diff options
author | Baptiste Daroussin <bapt@FreeBSD.org> | 2015-07-28 21:49:38 +0000 |
---|---|---|
committer | Baptiste Daroussin <bapt@FreeBSD.org> | 2015-07-28 21:49:38 +0000 |
commit | 8b5f16fbd8d18aa47074a93c215947b3401257e7 (patch) | |
tree | 28c5ccfd969135baf65af5e7b833c2be2702995f /pw/pw_user.c | |
parent | 7fe27302ca1b955d97360f508b462470b593b0db (diff) | |
download | pw-darwin-8b5f16fbd8d18aa47074a93c215947b3401257e7.tar.gz pw-darwin-8b5f16fbd8d18aa47074a93c215947b3401257e7.tar.zst pw-darwin-8b5f16fbd8d18aa47074a93c215947b3401257e7.zip |
Reject usermod and userdel if the user concerned is not on the user database
supposed to be manipulated
This prevent pw usermod creating a new local user when requesting to usermod on
a username is defined in LDAP.
This issue only happens when modifying the local user database (not inpacting
commands when -V or -R are used).
PR: 187653
Submitted by: tmwalaszek@gmail.com
Diffstat (limited to 'pw/pw_user.c')
-rw-r--r-- | pw/pw_user.c | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/pw/pw_user.c b/pw/pw_user.c index aecc90a..cd9c23c 100644 --- a/pw/pw_user.c +++ b/pw/pw_user.c @@ -310,6 +310,7 @@ pw_user(int mode, char *name, long id, struct cargs * args) FILE *fp; char *dmode_c; void *set = NULL; + int valid_type = _PWF_FILES; static struct passwd fakeuser = { @@ -505,6 +506,14 @@ pw_user(int mode, char *name, long id, struct cargs * args) errx(EX_NOUSER, "no such user `%s'", name); } + if (conf.userconf->nispasswd && *conf.userconf->nispasswd == '/') + valid_type = _PWF_NIS; + + if (PWF._altdir == PWF_REGULAR && + ((pwd->pw_fields & _PWF_SOURCE) != valid_type)) + errx(EX_NOUSER, "no such %s user `%s'", + valid_type == _PWF_FILES ? "local" : "NIS" , name); + if (name == NULL) name = pwd->pw_name; @@ -1076,6 +1085,7 @@ pw_userdel(char *name, long id) char grname[LOGNAMESIZE]; int rc; struct stat st; + int valid_type = _PWF_FILES; if (id < 0 && name == NULL) errx(EX_DATAERR, "username or id required"); @@ -1086,6 +1096,15 @@ pw_userdel(char *name, long id) errx(EX_NOUSER, "no such uid `%ld'", id); errx(EX_NOUSER, "no such user `%s'", name); } + + if (conf.userconf->nispasswd && *conf.userconf->nispasswd == '/') + valid_type = _PWF_NIS; + + if (PWF._altdir == PWF_REGULAR && + ((pwd->pw_fields & _PWF_SOURCE) != valid_type)) + errx(EX_NOUSER, "no such %s user `%s'", + valid_type == _PWF_FILES ? "local" : "NIS" , name); + uid = pwd->pw_uid; if (name == NULL) name = pwd->pw_name; |