ccea3@rivm.UUCP (Adri Verhoef) (07/24/89)
putpwent() doesn't work the way it should.
Negative user-IDs and group-IDs show up as long integers
with the following piece of code:
while (pwent = getpwent()) {
fprintf(stderr, "%d\n", (int) pwent->pw_uid);
putpwent(pwent, stdout);
}
In this way,
nobody:Nologin:-2:-2:anonymous NFS user:/:
willl show up as:
-2
nobody:Nologin:4294967294:4294967294:anonymous NFS user:/:
Should I:
1) Remove all users with negative IDs (i.e. "nobody") from the password file?
2) Have the negative IDs changed into positive values?
3) Obtain a good and new version of putpwent()?
4) Patch the library (change %d:%d:%u:%u:%s:%s:%s into %s:%s:%d:%d:%s:%s:%s)?
5) [You name it]
This version seems to be:
putpwent.c 4.1 (ULTRIX) 11/23/87
--
Adri Verhoef (rivm!a3@mcvax.uucp), site administrator of the
National Institute for Public Health and Environmental Protection (RIVM).
grr@cbmvax.UUCP (George Robbins) (07/25/89)
In article <1418@rivm05.UUCP> ccea3@rivm.UUCP (Adri Verhoef) writes: > putpwent() doesn't work the way it should. > Negative user-IDs and group-IDs show up as long integers > with the following piece of code: > > while (pwent = getpwent()) { > fprintf(stderr, "%d\n", (int) pwent->pw_uid); > putpwent(pwent, stdout); > } > > In this way, > nobody:Nologin:-2:-2:anonymous NFS user:/: > > willl show up as: > -2 > nobody:Nologin:4294967294:4294967294:anonymous NFS user:/: > > > Should I: > 1) Remove all users with negative IDs (i.e. "nobody") from the password file? > 2) Have the negative IDs changed into positive values? > 3) Obtain a good and new version of putpwent()? > 4) Patch the library (change %d:%d:%u:%u:%s:%s:%s into %s:%s:%d:%d:%s:%s:%s)? > 5) [You name it] Arghh! Whatever you do, do it carefully, as there were alledgedly *Sun* security bugs associated with not having an account in /etc/passwd that the "nobody" accounts mapped to. It's always possible that some analog of these problems might show up in Ultrix. The "official" version seems to be drifting towards the notion that uid's and gid's are really supposed to be unsigned short's, however that's unlikely work directly on systems using the sun derived kludge. > This version seems to be: > putpwent.c 4.1 (ULTRIX) 11/23/87 Note that none of the system software actually uses putpwent, it's apparently the creation of some Sun completist. The format string used in /bin/passwd and the Sun version of putpwent is the predictable: %s:%s:%d:%d:%s:%s:%s\n What to do? Maybe file an SPR and then go ahead and use a printf() instead of a do-nothing routine... The %u is definitely wrong in the current environment, and useless or worse. -- George Robbins - now working for, uucp: {uunet|pyramid|rutgers}!cbmvax!grr but no way officially representing arpa: cbmvax!grr@uunet.uu.net Commodore, Engineering Department fone: 215-431-9255 (only by moonlite)
guy@auspex.auspex.com (Guy Harris) (07/26/89)
>The "official" version seems to be drifting towards the notion that uid's >and gid's are really supposed to be unsigned short's, however that's unlikely >work directly on systems using the sun derived kludge. Actually, I expect that to be the case in SunOS 4.1 as well (i.e., that UIDs and GIDs will be unsigned), with "nobody" becoming 65534 or somesuch; if this makes it into a new NFSSRC distribution, presumably DEC will pick it up at some point. >> This version seems to be: >> putpwent.c 4.1 (ULTRIX) 11/23/87 > >Note that none of the system software actually uses putpwent, it's apparently >the creation of some Sun completist. Given that it says ULTRIX there, I don't see how you can conclude it's "apparently the creation of some Sun completist". In fact, it's the creation of some AT&T completist; it came from System V, and presumably both SunOS and Ultrix picked it up from there (I know SunOS did).
grr@cbmvax.UUCP (George Robbins) (07/26/89)
In article <2292@auspex.auspex.com> guy@auspex.auspex.com (Guy Harris) writes: > >The "official" version seems to be drifting towards the notion that uid's > >and gid's are really supposed to be unsigned short's, however that's unlikely > >work directly on systems using the sun derived kludge. > > Actually, I expect that to be the case in SunOS 4.1 as well (i.e., that > UIDs and GIDs will be unsigned), with "nobody" becoming 65534 or > somesuch; if this makes it into a new NFSSRC distribution, presumably > DEC will pick it up at some point. Hopefully, though in the Ultrix header files, they end up resolving to plain "short" with a note about posix compliance in <sys/types.h>... > >> putpwent.c 4.1 (ULTRIX) 11/23/87 > > > >Note that none of the system software actually uses putpwent, it's apparently > >the creation of some Sun completist. > > Given that it says ULTRIX there, I don't see how you can conclude it's > "apparently the creation of some Sun completist". In fact, it's the > creation of some AT&T completist; it came from System V, and presumably > both SunOS and Ultrix picked it up from there (I know SunOS did). Probably quite true, especially since the AT&T SVr3 version of putpwent has the questionable :%u:%u: (even though they have them as int's in pwd.h). I guess I assumed this was part of the NFS baggage, without thinking about System V compatibility or Posix. Silly me, sorry. BTW, just about all the Ultrix SCCS id's, now say Ultrix whether the original code is from BSD, SMI or AT&T... -- George Robbins - now working for, uucp: {uunet|pyramid|rutgers}!cbmvax!grr but no way officially representing arpa: cbmvax!grr@uunet.uu.net Commodore, Engineering Department fone: 215-431-9255 (only by moonlite)