git: 17839f45d86e - main - pw: Ensure group membership is not duplicated

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Joseph Mingrone <jrm_at_FreeBSD.org>
Date: Wed, 19 Jul 2023 13:39:46 UTC
The branch main has been updated by jrm:

URL: https://cgit.FreeBSD.org/src/commit/?id=17839f45d86e79065a65ad3e2522dd69b29a652c

commit 17839f45d86e79065a65ad3e2522dd69b29a652c
Author:     Naman Sood <mail@nsood.in>
AuthorDate: 2023-07-19 12:44:21 +0000
Commit:     Joseph Mingrone <jrm@FreeBSD.org>
CommitDate: 2023-07-19 13:36:09 +0000

    pw: Ensure group membership is not duplicated
    
    Fix the following problem:
    
    1. A nonexistent user, someuser, is added to somegroup in /etc/group.
    2. someuser is then created with membership in somegroup.
    
    The entry for somegroup in /etc/group will then contain
    
        somegroup:*:12345:someuser,someuser
    
    With this fix, the entry will be
    
        somegroup:*:12345:someuser
    
    PR:             238995
    Reviewed by:    bapt, jrm
    Sponsored by:   The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D41076
---
 usr.sbin/pw/pw.h       | 2 ++
 usr.sbin/pw/pw_group.c | 2 +-
 usr.sbin/pw/pw_user.c  | 3 +++
 3 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/usr.sbin/pw/pw.h b/usr.sbin/pw/pw.h
index fb1ba9a44f84..6eb5a25e56ec 100644
--- a/usr.sbin/pw/pw.h
+++ b/usr.sbin/pw/pw.h
@@ -114,3 +114,5 @@ extern const char *Which[];
 
 uintmax_t strtounum(const char * __restrict, uintmax_t, uintmax_t,
     const char ** __restrict);
+
+bool grp_has_member(struct group *grp, const char *name);
diff --git a/usr.sbin/pw/pw_group.c b/usr.sbin/pw/pw_group.c
index 277763041f0a..48f999d3e1d3 100644
--- a/usr.sbin/pw/pw_group.c
+++ b/usr.sbin/pw/pw_group.c
@@ -418,7 +418,7 @@ pw_group_del(int argc, char **argv, char *arg1)
 	return (EXIT_SUCCESS);
 }
 
-static bool
+bool
 grp_has_member(struct group *grp, const char *name)
 {
 	int j;
diff --git a/usr.sbin/pw/pw_user.c b/usr.sbin/pw/pw_user.c
index bea248c802ed..9029069c6a9f 100644
--- a/usr.sbin/pw/pw_user.c
+++ b/usr.sbin/pw/pw_user.c
@@ -1408,6 +1408,9 @@ pw_user_add(int argc, char **argv, char *arg1)
 	if (cmdcnf->groups != NULL) {
 		for (i = 0; i < cmdcnf->groups->sl_cur; i++) {
 			grp = GETGRNAM(cmdcnf->groups->sl_str[i]);
+			/* gr_add doesn't check if new member is already in group */
+			if (grp_has_member(grp, pwd->pw_name))
+				continue;
 			grp = gr_add(grp, pwd->pw_name);
 			/*
 			 * grp can only be NULL in 2 cases: