svn commit: r285989 - head/usr.sbin/pw

Tue, 28 Jul 2015 14:50:28 -0700 

Author: bapt
Date: Tue Jul 28 21:49:38 2015
New Revision: 285989
URL: https://svnweb.freebsd.org/changeset/base/285989

Log:
  Reject usermod and userdel if the user concerned is not on the user database
  supposed to be manipulated
  
  This prevent pw usermod creating a new local user when requesting to usermod 
on
  a username is defined in LDAP.
  
  This issue only happens when modifying the local user database (not inpacting
  commands when -V or -R are used).
  
  PR:           187653
  Submitted by: tmwalas...@gmail.com

Modified:
  head/usr.sbin/pw/pw_user.c

Modified: head/usr.sbin/pw/pw_user.c
==============================================================================
--- head/usr.sbin/pw/pw_user.c  Tue Jul 28 21:47:37 2015        (r285988)
+++ head/usr.sbin/pw/pw_user.c  Tue Jul 28 21:49:38 2015        (r285989)
@@ -310,6 +310,7 @@ pw_user(int mode, char *name, long id, s
        FILE           *fp;
        char *dmode_c;
        void *set = NULL;
+       int valid_type = _PWF_FILES;
 
        static struct passwd fakeuser =
        {
@@ -505,6 +506,14 @@ pw_user(int mode, char *name, long id, s
                        errx(EX_NOUSER, "no such user `%s'", name);
                }
 
+               if (conf.userconf->nispasswd && *conf.userconf->nispasswd == 
'/')
+                       valid_type = _PWF_NIS;
+
+               if (PWF._altdir == PWF_REGULAR &&
+                   ((pwd->pw_fields & _PWF_SOURCE) != valid_type))
+                       errx(EX_NOUSER, "no such %s user `%s'",
+                           valid_type == _PWF_FILES ? "local" : "NIS"  , name);
+
                if (name == NULL)
                        name = pwd->pw_name;
 
@@ -1076,6 +1085,7 @@ pw_userdel(char *name, long id)
        char             grname[LOGNAMESIZE];
        int              rc;
        struct stat      st;
+       int              valid_type = _PWF_FILES;
 
        if (id < 0 && name == NULL)
                errx(EX_DATAERR, "username or id required");
@@ -1086,6 +1096,15 @@ pw_userdel(char *name, long id)
                        errx(EX_NOUSER, "no such uid `%ld'", id);
                errx(EX_NOUSER, "no such user `%s'", name);
        }
+
+       if (conf.userconf->nispasswd && *conf.userconf->nispasswd == '/')
+               valid_type = _PWF_NIS;
+
+       if (PWF._altdir == PWF_REGULAR &&
+           ((pwd->pw_fields & _PWF_SOURCE) != valid_type))
+               errx(EX_NOUSER, "no such %s user `%s'",
+                   valid_type == _PWF_FILES ? "local" : "NIS"  , name);
+
        uid = pwd->pw_uid;
        if (name == NULL)
                name = pwd->pw_name;
_______________________________________________
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

Reply via email to