Hm, interesting. Note that here userdel -f tells me it couldn't delete the user, but it does delete it (but doesn't kill the active login). Looking at the code I guess there are a few steps which should be skipped.
I'll apply this patch upstream at github.com/shadow-maint/shadow. thanks, -serge Quoting Bastian Blank ([email protected]): > Attached is the NMU diff. > > Bastian > > -- > Bastian Blank > Berater > Telefon: +49 2161 / 4643-194 > E-Mail: [email protected] > credativ GmbH, HRB Mönchengladbach 12080, USt-ID-Nummer: DE204566209 > Hohenzollernstr. 133, 41061 Mönchengladbach > Geschäftsführung: Dr. Michael Meskes, Jörg Folz, Sascha Heuer > diff -Nru shadow-4.2/debian/changelog shadow-4.2/debian/changelog > --- shadow-4.2/debian/changelog 2014-11-19 20:59:09.000000000 +0000 > +++ shadow-4.2/debian/changelog 2015-11-12 14:33:56.000000000 +0000 > @@ -1,3 +1,10 @@ > +shadow (1:4.2-3.1) unstable; urgency=medium > + > + * Non-maintainer upload. > + * Fix error handling in busy user detection. (Closes: #778287) > + > + -- Bastian Blank <[email protected]> Thu, 12 Nov 2015 14:33:33 > +0000 > + > shadow (1:4.2-3) unstable; urgency=low > > * Enforce hardened builds to workaround cdbs sometimes not building > diff -Nru shadow-4.2/debian/patches/1020_fix_user_busy_errors > shadow-4.2/debian/patches/1020_fix_user_busy_errors > --- shadow-4.2/debian/patches/1020_fix_user_busy_errors 1970-01-01 > 00:00:00.000000000 +0000 > +++ shadow-4.2/debian/patches/1020_fix_user_busy_errors 2015-11-12 > 14:24:49.000000000 +0000 > @@ -0,0 +1,38 @@ > +Description: Fix user_busy to not leave subuid open in case of error. > +Author: William Grant <[email protected]> > +Bug: https://bugs.launchpad.net/ubuntu/vivid/+source/shadow/+bug/1436937 > + > +Index: shadow-4.2/libmisc/user_busy.c > +=================================================================== > +--- shadow-4.2.orig/libmisc/user_busy.c > ++++ shadow-4.2/libmisc/user_busy.c > +@@ -175,6 +175,9 @@ static int user_busy_processes (const ch > + if (stat ("/", &sbroot) != 0) { > + perror ("stat (\"/\")"); > + (void) closedir (proc); > ++#ifdef ENABLE_SUBIDS > ++ sub_uid_close(); > ++#endif /* ENABLE_SUBIDS */ > + return 0; > + } > + > +@@ -212,6 +215,9 @@ static int user_busy_processes (const ch > + > + if (check_status (name, tmp_d_name, uid) != 0) { > + (void) closedir (proc); > ++#ifdef ENABLE_SUBIDS > ++ sub_uid_close(); > ++#endif /* ENABLE_SUBIDS */ > + fprintf (stderr, > + _("%s: user %s is currently used by process > %d\n"), > + Prog, name, pid); > +@@ -232,6 +238,9 @@ static int user_busy_processes (const ch > + } > + if (check_status (name, task_path+6, uid) != 0) > { > + (void) closedir (proc); > ++#ifdef ENABLE_SUBIDS > ++ sub_uid_close(); > ++#endif /* ENABLE_SUBIDS */ > + fprintf (stderr, > + _("%s: user %s is currently > used by process %d\n"), > + Prog, name, pid); > diff -Nru shadow-4.2/debian/patches/series shadow-4.2/debian/patches/series > --- shadow-4.2/debian/patches/series 2014-11-19 20:48:40.000000000 +0000 > +++ shadow-4.2/debian/patches/series 2015-11-12 14:24:49.000000000 +0000 > @@ -34,3 +34,4 @@ > #userns/16_add-argument-sanity-checking.patch > 1000_configure_userns > 1010_vietnamese_translation > +1020_fix_user_busy_errors > _______________________________________________ > Pkg-shadow-devel mailing list > [email protected] > http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-shadow-devel
