netbsd-bugs: bin/13974: usermod/add etc. group handling problems

Subject: bin/13974: usermod/add etc. group handling problems
To: None <gnats-bugs@gnats.netbsd.org>
From: Hubert Feyrer <hubert@feyrer.de>
List: netbsd-bugs
Date: 09/16/2001 19:56:12
>Number:         13974
>Category:       bin
>Synopsis:       usermod/add etc. group handling problems
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Sep 16 10:57:01 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     Hubert Feyrer
>Release:        NetBSD 1.5.1
>Organization:
bla!
>Environment:
	
System: NetBSD miyu 1.5.2 NetBSD 1.5.2 (MIYU) #13: Tue Sep 11 22:00:05 MEST 2001 feyrer@miyu:/usr/cvs/src-1.5/sys/arch/i386/compile/MIYU i386


>Description:
	Looking at handling setups with many users as e.g. found on
	cvs.netbsd.org, I found several problems with useradd/usermod
	WRT group handling. 

	1. When adding users, the max. 1000 line limit in our
	   routines is not taken care of. Bad thing is if a line in
	   /etc/group grows beyond 1000 bytes, NONE of the users 
	   will belong to that group any more.
	2. When adding a user to a group manually (usermod -G), and
	   /etc/group has the same group more than once (to work around
	   the afore-mentioned 1000 bytes limit), the user is added
	   to to each line
	3. When removing a user (userdel), he is left in /etc/group.

>How-To-Repeat:
	0. Add "test2" group: groupadd test2

	1. * Create a bunch of accounts:
	     perl -e 'for($i=0;$i<200;$i++){printf "useradd test%03d; \
		usermod -d /tmp -G test2 test%03d\n", $i, $i;}' | sh -v
	   * Change to last user: su - test200
	   * Run "id" to see the user is not in the "test2" group
	   * exit back to r00t
	   * Change to first user: su - test000
	   * Run "id" to see the user is not in the "test2" group either
	   * grep ^test2:  /etc/group | wc -c, and see the line is longer
	     than 1000 bytes
	   * Split it into two lines ("test2:*:111:test000,...,test100",
	     "test2:*:111:test101,...,test200") and see the above "su"
	     commands show the user being member of "test2"

	2. * Add a new user: useradd -d /tmp test201
	   * Add the user to our (now-split) test2-group: usermod -G test2 test201
	   * grep ^test2: /etc/group and note that test201 is now on ALL
	     lines of test2 groups!
	   * Play with "useradd -G", and notice the same problem

	3. * Remove all users:
	     perl -e 'for($i=0;$i<200;$i++){printf "userdel test%03d\n", \
		      $i;}' | sh -v
           * Notice /etc/group still lists all users as part of the
	     test2 group

>Fix:
	Unknown.

	Need to read all users of each group into some list, and when
	writing that out pay attention to the line limit.

	As an alternative, fix our group handling (but that's probably
	not gonna happen), so fixing user* is the easier thing here.
>Release-Note:
>Audit-Trail:
>Unformatted: