packages/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
shadow/useradd-avoid-generating-an-empty-subid-range.patch

108 lines
3.9 KiB
Diff
Raw Blame History

From 9dd720a28578eef5be8171697aae0906e4c53249 Mon Sep 17 00:00:00 2001
From: Iker Pedrosa <ipedrosa@redhat.com>
Date: Tue, 10 Aug 2021 09:07:03 +0200
Subject: [PATCH] useradd: avoid generating an empty subid range
useradd generates an empty subid range when adding a new user. This is
caused because there are two variables, one local and the other one
global, that have a very similar name and they are used indistinctly in
the code. The local variable loads the SUB_*ID_COUNT configuration from
the login.defs file, while the global variable, which holds a value of
0, is used to generate the subid range. Causing the empty subid range
problem.
I've merged the two variables in the local one and removed the global
variable. I prefer to do it this way to reduce the scope of it but I'm
open to doing it the other way round.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1990653
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
Conflict: context adaptation
---
src/useradd.c | 20 +++++++++-----------
1 file changed, 9 insertions(+), 11 deletions(-)
diff --git a/src/useradd.c b/src/useradd.c
index baeffb3..9abeea6 100644
--- a/src/useradd.c
+++ b/src/useradd.c
@@ -142,9 +142,7 @@ static bool is_sub_gid = false;
static bool sub_uid_locked = false;
static bool sub_gid_locked = false;
static uid_t sub_uid_start; /* New subordinate uid range */
-static unsigned long sub_uid_count;
static gid_t sub_gid_start; /* New subordinate gid range */
-static unsigned long sub_gid_count;
#endif /* ENABLE_SUBIDS */
static bool pw_locked = false;
static bool gr_locked = false;
@@ -234,7 +232,7 @@ static void open_shadow (void);
static void faillog_reset (uid_t);
static void lastlog_reset (uid_t);
static void tallylog_reset (const char *);
-static void usr_update (void);
+static void usr_update (unsigned long subuid_count, unsigned long subgid_count);
static void create_home (void);
static void create_mail (void);
static void check_uid_range(int rflg, uid_t user_id);
@@ -2092,7 +2090,7 @@ static void tallylog_reset (const char *user_name)
* usr_update() creates the password file entries for this user
* and will update the group entries if required.
*/
-static void usr_update (void)
+static void usr_update (unsigned long subuid_count, unsigned long subgid_count)
{
struct passwd pwent;
struct spwd spent;
@@ -2155,14 +2153,14 @@ static void usr_update (void)
}
#ifdef ENABLE_SUBIDS
if (is_sub_uid &&
- (sub_uid_add(user_name, sub_uid_start, sub_uid_count) == 0)) {
+ (sub_uid_add(user_name, sub_uid_start, subuid_count) == 0)) {
fprintf (stderr,
_("%s: failed to prepare the new %s entry\n"),
Prog, sub_uid_dbname ());
fail_exit (E_SUB_UID_UPDATE);
}
if (is_sub_gid &&
- (sub_gid_add(user_name, sub_gid_start, sub_gid_count) == 0)) {
+ (sub_gid_add(user_name, sub_gid_start, subgid_count) == 0)) {
fprintf (stderr,
_("%s: failed to prepare the new %s entry\n"),
Prog, sub_uid_dbname ());
@@ -2624,16 +2622,16 @@ int main (int argc, char **argv)
}
#ifdef ENABLE_SUBIDS
- if (is_sub_uid && sub_uid_count != 0) {
- if (find_new_sub_uids(&sub_uid_start, &sub_uid_count) < 0) {
+ if (is_sub_uid && subuid_count != 0) {
+ if (find_new_sub_uids(&sub_uid_start, &subuid_count) < 0) {
fprintf (stderr,
_("%s: can't create subordinate user IDs\n"),
Prog);
fail_exit(E_SUB_UID_UPDATE);
}
}
- if (is_sub_gid && sub_gid_count != 0) {
- if (find_new_sub_gids(&sub_gid_start, &sub_gid_count) < 0) {
+ if (is_sub_gid && subgid_count != 0) {
+ if (find_new_sub_gids(&sub_gid_start, &subgid_count) < 0) {
fprintf (stderr,
_("%s: can't create subordinate group IDs\n"),
Prog);
@@ -2642,7 +2640,7 @@ int main (int argc, char **argv)
}
#endif /* ENABLE_SUBIDS */
- usr_update ();
+ usr_update (subuid_count, subgid_count);
close_files ();
--
1.8.3.1
Reference in New Issue View Git Blame Copy Permalink