https://bugzilla.novell.com/show_bug.cgi?id=305053 Summary: getpwnam_r does not return an error for non-existent user Product: openSUSE 10.3 Version: Beta 2 Platform: PowerPC-64 OS/Version: openSUSE 10.3 Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: grichardson@novell.com QAContact: qa@suse.de CC: grichardson@novell.com Found By: Development getpwnam_r does not return an error when passed a user that does not exist. getpwnam returns a null for the user, getpwnam_r returns a 0 and provides data for a different user. The following c code illustrated the problem: #include #include #include #include #include #include void doTest(char *username) { int ret; char buff[1024]; struct passwd pwd, *result; struct passwd * ppasswd; if(username == NULL || strlen(username) == 0) { return; } printf("doTest: Entered with username %s\n", username); memset(&pwd, 0, sizeof(pwd)); printf("doTest: calling getpwnam_r\n"); errno = 0; ret=getpwnam_r(username, &pwd, buff, sizeof(buff), &result); printf("doTest: errno after call to getpwnam_r = %d\n", errno); if(ret == 0) { printf("doTest: getpwnam_r succeeded for user %s\n", username); printf(" pw_name = %s\n", pwd.pw_name); printf(" pw_passwd = %s\n", pwd.pw_passwd); printf(" pw_uid = %d\n", pwd.pw_uid); printf(" pw_gid = %d\n", pwd.pw_gid); printf(" pw_gecos = %s\n", pwd.pw_gecos); printf(" pw_shell = %s\n", pwd.pw_shell); } else { printf("doTest: Unable to get user name information.\n"); } printf("doTest: calling getpwnam\n"); errno = 0; ppasswd = getpwnam(username); if (NULL == ppasswd) { printf("doTest: getpwnam failed for %s, errno = %d.\n", username, errno); } else { printf("doTest: getpwnam succeeded for user %s\n", username); printf(" pw_name = %s\n", ppasswd->pw_name); printf(" pw_passwd = %s\n", ppasswd->pw_passwd); printf(" pw_uid = %d\n", ppasswd->pw_uid); printf(" pw_gid = %d\n", ppasswd->pw_gid); printf(" pw_gecos = %s\n", ppasswd->pw_gecos); printf(" pw_shell = %s\n", ppasswd->pw_shell); } } int main(void) { doTest("bin"); doTest("non-existant-user"); return 0; } I used the following script to make the program: #!/bin/bash /opt/SuSE/bin/.profile gcc -DHAVE_CONFIG_H -I. -O2 -fmessage-length=0 -Wall -D_FORTIFY_SOURCE=2 -fno-strict-aliasing -I/usr/include/security -I/usr/include -Wno-parentheses -MT test.o -MD -MP -c -o test.o test.c /bin/sh ../lum/build/sles10-oes2-x86_64/usr/bin/libtool --tag=CC --mode=link gcc -O2 -fmessage-length=0 -Wall -D_FORTIFY_SOURCE=2 -fno-strict-aliasing -I/usr -Wall -Wno-parentheses -O2 -o test test.o I got the following output: doTest: Entered with username bin doTest: calling getpwnam_r doTest: errno after call to getpwnam_r = 0 doTest: getpwnam_r succeeded for user bin pw_name = bin pw_passwd = x pw_uid = 1 pw_gid = 1 pw_gecos = bin pw_shell = /bin/bash doTest: calling getpwnam doTest: getpwnam succeeded for user bin pw_name = bin pw_passwd = x pw_uid = 1 pw_gid = 1 pw_gecos = bin pw_shell = /bin/bash doTest: Entered with username non-existant-user doTest: calling getpwnam_r doTest: errno after call to getpwnam_r = 0 doTest: getpwnam_r succeeded for user non-existant-user pw_name = greg2 pw_passwd = x pw_uid = 1002 pw_gid = 100 pw_gecos = pw_shell = /bin/bash doTest: calling getpwnam doTest: getpwnam failed for non-existant-user, errno = 0. Content of /etc/nsswitch.conf # # /etc/nsswitch.conf # # An example Name Service Switch config file. This file should be # sorted with the most-used services at the beginning. # # The entry '[NOTFOUND=return]' means that the search for an # entry should stop if the search in the previous entry turned # up nothing. Note that if the search failed due to some other reason # (like no NIS server responding) then the search continues with the # next entry. # # Legal entries are: # # compat Use compatibility setup # nisplus Use NIS+ (NIS version 3) # nis Use NIS (NIS version 2), also called YP # dns Use DNS (Domain Name Service) # files Use the local files # [NOTFOUND=return] Stop searching if not found so far # # For more information, please read the nsswitch.conf.5 manual page. # passwd: compat shadow: compat group: compat hosts: files dns networks: files dns services: files protocols: files rpc: files ethers: files netmasks: files netgroup: files nis publickey: files bootparams: files automount: files nis aliases: files Content of /etc/passwd at:x:25:25:Batch jobs daemon:/var/spool/atjobs:/bin/bash bin:x:1:1:bin:/bin:/bin/bash daemon:x:2:2:Daemon:/sbin:/bin/bash ftp:x:40:49:FTP account:/srv/ftp:/bin/bash games:x:12:100:Games account:/var/games:/bin/bash gdm:x:50:105:Gnome Display Manager daemon:/var/lib/gdm:/bin/false haldaemon:x:101:102:User for haldaemon:/var/run/hal:/bin/false lp:x:4:7:Printing daemon:/var/spool/lpd:/bin/bash mail:x:8:12:Mailer daemon:/var/spool/clientmqueue:/bin/false man:x:13:62:Manual pages viewer:/var/cache/man:/bin/bash messagebus:x:100:101:User for D-BUS:/var/run/dbus:/bin/false news:x:9:13:News system:/etc/news:/bin/bash nobody:x:65534:65533:nobody:/var/lib/nobody:/bin/bash novell_nobody:x:104:107:Novell System User:/opt/novell:/bin/bash novlxregd:x:81:81:Novell XRegD System User:/var/opt/novell/xtier/xregd:/bin/false novlxsrvd:x:82:81:Novell XSrvD System User:/var/opt/novell/xtier/xsrvd:/bin/false ntp:x:74:103:NTP daemon:/var/lib/ntp:/bin/false postfix:x:51:51:Postfix Daemon:/var/spool/postfix:/bin/false root:x:0:0:root:/root:/bin/bash sshd:x:71:65:SSH daemon:/var/lib/sshd:/bin/false suse-ncc:x:103:106:Novell Customer Center User:/var/lib/YaST2/suse-ncc-fakehome:/bin/bash tomcat:x:102:104:Tomcat:/usr/share/tomcat5:/bin/sh uucp:x:10:14:Unix-to-Unix CoPy system:/etc/uucp:/bin/bash wwwrun:x:30:8:WWW daemon apache:/var/lib/wwwrun:/bin/false grichardson:x:1000:100:grichardson:/home/grichardson:/bin/bash greg1:x:1001:100::/home/greg1:/bin/bash greg2:x:1002:100::/home/greg2:/bin/bash -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.