[Pkg-shadow-devel] Bug#295416: Could we propose a patch for the "userdel should not remove the group which is primary for someone else" bug ?

Nicolas François nicolas.francois at centraliens.net
Sat Oct 1 16:33:49 UTC 2005 

Hi!

On Mon, Sep 12, 2005 at 07:33:17AM +0200, bubulle at debian.org wrote:
> http://bugs.debian.org/295416 is a long bug long, but it can be
> resumed as:
> 
> root at mykerinos:~# groupadd bug295416
> root at mykerinos:~# useradd -g bug295416 bug295416
> root at mykerinos:~# useradd -g bug295416 other295416
> root at mykerinos:~# userdel bug295416
> root at mykerinos:~# getent group bug295416
> root at mykerinos:~# 
> 
> Das ist nich gut....
> 
> I'm pretty sure that finding a patch for this is easy, if we assume
> that Tomasz is currently focused on other tasks and can't handle it.

The attached patch do not really fix this, but can be used as a basis.

I think we all agree that the user must be warned, don't we?

The problem is shall we remove the group or not? Do we need a special
return value?
What should the warning tell? Currently:
    Warning: The primary group of bug295416 (bug295416, GID=1003)
    will be removed, but is also the primary group of other295416
    (ID=1002).

I tend to agree with Alexander: if we delete the group (with a warning),
the system databases won't be consistent.
I would prefer to let the group, and warn the administrator, so that she
can delete the group with groupdel if needed.

Kind Regards,
-- 
Nekral
-------------- next part --------------
--- userdel.c.orig	2005-10-01 17:06:55.000000000 +0200
+++ userdel.c	2005-10-01 18:27:16.000000000 +0200
@@ -121,6 +121,7 @@
 {
 	const struct group *grp;
 	struct group *ngrp;
+	struct passwd *pwd;
 
 #ifdef	SHADOWGRP
 	int deleted_user_group = 0;
@@ -174,6 +175,21 @@
 	if (grp && getdef_bool ("USERGROUPS_ENAB")
 	    && (grp->gr_mem[0] == NULL)) {
 
+		/*
+		 * Scan the passwd file to check if this group is still
+		 * used as a primary group.
+		 */
+		setpwent ();
+		while ((pwd = getpwent ())) {
+			if (strcmp (pwd->pw_name, user_name) == 0)
+				continue;
+			if (pwd->pw_gid == grp->gr_gid) {
+				printf("Warning: The primary group of %s (%s, GID=%d) will be removed, but is also the primary group of %s (ID=%d).\n", user_name, grp->gr_name, grp->gr_gid, pwd->pw_name, pwd->pw_uid);
+				/* break; */
+			}
+		}
+		endpwent();
+
 		gr_remove (grp->gr_name);
 
 #ifdef SHADOWGRP
@@ -658,6 +674,7 @@
 				break;
 			}
 		}
+		endpwent();
 	}
 #endif

More information about the Pkg-shadow-devel mailing list