[Pkg-shadow-devel] Bug#470745: Bug#470745: passwd: usermod loops and mem leaks
Nicolas François
nicolas.francois at centraliens.net
Thu Mar 13 15:30:17 UTC 2008
tags 470745 upstream
tags 470745 fixed-upstream
thanks
On Thu, Mar 13, 2008 at 01:30:45PM +0100, rasmussen.thomas at gmail.com wrote:
>
> If /etc/gshadow file has been changed so two otherwise non-identical groups apear with the same groupname, usermod will loop and use all memory on system if called.
>
> Reproducable by performing this:
> # groupadd tr
> # groupadd rtr
> # useradd -g tr tr
> # perl -pi -e 's/rtr/tr/g' /etc/gshadow
> # usermod -G tr tr
> <observe usermod using memory and proc time>
>
> Tested and reproduced on latest (4.0r3) netinst iso image and updated with all packages.
Thanks for reporting it.
This is currently fixed in the upstream repository.
The last usermod call will raise an error and request the /etc/gshadow
file to be cleaned with grpck:
Multiple entries named 'tr' in /etc/gshadow. Please fix this with pwck or grpck.
usermod: error adding new shadow group entry
I still need a few weeks (2?) before the next upstream release to prepare
a snapshot and call for translations.
I don't think this bug is that critical. I doesn't cause any corruption,
and it occurs only in case of configuration errors, which do not appear if
the administrators use the recommended tools for user/group
administration. Thus I will not issue a fix for this bug.
Also, I don't think it is worth doing a update for Etch.
Any other opinions?
Best Regards,
--
Nekral
More information about the Pkg-shadow-devel
mailing list