Bug 238559 - sysutils/bareos-client: installs passwordless
Summary: sysutils/bareos-client: installs passwordless
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Jose Alonso Cardenas Marquez
Keywords: needs-qa
Depends on:
Reported: 2019-06-14 10:56 UTC by O. Hartmann
Modified: 2020-12-01 16:21 UTC (History)
1 user (show)

See Also:
bugzilla: maintainer-feedback? (acm)


Note You need to log in before you can comment on or make changes to this bug.
Description O. Hartmann 2019-06-14 10:56:14 UTC
Prts tree is at r504068. Installation of port sysutils/bareos-client installs a user on the local machine with a potential risc due to the lack of a password or an explicite account lock. vipw reveals after installation this row:

bareos::997:997::0:0:Bareos Daemon:/var/db/bareos:/usr/sbin/nologin

which should be

bareos:*:997:997::0:0:Bareos Daemon:/var/db/bareos:/usr/sbin/nologin

(the asterisk!).
Comment 1 Kubilay Kocak freebsd_committer freebsd_triage 2019-06-14 11:06:59 UTC
This port only uses the ports framework provided method to add users/groups:

USERS=          bareos
GROUPS=         ${USERS}

As such it is unlikely an issue, but if so, an issue that would affect every port that uses it.

Further, note that the user account has the shell set to /usr/sbin/nologin

man 8 nologin shows:

     The nologin utility displays a message that an account is not available
     and exits non-zero.  It is intended as a replacement shell field for
     accounts that have been disabled.
Comment 2 Jose Alonso Cardenas Marquez freebsd_committer 2019-12-31 15:48:29 UTC
Hi, I have tested it on 12.1p1 and bareos line include * into passwd file

bareos:*:997:997::0:0:Bareos Daemon:/var/db/bareos:/usr/sbin/nologin

Could youo confirm if it was resolved? Maybe it was a change on port framework. Thanks
Comment 3 Brad Ackerman 2020-10-10 20:28:34 UTC
Fixed on 11 as well.