[PATCH] 2nd attempt at deluser/delgroup size reduction and improvements
Denys Vlasenko
vda.linux at googlemail.com
Sun Nov 7 16:52:54 UTC 2010
On Sunday 07 November 2010 15:38, Tito wrote:
> > >> What "standard" delgroup foo will do? I suspect it will
> > >> complain that haldaemon user's primary GID is 490
> > >> and therefore group foo can't be deleted.
> > >
> > > adduser prova
> > > Adding user `prova' ...
> > > Adding new group `prova' (1006) ...
> > > Adding new user `prova' (1004) with group `prova' ...
> > > adduser prova2 --ingroup prova
> > > Adding user `prova2' ...
> > > Adding new user `prova2' (1005) with group `prova' ...
> >
> > And what grep prova /etc/passwd /etc/group shows
> > after these?
I need an answer to the above question.
> > > Test case 1: Removing user prova:
> > >
> > > deluser prova
> >
> > Awww, my brainzzzz... Why do you delete *a user*?
> > We are trying to determine what is the correct behavior
> > of *delgroup*, right?
>
> Yes, we do but we have to take into account
> all corner cases.
>
> > > Removing user `prova' ...
> > > Warning: group `prova' has no more members.
> >
> > Seems like an erroneous message. Group prova
> > should still have at least prova2 user.
>
> No, it is referring to members of group prova
> like prova:1006:pippo,pluto
> primary groups will not show up here
> but only in /etc/passwd as
> user:uid:GID:......
I understand, but whoever reads this command may think that
there also are no users with the GID of this group.
IOW: message is lying.
> > Looks like code only checks /etc/group line
> > whether it contains additional usernames:
> > prova:x:1006:<any names here?>
>
> No. It walks /etc/passwd to see
> if there is any user with GID=1006
> as it is possible to delete
> a group even if it has members
> (like prova:1006:pippo,pluto)
> and real delgroup will not complain
> (see later)
In this case it should find prova2 and therefore NOT emit that message.
It does emit the message, though.
Therefore I think your theory is not correct.
> > but not /etc/passwd for users with GID=1006.
> > I'd say this is a bug.
> >
> > > userdel: Cannot remove group prova which is a primary group for another user.
> >
> > Right, this means that prova2 line looks like this:
> > prova2:x:1005:1006:...........
>
> Yes
> > > Done.
> > > grep prova /etc/group
> > > prova:x:1006:
>
> Infact group prova was not deleted as referenced
> in /etc/passwd by user prova2 (gid=1006)
> > >
> > > Test case 2: Removing user prova2:
> > >
> > > deluser prova2
> > > Removing user `prova2' ...
> > > Warning: group `prova' has no more members.
> > > Done.
> >
> > Attention. See _which_ group it deleted here?
>
> None. as there is no group with name prova2.
What code is emitting "Warning: group `prova' has no more members" then?
Obviously, a code which tries to delete group "prova" - why would
code check it otherwise? HOW the jump from "user prova2"
to "group prova" occurred? Their names don't match!
> > It did not try to delete a group with the same name as user,
> > it looked at GID (2006), found which group it is (prova),
> > and then deleted it.
>
> No, it just warned that group is empty as it always does (in the sense of no members).
But why the warning is about prova, not prova2?
> I'm aware now that the name matters
> only when trying to delgroup an UPG
> when doing deluser, in this case
> first check if there is a group with same name
I dont believe it looks for a group with the same name.
I think it looks for a group with the GID found in
deleted user's passwd line.
> as the user and if there is one
> check if it is used only by the user
> (walking /etc/passwd)
Can you determine which package your "standard" deluser/group tool
belongs? I would like to take a look at their source.
> So far what I'm sure about is:
>
> 1) delgroup can delete groups with members without erroring out (agroup:100:member1,member2)
Sure, why not
> 2) delgroup checks if gid of group is referenced in /etc/passwd as primary group of an user and errors out if gid is found
Yes.
> 3) deluser tries to delgroup the UPG:
> a) group with same name as user is found: do sanity checks and then remove
> b) group with same name as user is not found: do nothing and exit succes.
No (I think).
> Attached you find test version of deluser.c that should now do it the right
> way even if not displaying the same messages as the real version.
> I've tested it a little but it needs more cleanup and size reduction.
> Please take a look at it and help me to find the obvious bugs
> I'm not able to see right now.
I am applying this part:
if (!member) {
struct passwd *pw;
struct passwd pwent;
/* "delgroup GROUP" */
/* Check if the group is in use */
#define passwd_buf bb_common_bufsiz1
while (!getpwent_r(&pwent, passwd_buf, sizeof(passwd_buf), &pw)) {
if (pwent.pw_gid == gid)
bb_error_msg_and_die("'%s' still has '%s' as their primary group!", pwent.pw_name, name);
}
//endpwent();
}
Let's continue discussion on what "deluser foo" does.
--
vda
More information about the busybox
mailing list