[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#35996: User account password got locked when booting old generation
From: |
Ludovic Courtès |
Subject: |
bug#35996: User account password got locked when booting old generation |
Date: |
Sun, 02 Jun 2019 18:00:14 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.2 (gnu/linux) |
"pelzflorian (Florian Pelz)" <address@hidden> skribis:
> On Sun, Jun 02, 2019 at 11:38:36AM +0200, Ludovic Courtès wrote:
[...]
>> Actually, another thing that could happen is that Guix reads an
>> incomplete /etc/shadow because some other program is writing to it.
>>
>> In that case, suppose Guix reads a partial /etc/shadow where user
>> “florian” is missing. It would then create a new /etc/shadow where the
>> password for “florian” is uninitialized (or set to the initial value
>> that appears in config.scm.)
>>
>> Could it be what happened to you? You’d have to be running ‘passwd’ or
>> ‘usermod’ or whatever at exactly the same time as ‘guix system
>> reconfigure’ (and you’d have to be “lucky”).
>>
>
> No, I did not change my password in a very long time.
>
> Is there no proper cross-application locking mechanism for
> /etc/passwd? elogind uses
>
> struct flock flock = {
> .l_type = F_WRLCK,
> .l_whence = SEEK_SET,
> .l_start = 0,
> .l_len = 0,
> };
> […]
> fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW, 0600);
> […]
> r = fcntl(fd, F_SETLKW, &flock;
>
> Should Guix adopt something similar for shadow/passwd/… database
> reads?
We could do that yes, that I’d lean towards using the same thing as libc
and Shadow. The whole scenario just sounds very unlikely though.
Thanks,
Ludo’.
- bug#35996: User account password got locked when booting old generation, pelzflorian (Florian Pelz), 2019/06/01
- bug#35996: User account password got locked when booting old generation, pelzflorian (Florian Pelz), 2019/06/01
- bug#35996: User account password got locked when booting old generation, Ludovic Courtès, 2019/06/01
- bug#35996: User account password got locked when booting old generation, pelzflorian (Florian Pelz), 2019/06/02
- bug#35996: User account password got locked when booting old generation, Ludovic Courtès, 2019/06/02
- bug#35996: User account password got locked when booting old generation, pelzflorian (Florian Pelz), 2019/06/02
- bug#35996: User account password got locked when booting old generation,
Ludovic Courtès <=
- bug#35996: User account password got locked when booting old generation, pelzflorian (Florian Pelz), 2019/06/03
- bug#35996: User account password got locked when booting old generation, Gábor Boskovits, 2019/06/03
- bug#35996: User account password got locked when booting old generation, pelzflorian (Florian Pelz), 2019/06/03
- bug#35996: User account password got locked when booting old generation, Ludovic Courtès, 2019/06/03
- bug#35996: User account password got locked when booting old generation, pelzflorian (Florian Pelz), 2019/06/03
- bug#35996: User account password got locked when booting old generation, Ludovic Courtès, 2019/06/03
- bug#35996: User account password got locked when booting old generation, pelzflorian (Florian Pelz), 2019/06/03
- bug#35996: User account password got locked when booting old generation, Ludovic Courtès, 2019/06/04
- bug#35996: User account password got locked when booting old generation, pelzflorian (Florian Pelz), 2019/06/04
- bug#35996: User account password got locked when booting old generation, pelzflorian (Florian Pelz), 2019/06/04