From b5327d0a65b7515b4c8bcdf94cf71948da5d608e Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Fri, 2 Mar 2018 03:27:34 +0900 Subject: [PATCH 1/3] sysusers: do not create duplicated groups when create users The commit e2c2060f7b3b11fa3cca8899d80963b7a05cc4ab introduces the issue #8315. Fixes #8315. --- src/sysusers/sysusers.c | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c index fab54b5040..80a033054b 100644 --- a/src/sysusers/sysusers.c +++ b/src/sysusers/sysusers.c @@ -1209,12 +1209,25 @@ static int process_item(Item *i) { switch (i->type) { - case ADD_USER: - r = add_group(i); - if (r < 0) - return r; + case ADD_USER: { + Item *j; + + j = ordered_hashmap_get(groups, i->name); + if (j && j->todo_group) { + /* When the group with the same name is already in queue, + * use the information about the group and do not create + * duplicated group entry. */ + i->gid_set = j->gid_set; + i->gid = j->gid; + i->id_set_strict = true; + } else { + r = add_group(i); + if (r < 0) + return r; + } return add_user(i); + } case ADD_GROUP: return add_group(i); From fb5dfbc2d85233490f0712364e2f4f6fac706dde Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Thu, 1 Mar 2018 14:52:28 +0900 Subject: [PATCH 2/3] test: add a test for sysusers The test cases for sysusers did not cover the situation reported in issue #8315. Let's add one more test case. --- test/TEST-21-SYSUSERS/test-7.expected-group | 16 ++++++++++++ test/TEST-21-SYSUSERS/test-7.expected-passwd | 5 ++++ test/TEST-21-SYSUSERS/test-7.input | 26 ++++++++++++++++++++ 3 files changed, 47 insertions(+) create mode 100644 test/TEST-21-SYSUSERS/test-7.expected-group create mode 100644 test/TEST-21-SYSUSERS/test-7.expected-passwd create mode 100644 test/TEST-21-SYSUSERS/test-7.input diff --git a/test/TEST-21-SYSUSERS/test-7.expected-group b/test/TEST-21-SYSUSERS/test-7.expected-group new file mode 100644 index 0000000000..ae9539c9a1 --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-7.expected-group @@ -0,0 +1,16 @@ +sys:x:3: +mem:x:8: +ftp:x:11: +mail:x:12: +log:x:19: +smmsp:x:25: +proc:x:26: +games:x:50: +lock:x:54: +network:x:90: +floppy:x:94: +scanner:x:96: +power:x:98: +bin:x:1: +daemon:x:2: +http:x:33: diff --git a/test/TEST-21-SYSUSERS/test-7.expected-passwd b/test/TEST-21-SYSUSERS/test-7.expected-passwd new file mode 100644 index 0000000000..79668c0654 --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-7.expected-passwd @@ -0,0 +1,5 @@ +bin:x:1:1::/:/sbin/nologin +daemon:x:2:2::/:/sbin/nologin +mail:x:8:12::/var/spool/mail:/sbin/nologin +ftp:x:14:11::/srv/ftp:/sbin/nologin +http:x:33:33::/srv/http:/sbin/nologin diff --git a/test/TEST-21-SYSUSERS/test-7.input b/test/TEST-21-SYSUSERS/test-7.input new file mode 100644 index 0000000000..4e10b74227 --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-7.input @@ -0,0 +1,26 @@ +# Issue #8315 +# +#Type Name ID GECOS HOMEDIR + +# default arch groups +# groups first, because we have user/group id mismatch on ftp and mail +g sys 3 - - +g mem 8 - - +g ftp 11 - - +g mail 12 - - +g log 19 - - +g smmsp 25 - - +g proc 26 - - +g games 50 - - +g lock 54 - - +g network 90 - - +g floppy 94 - - +g scanner 96 - - +g power 98 - - + +# default arch users +u bin 1 - - +u daemon 2 - - +u mail 8 - /var/spool/mail +u ftp 14 - /srv/ftp +u http 33 - /srv/http From d4f0412de47f843d650dc0d92eb9740a364ab801 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Fri, 2 Mar 2018 07:38:28 +0900 Subject: [PATCH 3/3] sysusers: do not implicitly create group by 'm' if 'u' with the same name exists The commit e2c2060f7b3b11fa3cca8899d80963b7a05cc4ab makes 'm' lines disturb 'u' lines. This fixes the disturbance. --- src/sysusers/sysusers.c | 57 +++++++++---------- test/TEST-21-SYSUSERS/test-10.expected-group | 2 + test/TEST-21-SYSUSERS/test-10.expected-passwd | 2 + test/TEST-21-SYSUSERS/test-10.input | 5 ++ 4 files changed, 35 insertions(+), 31 deletions(-) create mode 100644 test/TEST-21-SYSUSERS/test-10.expected-group create mode 100644 test/TEST-21-SYSUSERS/test-10.expected-passwd create mode 100644 test/TEST-21-SYSUSERS/test-10.input diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c index 80a033054b..629bd883f1 100644 --- a/src/sysusers/sysusers.c +++ b/src/sysusers/sysusers.c @@ -1259,40 +1259,11 @@ static int add_implicit(void) { int r; /* Implicitly create additional users and groups, if they were listed in "m" lines */ - ORDERED_HASHMAP_FOREACH_KEY(l, g, members, iterator) { - Item *i; char **m; - i = ordered_hashmap_get(groups, g); - if (!i) { - _cleanup_(item_freep) Item *j = NULL; - - r = ordered_hashmap_ensure_allocated(&groups, &string_hash_ops); - if (r < 0) - return log_oom(); - - j = new0(Item, 1); - if (!j) - return log_oom(); - - j->type = ADD_GROUP; - j->name = strdup(g); - if (!j->name) - return log_oom(); - - r = ordered_hashmap_put(groups, j->name, j); - if (r < 0) - return log_oom(); - - log_debug("Adding implicit group '%s' due to m line", j->name); - j = NULL; - } - - STRV_FOREACH(m, l) { - - i = ordered_hashmap_get(users, *m); - if (!i) { + STRV_FOREACH(m, l) + if (!ordered_hashmap_get(users, *m)) { _cleanup_(item_freep) Item *j = NULL; r = ordered_hashmap_ensure_allocated(&users, &string_hash_ops); @@ -1315,6 +1286,30 @@ static int add_implicit(void) { log_debug("Adding implicit user '%s' due to m line", j->name); j = NULL; } + + if (!(ordered_hashmap_get(users, g) || + ordered_hashmap_get(groups, g))) { + _cleanup_(item_freep) Item *j = NULL; + + r = ordered_hashmap_ensure_allocated(&groups, &string_hash_ops); + if (r < 0) + return log_oom(); + + j = new0(Item, 1); + if (!j) + return log_oom(); + + j->type = ADD_GROUP; + j->name = strdup(g); + if (!j->name) + return log_oom(); + + r = ordered_hashmap_put(groups, j->name, j); + if (r < 0) + return log_oom(); + + log_debug("Adding implicit group '%s' due to m line", j->name); + j = NULL; } } diff --git a/test/TEST-21-SYSUSERS/test-10.expected-group b/test/TEST-21-SYSUSERS/test-10.expected-group new file mode 100644 index 0000000000..1c92158720 --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-10.expected-group @@ -0,0 +1,2 @@ +u1:x:300:u2 +u2:x:SYSTEM_UID_MAX: diff --git a/test/TEST-21-SYSUSERS/test-10.expected-passwd b/test/TEST-21-SYSUSERS/test-10.expected-passwd new file mode 100644 index 0000000000..222334bf70 --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-10.expected-passwd @@ -0,0 +1,2 @@ +u1:x:300:300::/:/sbin/nologin +u2:x:SYSTEM_UID_MAX:SYSTEM_UID_MAX::/:/sbin/nologin diff --git a/test/TEST-21-SYSUSERS/test-10.input b/test/TEST-21-SYSUSERS/test-10.input new file mode 100644 index 0000000000..8e18a00a63 --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-10.input @@ -0,0 +1,5 @@ +# check that 'm' lines do not conflicts 'u' line +# +#Type Name ID GECOS HOMEDIR +u u1 300 - - +m u2 u1