diff options
author | Naman Sood <mail@nsood.in> | 2023-07-19 12:44:21 +0000 |
---|---|---|
committer | Joseph Mingrone <jrm@FreeBSD.org> | 2023-07-19 13:36:09 +0000 |
commit | 17839f45d86e79065a65ad3e2522dd69b29a652c (patch) | |
tree | d9498019e8cb89ee41bdf9d62f64f8fe5e489131 | |
parent | e4a873bf10b7cc8fa67087a7291a640d09e430f2 (diff) | |
download | src-17839f45d86e79065a65ad3e2522dd69b29a652c.tar.gz src-17839f45d86e79065a65ad3e2522dd69b29a652c.zip |
pw: Ensure group membership is not duplicated
Fix the following problem:
1. A nonexistent user, someuser, is added to somegroup in /etc/group.
2. someuser is then created with membership in somegroup.
The entry for somegroup in /etc/group will then contain
somegroup:*:12345:someuser,someuser
With this fix, the entry will be
somegroup:*:12345:someuser
PR: 238995
Reviewed by: bapt, jrm
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41076
-rw-r--r-- | usr.sbin/pw/pw.h | 2 | ||||
-rw-r--r-- | usr.sbin/pw/pw_group.c | 2 | ||||
-rw-r--r-- | usr.sbin/pw/pw_user.c | 3 |
3 files changed, 6 insertions, 1 deletions
diff --git a/usr.sbin/pw/pw.h b/usr.sbin/pw/pw.h index fb1ba9a44f84..6eb5a25e56ec 100644 --- a/usr.sbin/pw/pw.h +++ b/usr.sbin/pw/pw.h @@ -114,3 +114,5 @@ extern const char *Which[]; uintmax_t strtounum(const char * __restrict, uintmax_t, uintmax_t, const char ** __restrict); + +bool grp_has_member(struct group *grp, const char *name); diff --git a/usr.sbin/pw/pw_group.c b/usr.sbin/pw/pw_group.c index 277763041f0a..48f999d3e1d3 100644 --- a/usr.sbin/pw/pw_group.c +++ b/usr.sbin/pw/pw_group.c @@ -418,7 +418,7 @@ pw_group_del(int argc, char **argv, char *arg1) return (EXIT_SUCCESS); } -static bool +bool grp_has_member(struct group *grp, const char *name) { int j; diff --git a/usr.sbin/pw/pw_user.c b/usr.sbin/pw/pw_user.c index bea248c802ed..9029069c6a9f 100644 --- a/usr.sbin/pw/pw_user.c +++ b/usr.sbin/pw/pw_user.c @@ -1408,6 +1408,9 @@ pw_user_add(int argc, char **argv, char *arg1) if (cmdcnf->groups != NULL) { for (i = 0; i < cmdcnf->groups->sl_cur; i++) { grp = GETGRNAM(cmdcnf->groups->sl_str[i]); + /* gr_add doesn't check if new member is already in group */ + if (grp_has_member(grp, pwd->pw_name)) + continue; grp = gr_add(grp, pwd->pw_name); /* * grp can only be NULL in 2 cases: |