/etc/passwd and symlinks

Paul Fox pgf at brightstareng.com
Tue Nov 6 11:55:21 PST 2007 

is there any reason that passwd and chpasswd shouldn't follow
symlinks to find /etc/passwd?

i have a patch to allow this, and although i've written it with a
CONFIG item to protect the change, i'm wondering if the
configuration option is necessary.  the reason things break,
currently, is that update_passwd.c creates a new copy of
/etc/passwd and renames it as a final step.  this renaming breaks
any existing symlink.  all other passwd-using utilities are
perfectly happy with the link, so it's arguably just a bug that
updates don't work.

should i commit my patch with, or without, the config variable? 
(can i also hear comments on putting the Config.in change near
passwd/chpasswd, rather than in libbb -- is that okay?)

paul

Index: libbb/update_passwd.c
===================================================================
--- libbb/update_passwd.c	(revision 20376)
+++ libbb/update_passwd.c	(working copy)
@@ -52,6 +52,16 @@
 	int cnt = 0;
 	int ret = -1; /* failure */
 
+#if ENABLE_PASSWD_FOLLOW_SYMLINKS
+	char resolved_filename[PATH_MAX+1];
+ 
+	if (realpath(filename, resolved_filename)) {
+		filename = resolved_filename;
+	} else {
+		return -1;
+	}
+#endif
+
 	check_selinux_update_passwd(username);
 
 	/* New passwd file, "/etc/passwd+" for now */
Index: loginutils/Config.in
===================================================================
--- loginutils/Config.in	(revision 20376)
+++ loginutils/Config.in	(working copy)
@@ -195,6 +195,16 @@
          standard input and uses this information to update a group of
          existing users.
 
+config PASSWD_FOLLOW_SYMLINKS
+	bool "Allow passwd and chpasswd to follow symlinks to /etc/passwd"
+	default n
+	depends on PASSWD || CHPASSWD
+	help
+	  Because passwd and chpasswd update a copy of /etc/passwd and then
+	  rename the result, they will cause a symlinked /etc/passwd to
+	  become orphaned.  This change causes the symlink(s) to be
+	  resolved before the file is updated.
+
 config SU
 	bool "su"
 	default n

=---------------------
 paul fox, pgf at brightstareng.com

More information about the busybox mailing list