Bug 238995

Summary: adduser does not check for pre-existing user field entries in /etc/group
Product: Base System Reporter: Dennis Clarke <dclarke>
Component: binAssignee: freebsd-bugs (Nobody) <bugs>
Status: New ---    
Severity: Affects Many People CC: swills
Priority: ---    
Version: CURRENT   
Hardware: Any   
OS: Any   

Description Dennis Clarke 2019-07-04 19:29:22 UTC
Seems minor but merely annoying. One may edit /etc/group before running
adduser and put in the future username for some group.  Seems trivial.
 
vesta# uname -a 
FreeBSD vesta 12.0-RELEASE-p4 FreeBSD 12.0-RELEASE-p4 GENERIC  amd64

Toss a group into /etc/group :

vesta# /usr/bin/printf "foo:*:12345:someuser\n" >> /etc/group
vesta# grep 'foo' /etc/group
foo:*:12345:someuser
vesta# 

Now run adduser and toss a new user into the system with that group
as a part of the creation process : 

vesta# adduser
Username: someuser
Full name: Some Test User
Uid (Leave empty for default): 54321
Login group [someuser]: 
Login group is someuser. Invite someuser into other groups? []: foo
Login class [default]: 
Shell (sh csh tcsh bash rbash git-shell nologin) [sh]: 
Home directory [/home/someuser]: 
Home directory permissions (Leave empty for default): 
Use password-based authentication? [yes]: 
Use an empty password? (yes/no) [no]: 
Use a random password? (yes/no) [no]: 
Enter password: 
Enter password again: 
Lock out the account after creation? [no]: 
Username   : someuser
Password   : *****
Full Name  : Some Test User
Uid        : 54321
Class      : 
Groups     : someuser foo
Home       : /home/someuser
Home Mode  : 
Shell      : /bin/sh
Locked     : no
OK? (yes/no): yes
adduser: INFO: Successfully added (someuser) to the user database.
Add another user? (yes/no): no
Goodbye!
vesta# 

Here adduser duplicates the entry for the group 'foo' : 

vesta# grep 'foo' /etc/group
foo:*:12345:someuser,someuser
vesta# 
 
Seems trivial and slightly annoying.

-- 
Dennis Clarke
RISC-V/SPARC/PPC/ARM/CISC
UNIX and Linux spoken
GreyBeard and suspenders optional
Comment 1 Dennis Clarke 2021-11-23 05:02:15 UTC
Here we are at the end of 2021 and heading into 2022 and we still
have this situation : 

We have the following group in /etc/group : 

aarch64:*:31415:aarch64

We then create the user aarch64 with the slightly borked adduser : 

europa# adduser 
Username: aarch64
Full name: ARM64 QEMU
Uid (Leave empty for default): 31415
Login group [aarch64]: 
Login group is aarch64. Invite aarch64 into other groups? []: devl
Login class [default]: 
Shell (sh csh tcsh git-shell bash rbash nologin) [sh]: 
Home directory [/home/aarch64]: 
Home directory permissions (Leave empty for default): 
Use password-based authentication? [yes]: 
Use an empty password? (yes/no) [no]: 
Use a random password? (yes/no) [no]: 
Enter password: 
Enter password again: 
Lock out the account after creation? [no]: 
Username   : aarch64
Password   : *****
Full Name  : ARM64 QEMU
Uid        : 31415
Class      : 
Groups     : aarch64 devl
Home       : /home/aarch64
Home Mode  : 
Shell      : /bin/sh
Locked     : no
OK? (yes/no): yes
adduser: INFO: Successfully added (aarch64) to the user database.
Add another user? (yes/no): no
Goodbye!
europa# 

Sure enough the "adduser" creates yet another group with the exact same
name but a separate gid : 

europa# grep 'aarch' /etc/group
devl:*:20002:dclarke,riscv,aarch64
aarch64:*:31415:aarch64
aarch64:*:31416:
europa# 

This is just plain blunt trauma wrong.  So now I need to go manually fix
this mess and change the gid ownership in the new user home directory.

-- 
Dennis Clarke
RISC-V/SPARC/PPC/ARM/CISC
UNIX and Linux spoken
GreyBeard and suspenders optional
Comment 2 Dennis Clarke 2021-11-23 05:06:49 UTC
Minor followup here is that the ownership of the user home directory
was in fact correct ! 

europa# cd /usr/home/aarch64/
europa# ls -lapbin 
total 10
65852 drwxr-xr-x  2 31415  31415     9 Nov 23 04:56 ./
   34 drwxr-xr-x  6 0      0         6 Nov 23 04:56 ../
65857 -rw-r--r--  1 31415  31415   962 Nov 23 04:56 .cshrc
65855 -rw-r--r--  1 31415  31415   323 Nov 23 04:56 .login
65858 -rw-r--r--  1 31415  31415    91 Nov 23 04:56 .login_conf
65853 -rw-------  1 31415  31415   301 Nov 23 04:56 .mail_aliases
65856 -rw-r--r--  1 31415  31415   267 Nov 23 04:56 .mailrc
65854 -rw-r--r--  1 31415  31415   978 Nov 23 04:56 .profile
65859 -rw-r--r--  1 31415  31415  1015 Nov 23 04:56 .shrc
europa# 

That is correct given the group entry : 

aarch64:*:31415:aarch64


Regardless we did get adduser doing the dumb task of creating another
group entry with the same name and a different gid.

Dennis