From 18a8f03e5160ca3828d327d9bbd1b32f26d792a3 Mon Sep 17 00:00:00 2001 From: Nick Rosbrook Date: Mon, 5 Aug 2024 20:43:15 -0400 Subject: [PATCH] sysusers: check if requested group name matches user name in queue When creating a user, check if the requested group name matches a user name in the queue. If that matched user name is also going to be a group name, then use it for the new user too. In other words, allow the following: u foo - u bar -:foo when both foo and bar are new users. Fixes #33547 --- src/sysusers/sysusers.c | 8 +++++++- test/test-sysusers/test-16.expected-group | 1 + test/test-sysusers/test-16.expected-passwd | 2 ++ test/test-sysusers/test-16.input | 7 +++++++ 4 files changed, 17 insertions(+), 1 deletion(-) create mode 100644 test/test-sysusers/test-16.expected-group create mode 100644 test/test-sysusers/test-16.expected-passwd create mode 100644 test/test-sysusers/test-16.input diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c index da97f333dee..a1ccc1f2b4b 100644 --- a/src/sysusers/sysusers.c +++ b/src/sysusers/sysusers.c @@ -1439,9 +1439,15 @@ static int process_item(Context *c, Item *i) { case ADD_USER: { Item *j = NULL; - if (!i->gid_set) + if (!i->gid_set) { j = ordered_hashmap_get(c->groups, i->group_name ?: i->name); + /* If that's not a match, also check if the group name + * matches a user name in the queue. */ + if (!j && i->group_name) + j = ordered_hashmap_get(c->users, i->group_name); + } + if (j && j->todo_group) { /* When a group with the target name is already in queue, * use the information about the group and do not create diff --git a/test/test-sysusers/test-16.expected-group b/test/test-sysusers/test-16.expected-group new file mode 100644 index 00000000000..54918e417ac --- /dev/null +++ b/test/test-sysusers/test-16.expected-group @@ -0,0 +1 @@ +foo:x:SYSTEM_UGID_MAX: diff --git a/test/test-sysusers/test-16.expected-passwd b/test/test-sysusers/test-16.expected-passwd new file mode 100644 index 00000000000..8823813f82d --- /dev/null +++ b/test/test-sysusers/test-16.expected-passwd @@ -0,0 +1,2 @@ +foo:x:SYSTEM_UGID_MAX:SYSTEM_UGID_MAX::/:NOLOGIN +bar:x:300:SYSTEM_UGID_MAX::/:NOLOGIN diff --git a/test/test-sysusers/test-16.input b/test/test-sysusers/test-16.input new file mode 100644 index 00000000000..2d80d81c0c0 --- /dev/null +++ b/test/test-sysusers/test-16.input @@ -0,0 +1,7 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later +# +# Test fix for https://github.com/systemd/systemd/issues/33547. +# +#Type Name ID +u foo - +u bar 300:foo