Bug 238559

Summary: sysutils/bareos-client: installs passwordless
Product: Ports & Packages Reporter: O. Hartmann <ohartmann>
Component: Individual Port(s)Assignee: Jose Alonso Cardenas Marquez <acm>
Status: Closed FIXED    
Severity: Affects Many People CC: brad
Priority: --- Keywords: needs-qa
Version: LatestFlags: bugzilla: maintainer-feedback? (acm)
Hardware: Any   
OS: Any   

Description O. Hartmann 2019-06-14 10:56:14 UTC
Prts tree is at r504068. Installation of port sysutils/bareos-client installs a user on the local machine with a potential risc due to the lack of a password or an explicite account lock. vipw reveals after installation this row:

bareos::997:997::0:0:Bareos Daemon:/var/db/bareos:/usr/sbin/nologin

which should be

bareos:*:997:997::0:0:Bareos Daemon:/var/db/bareos:/usr/sbin/nologin

(the asterisk!).
Comment 1 Kubilay Kocak freebsd_committer freebsd_triage 2019-06-14 11:06:59 UTC
This port only uses the ports framework provided method to add users/groups:

USERS=          bareos
GROUPS=         ${USERS}

As such it is unlikely an issue, but if so, an issue that would affect every port that uses it.

Further, note that the user account has the shell set to /usr/sbin/nologin

man 8 nologin shows:

     The nologin utility displays a message that an account is not available
     and exits non-zero.  It is intended as a replacement shell field for
     accounts that have been disabled.
Comment 2 Jose Alonso Cardenas Marquez freebsd_committer 2019-12-31 15:48:29 UTC
Hi, I have tested it on 12.1p1 and bareos line include * into passwd file

bareos:*:997:997::0:0:Bareos Daemon:/var/db/bareos:/usr/sbin/nologin

Could youo confirm if it was resolved? Maybe it was a change on port framework. Thanks
Comment 3 Brad Ackerman 2020-10-10 20:28:34 UTC
Fixed on 11 as well.