Henrique de Moraes Holschuh
2006-Feb-10 15:48 UTC
Bug#352225: adduser: severe problem in existing_user_ok()
Package: adduser Version: 3.82 Severity: grave Justification: renders package unusable Severity is set to grave because it breaks one of the two core functionalities of adduser, and one that is used by most postinst scripts that use adduser, to boot. Adduser is failing to correctly deal with a pre-existing system user when asked to update it (with no modifications, even!). This is caused by a bug in existing_user_ok. How to reproduce: Excerpt of /etc/adduser.conf: # FIRST_SYSTEM_UID to LAST_SYSTEM_UID inclusive is the range for UIDs # for dynamically allocated administrative and system accounts. FIRST_SYSTEM_UID=100 LAST_SYSTEM_UID=999 # FIRST_UID to LAST_UID inclusive is the range of UIDs of dynamically # allocated user accounts. FIRST_UID=1000 LAST_UID=29999 # The USERGROUPS variable can be either "yes" or "no". If "yes" each # created user will be given their own group to use as a default, and # their home directories will be g+s. If "no", each created user will # be placed in the group whose gid is USERS_GID (see below). USERGROUPS=yes Description of the bug: # getent passwd hplip hplip:x:125:7:HPLIP system user,,,:/var/run/hplip:/bin/false # getent group lp lp:x:7:lp # adduser --system --ingroup lp --home /var/run/hplip --gecos ''HPLIP system user'' --shell /bin/false --disabled-password hplip ; echo $? adduser: Warning: The home dir you specified already exists. The user `hplip'' already exists with a different uid. Aborting 1 The bug is in routine existing_user_ok. It must not return 2 if $new_uid is undefined. In that case, only 0 and 1 are valid results. I miss a third return value, "3" for users which exist but are not in the system range (which is a valid result independent of $new_uid being defined or not). It is useful to generate a printf (gtx("The user `%s'' already exists as a non-system user. Aborting\n"), $new_name) error message. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (990, ''unstable'') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.15.2-debian2+bluesmoke+lm85 Locale: LANG=pt_BR.ISO-8859-1, LC_CTYPE=pt_BR.ISO-8859-1 (charmap=ISO-8859-1) Versions of packages adduser depends on: ii debconf [debconf-2.0] 1.4.70 Debian configuration management sy ii passwd 1:4.0.14-5 change and administer password and ii perl-base 5.8.8-1 The Pathologically Eclectic Rubbis adduser recommends no packages. -- debconf information: * adduser/homedir-permission: true -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh
Debian Bug Tracking System
2006-Feb-12 17:57 UTC
[Adduser-devel] Bug#352225: marked as done (adduser: severe problem in existing_user_ok())
Your message dated Sun, 12 Feb 2006 08:17:07 -0800 with message-id <E1F8JuN-0005LN-Q5@spohr.debian.org> and subject line Bug#352225: fixed in adduser 3.83 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -------------- next part -------------- An embedded message was scrubbed... From: Henrique de Moraes Holschuh <hmh@debian.org> Subject: adduser: severe problem in existing_user_ok() Date: Fri, 10 Feb 2006 12:54:04 -0200 Size: 5037 Url: http://lists.alioth.debian.org/pipermail/adduser-devel/attachments/20060212/e8caa16d/attachment-0002.mht -------------- next part -------------- An embedded message was scrubbed... From: Marc Haber <mh+debian-packages@zugschlus.de> Subject: Bug#352225: fixed in adduser 3.83 Date: Sun, 12 Feb 2006 08:17:07 -0800 Size: 3439 Url: http://lists.alioth.debian.org/pipermail/adduser-devel/attachments/20060212/e8caa16d/attachment-0003.mht