[BusyBox] adduser/deluser bug in shadow environment
Axel Barnitzke
barney at xkontor.com
Sat Feb 9 17:05:05 UTC 2002
We plan to install a busybox system in a medical care environment
where shadow passwords are required.
When configured with shadow passwords busybox behaves wired.
adduser:
1. adds passwd-shadow entries to /etc/gshadow (easy)
2. adds group 'addgroup' to /etc/group (see below)
deluser:
1. doesn't remove group entry from /etc/gshadow (easy)
I applied a patch which works fine for me in a static
uclibc environment. I didn't test these patches in
a dynamic (g)libc environment -- so be carefull.
I'm not sure whether it's correct to remove argv[0]
in addgroup_wrapper (adduser.c) (Haven't read the
the applet stuff so far ;-)
Bye
-- Barney
--------------------------------------
++ axel (barney) barnitzke
++ it consultant
++ xkontor it solutions
email :: mailto:barney at xkontor.com
-------------- next part --------------
--- pwd_grp/adduser.c.orig Sat Feb 9 23:21:18 2002
+++ pwd_grp/adduser.c Sat Feb 9 23:58:52 2002
@@ -38,7 +38,7 @@
#include "grp.h"
#define PASSWD_FILE "/etc/passwd"
-#define SHADOW_FILE "/etc/gshadow"
+#define SHADOW_FILE "/etc/shadow"
#if 0
# define PASSWD_FILE "passwd"
@@ -119,16 +119,16 @@
static void addgroup_wrapper(const char *login, gid_t gid)
{
- int argc = 4;
- char *argv[] = { "addgroup", "-g", NULL, NULL };
+ int argc = 3;
+ char *argv[] = { NULL, "-g", NULL };
const char *argv0_save;
char group_id[8];
char group_name[32];
argv0_save = applet_name;
- applet_name = argv[0];
+ applet_name = "addgroup";
safe_strncpy(group_name, login, 32);
- argv[3] = group_name;
+ argv[0] = group_name;
sprintf(group_id, "%d", gid);
argv[2] = group_id;
addgroup_main(argc, argv);
--- pwd_grp/deluser.c.orig Fri Jan 18 10:52:52 2002
+++ pwd_grp/deluser.c Sun Feb 10 00:08:53 2002
@@ -169,6 +169,14 @@
error_msg_and_die("%s: User could not be removed from %s\n",
argv[1], GROUP_FILE);
}
+#ifdef CONFIG_FEATURE_SHADOWPASSWDS
+ failure = del_line_matching(argv[1], GSHADOW_FILE);
+ /* if (!successful) { */
+ if (failure) {
+ error_msg_and_die("%s: User could not be removed from %s\n",
+ argv[1], GSHADOW_FILE);
+ }
+#endif /* CONFIG_FEATURE_SHADOWPASSWDS */
}
return (EXIT_SUCCESS);
More information about the busybox
mailing list