Bug 223431 - "pw useradd -D -e" writes bogus expire_days value into pw.conf
Summary: "pw useradd -D -e" writes bogus expire_days value into pw.conf
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: 10.4-RELEASE
Hardware: Any Any
: --- Affects Some People
Assignee: Eugene Grosbein
URL:
Keywords: patch
Depends on:
Blocks:
 
Reported: 2017-11-04 17:52 UTC by Victor Sudakov
Modified: 2017-12-14 13:23 UTC (History)
5 users (show)

See Also:
eugen: mfc-stable11?
eugen: mfc-stable10?

Attachments
fix -e with -D (1.19 KB, patch)
2017-11-05 12:04 UTC, Yuri Pankov 		no flags Details | Diff
fix -e and -p with -D, properly use the config values (3.73 KB, patch)
2017-11-05 13:28 UTC, Yuri Pankov 		no flags Details | Diff
fix -e and -p with -D, properly use the config values, update man page (4.11 KB, patch)
2017-11-05 13:52 UTC, Yuri Pankov 		no flags Details | Diff
proposed fix (3.76 KB, patch)
2017-11-05 14:54 UTC, Eugene Grosbein 		no flags Details | Diff
proposed fix (5.39 KB, patch)
2017-11-05 18:25 UTC, Eugene Grosbein 		no flags Details | Diff
Show Obsolete (3) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Victor Sudakov 2017-11-04 17:52:26 UTC 
How to reproduce&

# pw useradd -D -e +1y
# grep expire_days /etc/pw.conf 
expire_days = 1541353753
# 

WTF is 1541353753 days? It's four million years!
Comment 1 Yuri Pankov 2017-11-05 12:04:07 UTC 
Created attachment 187753 [details]
fix -e with -D
Comment 2 Victor Sudakov 2017-11-05 12:10:51 UTC 
Hmm, even with a numeric argument it sets the expiry date incorrectly in
newly created accounts, see the "Expire" line below:
  
root@gw:~ # pw useradd -D -e 365
root@gw:~ # grep expire_days /etc/pw.conf
expire_days = 365
root@gw:~ #
root@gw:~ # pw useradd sobaka
Password for 'sobaka' is: rcv8n2PJVP9dt
root@gw:~ #
root@gw:~ # chsh sobaka
Changing user information for sobaka.
Login: sobaka
Password: $6$KwbJbuUKt03pocQG$nC5mirikOyzF1oFbZacRpn2GXBT1scOBvvtJ8Jfsyw7YPpsR0hW8wDSwLK9uuzAXFNt7aTcFgylweMTXtx1Np.
Uid [#]: 1873
Gid [# or name]: 1000
Change [month day year]:
Expire [month day year]: January 1, 1970
Class: russian
Home directory: /home/sobaka
Shell: /bin/tcsh
Full Name: User &
Office Location:
Office Phone:
Home Phone:
Other information:
Comment 3 Victor Sudakov 2017-11-05 12:54:36 UTC 
Even if I treat expire_days as seconds, new accounts are still created
with the expiration date in the past (seconds since epoch, not since 
the moment of account creation).
Comment 4 Yuri Pankov 2017-11-05 13:28:11 UTC 
Created attachment 187757 [details]
fix -e and -p with -D, properly use the config values

- move the checks to mix_config() as we need to know if we are writing the config (-D)
- if writing config, use the values specified on the command line (checking them for validity)
- if we are adding the user, first try the value on the command line, then the value in the config, and finally just disable the expiration
Comment 5 Yuri Pankov 2017-11-05 13:52:33 UTC 
Created attachment 187758 [details]
fix -e and -p with -D, properly use the config values, update man page

Same as above, plus update '-p days' description in the man page.
Comment 6 Eugene Grosbein freebsd_committer freebsd_triage 2017-11-05 14:54:21 UTC 
Created attachment 187759 [details]
proposed fix

This patch corrects expiration period handling and command line overrides to preconfigured values for -e, -p and -w flags.
Comment 7 Eugene Grosbein freebsd_committer freebsd_triage 2017-11-05 14:56:52 UTC 
(In reply to vas from comment #3)

passwd(5) manual page specifies:

     The expire field is the number of seconds from the epoch, UTC, until the
     account expires.
Comment 8 Alan Somers freebsd_committer freebsd_triage 2017-11-05 16:54:41 UTC 
Nice catch.  You should also add a testcase to usr.sbin/pw/tests/pw_useradd_test.sh
Comment 9 Eugene Grosbein freebsd_committer freebsd_triage 2017-11-05 17:01:47 UTC 
(In reply to Alan Somers from comment #8)

Is there any guide about writing such tests?
Comment 10 Alan Somers freebsd_committer freebsd_triage 2017-11-05 17:32:15 UTC 
The only relevant guides are the tests(7) and atf(7) man pages, and everything they link to.  For this PR it should be sufficient to copy one of the existing tests in that file as a template.  Make sure you include the PR number in a comment.
Comment 11 Victor Sudakov 2017-11-05 17:38:03 UTC 
(In reply to Eugene Grosbein from comment #7)

Yes, but expire_days form pw.conf should somehow translate to now()+expire_days when actually placing the value into the passwd(5) expire field, which is not happening.
Comment 12 Eugene Grosbein freebsd_committer freebsd_triage 2017-11-05 18:25:52 UTC 
Created attachment 187765 [details]
proposed fix
Comment 13 Eugene Grosbein freebsd_committer freebsd_triage 2017-11-05 18:26:30 UTC 
(In reply to vas from comment #11)

You are right. Please try updated patch.
Comment 14 Victor Sudakov 2017-11-06 06:58:09 UTC 
(In reply to Eugene Grosbein from comment #13)

Looks like the patch works:

root@gw:~ # pw useradd -D -e 0
root@gw:~ # grep expire_days /etc/pw.conf 
expire_days = 0
root@gw:~ # pw useradd -D -e 365
root@gw:~ # grep expire_days /etc/pw.conf
expire_days = 365
root@gw:~ # pw useradd sobaka
root@gw:~ # chsh sobaka 
[...]
Expire [month day year]: November 6, 2018
Comment 15 commit-hook freebsd_committer freebsd_triage 2017-12-09 23:35:06 UTC 
A commit references this bug:

Author: eugen
Date: Sat Dec  9 23:34:01 UTC 2017
New revision: 326738
URL: https://svnweb.freebsd.org/changeset/base/326738

Log:
  pw(8): correct expiration period handling and command line overrides
  to preconfigured values for -e, -p and -w flags.

  Use non-negative symbols instead of magic values
  in passwd_val/pw_password functions.

  PR:		223431
  Submitted by:	Yuri Pankov (in part, patch for the manual)
  Reported by:	mav (mentor)
  MFC after:	3 days
  Relnotes:	yes

Changes:
  head/usr.sbin/pw/psdate.c
  head/usr.sbin/pw/psdate.h
  head/usr.sbin/pw/pw.8
  head/usr.sbin/pw/pw.h
  head/usr.sbin/pw/pw_conf.c
  head/usr.sbin/pw/pw_user.c
Comment 16 commit-hook freebsd_committer freebsd_triage 2017-12-14 13:07:26 UTC 
A commit references this bug:

Author: eugen
Date: Thu Dec 14 13:06:42 UTC 2017
New revision: 326848
URL: https://svnweb.freebsd.org/changeset/base/326848

Log:
  MFC r326738: pw(8): correct expiration period handling
    and command line overrides to preconfigured values for -e, -p and -w flags.

    Use non-negative symbols instead of magic values
    in passwd_val/pw_password functions.

  PR:		223431
  Submitted by:	Yuri Pankov (in part, patch for the manual)
  Approved by:	mav (mentor)
  Relnotes:	yes

Changes:
_U  stable/11/
  stable/11/usr.sbin/pw/psdate.c
  stable/11/usr.sbin/pw/psdate.h
  stable/11/usr.sbin/pw/pw.8
  stable/11/usr.sbin/pw/pw.h
  stable/11/usr.sbin/pw/pw_conf.c
  stable/11/usr.sbin/pw/pw_user.c
Comment 17 commit-hook freebsd_committer freebsd_triage 2017-12-14 13:10:31 UTC 
A commit references this bug:

Author: eugen
Date: Thu Dec 14 13:10:23 UTC 2017
New revision: 326849
URL: https://svnweb.freebsd.org/changeset/base/326849

Log:
  MFC r326738: pw(8): correct expiration period handling
    and command line overrides to preconfigured values for -e, -p and -w flags.

    Use non-negative symbols instead of magic values
    in passwd_val/pw_password functions.

  PR:		223431
  Submitted by:	Yuri Pankov (in part, patch for the manual)
  Approved by:	mav (mentor)
  Relnotes:	yes

Changes:
_U  stable/10/
  stable/10/usr.sbin/pw/psdate.c
  stable/10/usr.sbin/pw/psdate.h
  stable/10/usr.sbin/pw/pw.8
  stable/10/usr.sbin/pw/pw.h
  stable/10/usr.sbin/pw/pw_conf.c
  stable/10/usr.sbin/pw/pw_user.c
Comment 18 Eugene Grosbein freebsd_committer freebsd_triage 2017-12-14 13:23:59 UTC 
Fixed, thank you for the report!