[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

locking /etc/passwd, /etc/group, /etc/shadow

On Thu, Aug 26, 1999 at 01:03:40AM -0500, Rob Browning wrote:
> Craig Sanders <cas@taz.net.au> writes:
> 
> > 	lockfile-create /etc/passwd
> > 	# optionally backup passwd file
> > 	# cp /etc/passwd /etc/passwd.bak
> > 	grep "^root:" /etc/passwd | sed -e 's/^root:/sashroot:/' >>/etc/passwd
> > 	lockfile-remove /etc/passwd
> 
> Are you sure that all the system calls, shadowutils, pam-apps, etc
> will all respect the lockfile?

nope, i'm not 100% certain. as mentioned in a previous email, the above
was only meant to be an outline of what is needed. note that there is no
error checking at all in the above...very, very bad, if it wasn't just a
Q&D sample, i'd deserve to be smacked :)

i did test that vipw uses the same lockfile (/etc/passwd.lock). whatever
vipw does is precisely what anything else that manipulates the passwd
file should do....i.e. the Right Thing To Do.

> (This was when I was also dismayed to discover that there was no
> atomic way to add a user to a group without risking lossage.

again, whatever vigr does is the right thing to do.

	lockfile-create /etc/group
	.... do whatever ....
	lockfile-remove /etc/group

if something doesn't honor those lockfiles then it is at fault, not your
program. file a bug report or if it's your own local script then fix it
and give yourself a few whacks with the clue bat

craig

--
craig sanders
Reply to: