Re: Patch for adduser: Create a system user

Wed, 24 Oct 2007 13:33:17 -0700 

On Wednesday 24 October 2007 12:53:40 Ralf Friedl wrote:
> Hi
> 
> I have a patch for adduser to support the option "-S: Create a system 
> user", which is presently accepted but ignored.
> 
> Also I changed the range for normal users to start at 1000 instead of 
> 500, which is what most current distributions do.
> 
> As a side note:
> It is not possible to create users with group 0. The code seems to 
> create a new group with same and same number as the new user.
> Why would that be useful?
Hi,
Seems to be standard behaviour...

       By  default,  each  user  in  Debian GNU/Linux is given a corresponding
       group with the same name.  Usergroups allow group writable  directories
       to  be  easily  maintained  by placing the appropriate users in the new
       group, setting the set-group-ID bit in the directory, and ensuring that
       all  users use a umask of 002.  If this option is turned off by setting
       USERGROUPS to no, all users’ GIDs are set to USERS_GID

> Also, I think it is possible that this implementation results in 
> duplicate user ids:
> The first loop, "while (!fgetpwent_r(..." find a free user id.
> The second loop, "while (getgrgid(p->pw_uid)) p->pw_uid++;" increments 
> uid until it finds an unused group id.
> It is possible that this incremented uid is in use as a user id.
> 
> Regards
> Ralf Friedl
> 

maybe this could fix the problem you report:

/* remix */
/* EDR recoded such that the uid may be passed in *p */
static int passwd_study(const char *filename, struct passwd *p)
{
        enum { min = 500, max = 65000 };
        FILE *passwd;

        passwd = xfopen(filename, "r");

        /* if uid is out of bounds, set to min */
        if ((p->pw_uid > max) || (p->pw_uid < min))
                p->pw_uid = min;

        /* check for an already in use login name */
        if (getpwnam(p->pw_name))
                 return 1;

        /* check for a free uid */
        while (getpwuid(p->pw_uid))
                p->pw_uid++;
        
        if (!p->pw_gid) {
                /* create new gid always = uid and re-check if the uid is free 
*/
                while (getgrgid(p->pw_uid) && getpwuid(p->pw_uid))
                        p->pw_uid++;
        
                p->pw_gid = p->pw_uid;
                /* check for an already in use group name */
                if (getgrnam(p->pw_name) != NULL)
                        return 3;
        }
        /* bounds check,  could not be less than min */
        if (p->pw_uid > max)
                return 2;

        return 0;
}

This is only a proof of concept and is only compile tested.
If it works for you, your patch could be easily integrated.

Ciao,
Tito
_______________________________________________
busybox mailing list
[email protected]
http://busybox.net/cgi-bin/mailman/listinfo/busybox

Reply via email to