r285050 fixed a bug in pw that could lead to /etc/passwd or /etc/group
corruption on power loss. However, it fixed it by opening those files with
O_SYNC, which is very slow, especially on ZFS. This change replaces O_SYNC
with appropriately placed fsync()s instead, which is much faster. Using a
ZFS tmpdir, the time to run pw's kyua tests drops from 245s to 35s.
Reviewed by: allanjude, bapt, vangyzen, garga
Tested on pfSense by: garga
MFC after: 4 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D8319
There are a couple of places in the source three where we call
basename() on constant strings. This is bad, because the prototype
standardized by POSIX allows the implementation to use its argument as a
storage buffer.
This change eliminates some of these unportable calls to basename() in
cases where it was only added for cosmetical reasons, namely to trim
argv[0]. There's nothing wrong with setting argv[0] to the full path.
Reviewed by: jilles
Differential Revision: https://reviews.freebsd.org/D6093
temporary file is created and then a rename() call move it to official file.
This operation didn't have any check to make sure data was written to disk
and if a power cycle happens system could end up with a 0 length passwd
or group database.
There is a pfSense bug with more infor about it:
https://redmine.pfsense.org/issues/4523
The following changes were made to protect passwd and group operations:
* lib/libutil/gr_util.c:
- Replace mkstemp() by mkostemp() with O_SYNC flag to create temp file
- After rename(), fsync() call on directory for faster result
* lib/libutil/pw_util.c
- Replace mkstemp() by mkostemp() with O_SYNC flag to create temp file
* usr.sbin/pwd_mkdb/pwd_mkdb.c
- Added O_SYNC flag on dbopen() calls
- After rename(), fsync() call on directory for faster result
* lib/libutil/pw_util.3
- pw_lock() returns a file descriptor to master password file on success
Differential Revision: https://reviews.freebsd.org/D2978
Approved by: bapt
Sponsored by: Netgate
it takes a new argument allowing to specify the endianness of the database
to generate
Differential Revision: https://reviews.freebsd.org/D2730
Reviewed by: ian
for example)
get the username information from old_pw structures to still allow renaming of a
user.
Reported by: Claude Buisson <clbuisson@orange.fr>
Approved by: des (mentor)
MFC after: 3 weeks
- if pw is NULL and oldpw is not NULL then the oldpw is deleted
- if pw->pw_name != oldpw->pw_name but pw->pw_uid == oldpw->pw_uid
then it renames the user
add new gr_* functions so now gr_util API is similar to pw_util API,
this allow to manipulate groups in a safe way.
Reviewed by: des
Approved by: des
MFC after: 1 month
or the tty, just block selected signals in the parent like system(3) does.
Many thanks to bde for his assistance in finding the correct solution.
PR: bin/50679
proper way to fix this. The way this works is to prepend "exec " to
the editor command to eliminate the "shell in the middle" which prevents
us from properly reawakening the editor after a SIGTSTP.
PR: bin/50679
them to point at static strings that contain the default paths. This
makes 'vipw -d' work again (I broke it in rev 1.21; apologies for taking
so long to fix it.)
Spotted by: Olivier Houchard <doginou@cognet.ci0.org>
Sponsored by: DARPA, NAI Labs
secure permissions in case the user attempts to save something to
a file of his own.
Move umask stuff out of pw_init() into main() for better visibility
of overall umask tweaking logic.
PR: misc/11797
execvp() in the child branch of a vfork(). Changed to use fork()
instead.
Some of these (mv, find, apply, xargs) might benefit greatly from
being rewritten to use vfork() properly.
PR: Loosely related to bin/8252
Approved by: jkh and bde
$ vipw
[corrupt a line in editor, exit editor]
pwd_mkdb: corrupted entry
pwd_mkdb: at line #2
pwd_mkdb:
/etc/pw.012585: Inappropriate file type or format
re-edit the password file? [y]: n^D^D
[hang]
option to pwd_mkdb and adding this option to utilities invoking it.
Further, the filling of both the secure and insecure databases has been
merged into one loop giving also a performance improvemnet.
Note that I did *not* change the adduser command. I don't read perl
(it is a write only language anyway).
The change will drastically improve performance for passwd and
friends with large passwd files. Vipw's performance won't change.
In order to do that some kind of diff should be made between the
old and new master.passwd and depending the amount of changes, an
incremental or complete update of the databases should be agreed
upon.
'NIS information unchanged' or '/etc/master.passwd unchanged'
depending on which was is being modified (conditional on -DYP).
This is to save me the trouble of writing a whole other error
routine (nis_error()?) for the upcoming changes to passwd and
chpass.
