[PATCH] 2nd attempt at deluser/delgroup size reduction and improvements

Sun Nov 7 17:44:02 UTC 2010

On Sunday 07 November 2010 17:52:54 Denys Vlasenko wrote:
> On Sunday 07 November 2010 15:38, Tito wrote:
> > > >> What "standard" delgroup foo will do? I suspect it will
> > > >> complain that haldaemon user's primary GID is 490
> > > >> and therefore group foo can't be deleted.
> > > >
> > > > adduser prova
> > > > Adding user `prova' ...
> > > > Adding new group `prova' (1006) ...
> > > > Adding new user `prova' (1004) with group `prova' ...
> > > > adduser prova2 --ingroup prova
> > > > Adding user `prova2' ...
> > > > Adding new user `prova2' (1005) with group `prova' ...
> > > 
> > > And what grep prova /etc/passwd /etc/group shows
> > > after these?
> 
> I need an answer to the above question.

/etc/passwd:prova:x:1004:1006:,,,:/home/prova:/bin/bash
/etc/passwd:prova2:x:1005:1006:,,,:/home/prova2:/bin/bash
/etc/group:prova:x:1006:

> > > > Test case 1: Removing user prova:
> > > >
> > > > deluser prova
> > > 
> > > Awww, my brainzzzz... Why do you delete *a user*?
> > > We are trying to determine what is the correct behavior
> > > of *delgroup*, right?
> > 
> > Yes, we do but we have to take into account 
> > all corner cases.
> > 
> > > > Removing user `prova' ...
> > > > Warning: group `prova' has no more members.
> > > 
> > > Seems like an erroneous message. Group prova
> > > should still have at least prova2 user.
> > 
> > No, it is referring to members of group prova 
> > like prova:1006:pippo,pluto
> > primary groups will not show up here
> > but only in /etc/passwd as
> > user:uid:GID:...... 
> 
> I understand, but whoever reads this command may think that
> there also are no users with the GID of this group.
> 
> IOW: message is lying.

Yes, it only tells you that the group is empty
and could eventually be removed (if there
are no users using it as primary group)

snip

> 
> I dont believe it looks for a group with the same name.
> I think it looks for a group with the GID found in
> deleted user's passwd line.

I think I can demostrate it does:

/etc/passwd:prova:x:1004:1006:,,,:/home/prova:/bin/bash
/etc/passwd:prova2:x:1005:1006:,,,:/home/prova2:/bin/bash
/etc/group:prova:x:1006:

Now let's remove user prova2:

deluser prova2
Removing user `prova2' ...
Warning: group `prova' has no more members.
Done.

And check:

/etc/passwd:prova:x:1004:1006:,,,:/home/prova:/bin/bash
/etc/group:prova:x:1006:

group was not removed as not matching username.

snip

> Can you determine which package your "standard" deluser/group tool
> belongs? I would like to take a look at their source.

deluser --version
deluser version 3.110

Removes users and groups from the system.
Copyright (C) 2000 Roland Bauerschmidt <roland at copyleft.de>

> > So far what I'm sure about is:
> > 
> > 1) delgroup can delete groups with members without erroring out (agroup:100:member1,member2)
> 
> Sure, why not
> 
> > 2) delgroup checks if gid of group is referenced in /etc/passwd   as primary group of an user and errors out if gid is found
> 
> Yes.
> 
> > 3) deluser tries to delgroup the UPG:
> > 	a) group with same name as user is found: do sanity checks and then remove
> > 	b) group with same name as user is not found: do nothing and exit succes.
> 
> No (I think).
> 
> 
> > Attached you find test version of deluser.c that should now do it the right
> > way even if not displaying the same messages as the real version.
> > I've tested it a little but it needs more cleanup and size reduction.
> > Please take a look at it and help me to find the obvious bugs
> > I'm not able to see right now.
> 
> I am applying this part:
> 
>                         if (!member) {
>                                 struct passwd *pw;
>                                 struct passwd pwent;
>                                 /* "delgroup GROUP" */
>                                 /* Check if the group is in use */
> #define passwd_buf bb_common_bufsiz1
>                                 while (!getpwent_r(&pwent, passwd_buf, sizeof(passwd_buf), &pw)) {
>                                         if (pwent.pw_gid == gid)
>                                                 bb_error_msg_and_die("'%s' still has '%s' as their primary group!", pwent.pw_name, name);
>                                 }
>                                 //endpwent();
>                         }
> 

With this code you will have an unwanted error_message in our test case above,
complaining about an unknown group.

> Let's continue discussion on what "deluser foo" does.

Ciao,
Tito