pw usermod -d /home/bob -u bob -m yields drwxr-xr-x 2 root wheel 512 Aug 25 12:43 /home/bob Ie, the home directory is owned by root. This makes (some) sense once you realize that "-u" is supposed to take a number: -u uid Specify the user/account numeric id. So I'm guessing that in this case pw(8) determined that there is no UID "bob", and hence created the directory as being owned by root. Now to make the whole story short, I think that if the argument to "-u" is supposed to be numeric, then pw(8) should error out if it is not actually numeric. Fix: some sort of atoi checking in src/usr.sbin/pw/pw_user.c How-To-Repeat: pw usermod -d /home/bob -u bob -m
Fixed. Now pw(1) will exit with error if supplied with non-numeric ID. Generated at: EuroBSDCon-2010 hackers lounge by gpf@, kibab@, bcr@
The included diff implements the suggestion from the audit-trail. More specifically, when pw is invoced as in "pw usermod testuser2 -u testuser1", the routine changes testuser2's uid to testuser2's. This behaviour is in dissaccord with the man-page, which expects -u <uid>, it is, however, more convenient to the admin wishing to declare aliases. It is necessary to reach a decision as to if to implement the first fix (returning error) or the second (deriving uid from uname). The PR should be closed in the one or the other, but timely, fashion, though. Cheers, -- Christopher J. Ruwe TZ GMT + 2
Sorry, above "fix" breaks when invoced with anything more than "pw usermpd user -u otheruser" and should not be considered a fix, it introduces more problems instead. -- Christopher J. Ruwe TZ GMT + 2
This has been fixed in the meantime