.com>
|
| |
|
|
|
|
| |
a directory.
MFC after: 1 month
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- if pw is NULL and oldpw is not NULL then the oldpw is deleted
- if pw->pw_name != oldpw->pw_name but pw->pw_uid == oldpw->pw_uid
then it renames the user
add new gr_* functions so now gr_util API is similar to pw_util API,
this allow to manipulate groups in a safe way.
Reviewed by: des
Approved by: des
MFC after: 1 month
|
| |
|
|
| |
MFC after: 5 days
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
parentheses.
Fixed alignment issue in gr_dup() in its assignment of gr_mem using a
struct to force alignment without performing alignment mathematics. This
was noticed recently with libutil was built with WARNS=6 on platform such
as sparc64.
Added checks to gr_dup(), gr_equal() and gr_make() to prevent segfaults
when examining struct group's with the struct members pointing to NULL's.
With fix of alignment issue, restore WARNS?=6.
Reviewed by: des
MFC after: 1 week
|
| |
|
|
| |
MFC after: 1 week
|
|
|
after similar calls related to struct pwd in libutil/pw_util.c:
- gr_equal()
Perform a deep comparison of two struct grp's. It does a thorough, yet
unoptimized comparison of all the members regardless of order.
- gr_make()
Create a string (see group(5)) from a struct grp.
- gr_dup()
Duplicate a struct grp. Returns a value that is a single contiguous
block of memory.
- gr_scan()
Create a struct grp from a string (as produced by gr_make()).
MFC after: 3 weeks
|
