From 87935c4d727d66c9400c299c2b69fff91e0183e7 Mon Sep 17 00:00:00 2001 From: Renato Botelho Date: Thu, 2 Jul 2015 17:30:59 +0000 Subject: When passwd or group information is changed (by pw, vipw, chpass, ...) temporary file is created and then a rename() call move it to official file. This operation didn't have any check to make sure data was written to disk and if a power cycle happens system could end up with a 0 length passwd or group database. There is a pfSense bug with more infor about it: https://redmine.pfsense.org/issues/4523 The following changes were made to protect passwd and group operations: * lib/libutil/gr_util.c: - Replace mkstemp() by mkostemp() with O_SYNC flag to create temp file - After rename(), fsync() call on directory for faster result * lib/libutil/pw_util.c - Replace mkstemp() by mkostemp() with O_SYNC flag to create temp file * usr.sbin/pwd_mkdb/pwd_mkdb.c - Added O_SYNC flag on dbopen() calls - After rename(), fsync() call on directory for faster result * lib/libutil/pw_util.3 - pw_lock() returns a file descriptor to master password file on success Differential Revision: https://reviews.freebsd.org/D2978 Approved by: bapt Sponsored by: Netgate --- libutil/pw_util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'libutil/pw_util.c') diff --git a/libutil/pw_util.c b/libutil/pw_util.c index befd1fb..af749d5 100644 --- a/libutil/pw_util.c +++ b/libutil/pw_util.c @@ -226,7 +226,7 @@ pw_tmp(int mfd) errno = ENAMETOOLONG; return (-1); } - if ((tfd = mkstemp(tempname)) == -1) + if ((tfd = mkostemp(tempname, O_SYNC)) == -1) return (-1); if (mfd != -1) { while ((nr = read(mfd, buf, sizeof(buf))) > 0) -- cgit v1.2.3-56-ge451