[Pkg-shadow-devel] Bug#470745: Bug#470745: passwd: usermod loops and mem leaks
Thomas Rasmussen
rasmussen.thomas at gmail.com
Thu Mar 13 19:32:39 UTC 2008
On Thu, Mar 13, 2008 at 4:30 PM, Nicolas François <
nicolas.francois at centraliens.net> wrote:
> tags 470745 upstream
> tags 470745 fixed-upstream
> thanks
>
> On Thu, Mar 13, 2008 at 01:30:45PM +0100, rasmussen.thomas at gmail.comwrote:
> >
> > If /etc/gshadow file has been changed so two otherwise non-identical
> groups apear with the same groupname, usermod will loop and use all memory
> on system if called.
> >
> > Reproducable by performing this:
> > # groupadd tr
> > # groupadd rtr
> > # useradd -g tr tr
> > # perl -pi -e 's/rtr/tr/g' /etc/gshadow
> > # usermod -G tr tr
> > <observe usermod using memory and proc time>
> >
> > Tested and reproduced on latest (4.0r3) netinst iso image and updated
> with all packages.
>
> Thanks for reporting it.
>
> This is currently fixed in the upstream repository.
> The last usermod call will raise an error and request the /etc/gshadow
> file to be cleaned with grpck:
>
> Multiple entries named 'tr' in /etc/gshadow. Please fix this with
> pwck or grpck.
> usermod: error adding new shadow group entry
>
> I still need a few weeks (2?) before the next upstream release to prepare
> a snapshot and call for translations.
>
> I don't think this bug is that critical. I doesn't cause any corruption,
> and it occurs only in case of configuration errors, which do not appear if
> the administrators use the recommended tools for user/group
> administration. Thus I will not issue a fix for this bug.
>
> Also, I don't think it is worth doing a update for Etch.
> Any other opinions?
>
I agree that this should not be seen as admins should use the dedicated
toos, but I still see this as a quite serious bug because it will crash
either the system or random services running on the system when it hits the
maximum amount of memory.
I have ofcourse fixexd the error on our running systems so we no longer hit
it, but I'd prefer that it was fixed in etch as we have quite many systems
running etch.
Kind regards
Thomas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/attachments/20080313/c0937e28/attachment.htm
More information about the Pkg-shadow-devel
mailing list