Debian bug report logs - #1720, boring messages


Message sent to debian-devel@pixar.com:


Subject: Bug#1720: adduser: races, and chmod/chown - patch provided
Reply-To: Austin Donnelly <and1000@cam.ac.uk>, debian-bugs@pixar.com
Resent-From: Austin Donnelly <and1000@cam.ac.uk>
Resent-To: debian-devel@pixar.com
Resent-Date: Sat, 21 Oct 1995 01:48:02 GMT
Resent-Message-ID: <debian-bugs-handler.1720.B10210139490@pixar.com>
Resent-Sender: iwj10@cus.cam.ac.uk
X-Debian-PR-Package: adduser
X-Debian-PR-Keywords: 
Received: via spool for debian-bugs; Sat, 21 Oct 1995 01:48:02 GMT
Received: with rfc822 via encapsulated-mail; Sat, 21 Oct 1995 01:39:49 GMT
Received: from pixar.com by mongo.pixar.com with smtp
	(Smail3.1.28.1 #15) id m0t6Ssv-000BiLC; Fri, 20 Oct 95 18:38 PDT
Received: from black.csi.cam.ac.uk by pixar.com with SMTP id AA10338
  (5.67b/IDA-1.5 for debian-bugs-pipe@mongo.pixar.com); Fri, 20 Oct 1995 18:33:33 -0700
Received: from valour.pem.cam.ac.uk [131.111.200.47] (ident = root)
	by black.csi.cam.ac.uk with smtp
	(Smail-3.1.29.0 #36) id m0t6Sop-000CBnC; Sat, 21 Oct 95 02:33 BST
Received: by valour.pem.cam.ac.uk
	id m0t6Sow-000z5NC
	(Debian /\oo/\ Smail3.1.29.1 #29.33); Sat, 21 Oct 95 02:33 BST
Date: Sat, 21 Oct 1995 02:33:58 +0100 (BST)
From: Austin Donnelly <and1000@cam.ac.uk>
X-Sender: and1000@valour.pem.cam.ac.uk
To: debian-bugs@pixar.com
Message-Id: <Pine.LNX.3.91.951021022604.15283A-100000@valour.pem.cam.ac.uk>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII


Package: adduser
Version: 1.94-1

Three different bugs fixed here:

 (1) There were a few race conditions in locking the password and
     group files.  A badly timed ^C could result in the lockfile
     not being cleared.

 (2) chown()/chmod() persistantly used in the wrong order throughout.
     Could people please take note: chown()ing a file removes the
     setuid and setgid bits on it!  It's no use chmod()ing a file to
     be setgid, then chown()ing it to someone else.

 (3) The copy_to_file() routine doesn't preserve permissions.  This
     means that giving user's a default .xsession (which must be rwx)
     isn't possible. I've modified copy_to_file() to now copy the
     permissions with the file - but the files are chown()ed later, so
     the setuid/setgid bit will be lost. (This is probably the right
     thing to happen, in this instance).


As always, patch included...


Austin


--- /usr/sbin/adduser	Thu Oct  5 20:02:18 1995
+++ adduser	Sat Oct 21 02:24:19 1995
@@ -328,8 +328,8 @@
 	exit 1;
     }
     # lock the password file
-    link $PASSWD, $PLOCK;
     $passwd_state = "locked";
+    link $PASSWD, $PLOCK;
 }
 ##
 ## check if the group file is locked, if necessary:
@@ -344,8 +344,8 @@
 	exit 1;
     }
     # lock the group file
-    link $GROUP, $GLOCK;
     $group_state = "locked";
+    link $GROUP, $GLOCK;
 }


@@ -508,11 +508,11 @@
     }

     if ($make_group_also) {
-	chmod (02775, $home_dir);
 	chown ($new_uid, $new_gid, $home_dir);
+	chmod (02775, $home_dir);
     } else {
-	chmod (0755, $home_dir);
 	chown ($new_uid, 0, $home_dir);
+	chmod (0755, $home_dir);
     }

     &clean_up();
@@ -651,6 +651,7 @@
 	}
 	mkdir ($home_dir, $dir_mode);
 	chown ($new_uid, $new_gid, $home_dir);
+	chmod ($home_dir, $dir_mode); # since chown() resets set{gu}id bit
 	print "done.\n" if ($verbose);

 	##
@@ -857,12 +858,20 @@
 ##
 sub copy_to_dir {
     local ($file, $dir) = @_;
+    local ($dev, $ino, $mode, $nlink, $uid, $gid, $rdev, $size,
+	   $atime, $mtime, $ctime, $blksize, $blocks);

     if ((! -f $file) || (! -d $dir)) {
 	return -1;
     }

     open (FILE, $file) || die "open: $!";
+
+    # grab access permissions for later
+    ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,
+     $atime,$mtime,$ctime,$blksize,$blocks)
+	= stat($file);
+
     $file =~ s+.*/++;		# get the basename
     open (NEWFILE, ">$dir/$file") || die "open: $!";

@@ -872,6 +881,10 @@

     close FILE;
     close NEWFILE;
+
+    # now copy permissions saved earlier. Note setuid/setgid bit destroyed
+    # by a later chown call - maybe thats a good thing!
+    chmod($mode, "$dir/$file");

     return 1;
 }


Message sent:


From: iwj10@thor.cam.ac.uk (Ian Jackson)
To: Austin Donnelly <and1000@cam.ac.uk>
Subject: Bug#1720: Acknowledgement (was: adduser: races, and chmod/chown - patch provided)
In-Reply-To: <Pine.LNX.3.91.951021022604.15283A-100000@valour.pem.cam.ac.uk>
References: <Pine.LNX.3.91.951021022604.15283A-100000@valour.pem.cam.ac.uk>

Thank you for the problem report you have sent regarding Debian GNU/Linux.
This is an automatically generated reply, to let you know your message has
been received.  It is being forwarded to the developers' mailing list for
their attention; they will reply in due course.

If you wish to submit further information on your problem, please send
it to debian-bugs@pixar.com, but please ensure that the Subject
line of your message starts with "Bug#1720" or "Re: Bug#1720" so that
we can identify it as relating to the same problem.

Please do not reply to the address at the top of this message,
unless you wish to report a problem with the bug-tracking system.

Ian Jackson
(maintainer, debian-bugs)


Message sent to debian-devel@pixar.com:


Subject: Bug#1720: adduser: races, and chmod/chown - patch provided
Reply-To: Ian Jackson <ian@chiark.chu.cam.ac.uk>, debian-bugs@pixar.com
Resent-From: Ian Jackson <ian@chiark.chu.cam.ac.uk>
Resent-To: debian-devel@pixar.com
Resent-Date: Sat, 21 Oct 1995 14:18:03 GMT
Resent-Message-ID: <debian-bugs-handler.1720.B10211417460@pixar.com>
Resent-Sender: iwj10@cus.cam.ac.uk
X-Debian-PR-Package: adduser
X-Debian-PR-Keywords: 
Received: via spool for debian-bugs; Sat, 21 Oct 1995 14:18:03 GMT
Received: with rfc822 via encapsulated-mail; Sat, 21 Oct 1995 14:17:44 GMT
Received: from pixar.com by mongo.pixar.com with smtp
	(Smail3.1.28.1 #15) id m0t6eiX-0005zHC; Sat, 21 Oct 95 07:16 PDT
Received: from artemis.chu.cam.ac.uk by pixar.com with SMTP id AA11140
  (5.67b/IDA-1.5 for debian-bugs-pipe@mongo.pixar.com); Sat, 21 Oct 1995 07:15:39 -0700
Received: from chiark.chu.cam.ac.uk by artemis.chu.cam.ac.uk with smtp
	(Smail3.1.29.1 #33) id m0t6ehx-0007uOC; Sat, 21 Oct 95 15:15 BST
Received: by chiark.chu.cam.ac.uk
	id m0t6ehq-0002bAC
	(Debian /\oo/\ Smail3.1.29.1 #29.33); Sat, 21 Oct 95 15:15 BST
Message-Id: <m0t6ehq-0002bAC@chiark.chu.cam.ac.uk>
Date: Sat, 21 Oct 95 15:15 BST
From: Ian Jackson <ian@chiark.chu.cam.ac.uk>
To: Austin Donnelly <and1000@cam.ac.uk>, debian-bugs@Pixar.com

Austin Donnelly writes ("Bug#1720: adduser: races, and chmod/chown - patch provided"):
> Package: adduser
> Version: 1.94-1
>
> Three different bugs fixed here:
>
>  (1) There were a few race conditions in locking the password and
>      group files.  A badly timed ^C could result in the lockfile
>      not being cleared.
>
>  (2) chown()/chmod() persistantly used in the wrong order throughout.
>      Could people please take note: chown()ing a file removes the
>      setuid and setgid bits on it!  It's no use chmod()ing a file to
>      be setgid, then chown()ing it to someone else.
>
>  (3) The copy_to_file() routine doesn't preserve permissions.  This
>      means that giving user's a default .xsession (which must be rwx)
>      isn't possible. I've modified copy_to_file() to now copy the
>      permissions with the file - but the files are chown()ed later, so
>      the setuid/setgid bit will be lost. (This is probably the right
>      thing to happen, in this instance).
>
>
> As always, patch included...

Please see also my bug reports, #1544 and #1500.  #1544 contains a
patch that fixes all the problems I've encountered with adduser, and
which will probably overlap with Austin's.

I remember seeing a message on debian-* saying that we have a new
maintainer for adduser - would they please step forward so that we can
dump this lot on them ? :-)

If they don't I suppose I could make an interim release, which might
stop any more people submitting patches for overlapping subsets of
bugs.

Ian.


Message sent:


From: iwj10@thor.cam.ac.uk (Ian Jackson)
To: Ian Jackson <ian@chiark.chu.cam.ac.uk>
Subject: Bug#1720: Info received (was Bug#1720: adduser: races, and chmod/chown - patch provided)
In-Reply-To: <m0t6ehq-0002bAC@chiark.chu.cam.ac.uk>
References: <m0t6ehq-0002bAC@chiark.chu.cam.ac.uk>

Thank you for the additional information you have supplied regarding
this problem report.  It has been forwarded to the developers to
accompany the original report.

If you wish to continue to submit further information on your problem,
please do the same thing again: send it to debian-bugs@pixar.com, ensuring
that the Subject line starts with "Bug#1720" or "Re: Bug#1720" so that
we can identify it as relating to the same problem.

Please do not reply to the address at the top of this message,
unless you wish to report a problem with the bug-tracking system.

Ian Jackson
(maintainer, debian-bugs)


Message sent:


From: iwj10@thor.cam.ac.uk (Ian Jackson)
To: sr1@irz301.inf.tu-dresden.de (Sven Rudolph)
In-Reply-To: <199510231643.RAA16150@irz101.inf.tu-dresden.de>
References: <199510231643.RAA16150@irz101.inf.tu-dresden.de> <Pine.LNX.3.91.951021022604.15283A-100000@valour.pem.cam.ac.uk>
Subject: Bug#1720: marked as done (was: adduser: races, and chmod/chown - patch provided)

Your message dated Mon, 23 Oct 1995 17:43:19 +0100
with message-id <199510231643.RAA16150@irz101.inf.tu-dresden.de>
and subject line Bug#1720: adduser: races, and chmod/chown - patch provided
has caused the attached bug report to be marked as done.

It is your now responsibility to ensure that the bug report is dealt
with.

(NB: If you are a system administrator and have no idea what I'm
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Ian Jackson
(maintainer, debian-bugs)

Received: with rfc822 via encapsulated-mail; Sat, 21 Oct 1995 01:39:49 GMT
From cam.ac.uk!and1000 Fri Oct 20 18:38:06 1995
Return-Path: <and1000@cam.ac.uk>
Received: from pixar.com by mongo.pixar.com with smtp
	(Smail3.1.28.1 #15) id m0t6Ssv-000BiLC; Fri, 20 Oct 95 18:38 PDT
Received: from black.csi.cam.ac.uk by pixar.com with SMTP id AA10338
  (5.67b/IDA-1.5 for debian-bugs-pipe@mongo.pixar.com); Fri, 20 Oct 1995 18:33:33 -0700
Received: from valour.pem.cam.ac.uk [131.111.200.47] (ident = root)
	by black.csi.cam.ac.uk with smtp
	(Smail-3.1.29.0 #36) id m0t6Sop-000CBnC; Sat, 21 Oct 95 02:33 BST
Received: by valour.pem.cam.ac.uk
	id m0t6Sow-000z5NC
	(Debian /\oo/\ Smail3.1.29.1 #29.33); Sat, 21 Oct 95 02:33 BST
Date: Sat, 21 Oct 1995 02:33:58 +0100 (BST)
From: Austin Donnelly <and1000@cam.ac.uk>
X-Sender: and1000@valour.pem.cam.ac.uk
To: debian-bugs@pixar.com
Subject: adduser: races, and chmod/chown - patch provided
Message-Id: <Pine.LNX.3.91.951021022604.15283A-100000@valour.pem.cam.ac.uk>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII


Package: adduser
Version: 1.94-1

Three different bugs fixed here:

 (1) There were a few race conditions in locking the password and
     group files.  A badly timed ^C could result in the lockfile
     not being cleared.

 (2) chown()/chmod() persistantly used in the wrong order throughout.
     Could people please take note: chown()ing a file removes the
     setuid and setgid bits on it!  It's no use chmod()ing a file to
     be setgid, then chown()ing it to someone else.

 (3) The copy_to_file() routine doesn't preserve permissions.  This
     means that giving user's a default .xsession (which must be rwx)
     isn't possible. I've modified copy_to_file() to now copy the
     permissions with the file - but the files are chown()ed later, so
     the setuid/setgid bit will be lost. (This is probably the right
     thing to happen, in this instance).


As always, patch included...


Austin


--- /usr/sbin/adduser	Thu Oct  5 20:02:18 1995
+++ adduser	Sat Oct 21 02:24:19 1995
@@ -328,8 +328,8 @@
 	exit 1;
     }
     # lock the password file
-    link $PASSWD, $PLOCK;
     $passwd_state = "locked";
+    link $PASSWD, $PLOCK;
 }
 ##
 ## check if the group file is locked, if necessary:
@@ -344,8 +344,8 @@
 	exit 1;
     }
     # lock the group file
-    link $GROUP, $GLOCK;
     $group_state = "locked";
+    link $GROUP, $GLOCK;
 }


@@ -508,11 +508,11 @@
     }

     if ($make_group_also) {
-	chmod (02775, $home_dir);
 	chown ($new_uid, $new_gid, $home_dir);
+	chmod (02775, $home_dir);
     } else {
-	chmod (0755, $home_dir);
 	chown ($new_uid, 0, $home_dir);
+	chmod (0755, $home_dir);
     }

     &clean_up();
@@ -651,6 +651,7 @@
 	}
 	mkdir ($home_dir, $dir_mode);
 	chown ($new_uid, $new_gid, $home_dir);
+	chmod ($home_dir, $dir_mode); # since chown() resets set{gu}id bit
 	print "done.\n" if ($verbose);

 	##
@@ -857,12 +858,20 @@
 ##
 sub copy_to_dir {
     local ($file, $dir) = @_;
+    local ($dev, $ino, $mode, $nlink, $uid, $gid, $rdev, $size,
+	   $atime, $mtime, $ctime, $blksize, $blocks);

     if ((! -f $file) || (! -d $dir)) {
 	return -1;
     }

     open (FILE, $file) || die "open: $!";
+
+    # grab access permissions for later
+    ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,
+     $atime,$mtime,$ctime,$blksize,$blocks)
+	= stat($file);
+
     $file =~ s+.*/++;		# get the basename
     open (NEWFILE, ">$dir/$file") || die "open: $!";

@@ -872,6 +881,10 @@

     close FILE;
     close NEWFILE;
+
+    # now copy permissions saved earlier. Note setuid/setgid bit destroyed
+    # by a later chown call - maybe thats a good thing!
+    chmod($mode, "$dir/$file");

     return 1;
 }


Message sent:


From: iwj10@thor.cam.ac.uk (Ian Jackson)
To: Austin Donnelly <and1000@cam.ac.uk>
Subject: Bug#1720 acknowledged by developer (was: adduser: races, and chmod/chown - patch provided)
References: <199510231643.RAA16150@irz101.inf.tu-dresden.de> <Pine.LNX.3.91.951021022604.15283A-100000@valour.pem.cam.ac.uk>
In-Reply-To: <Pine.LNX.3.91.951021022604.15283A-100000@valour.pem.cam.ac.uk>

This is an automatic notification regarding your bug report.

Responsibility for it has been taken by one of the developers, namely
sr1@irz301.inf.tu-dresden.de (Sven Rudolph).

You should be hearing from them with a substantive response shortly, if
you have not already done so.  If not, please contact them directly,
or email debian-bugs@pixar.com or myself.

Ian Jackson
(maintainer, debian-bugs)


Ian Jackson / iwj10@thor.cam.ac.uk, with the debian-bugs tracking mechanism
This page last modified 07:43:01 GMT Wed 01 Nov