Re: groupadd, useradd, etc

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Mogens Kjaer wrote:

This is very strange.

Does the start of this file look OK?


The start looks OK on the machine that this problem first appeared on, and on another machine I'm using as a test box.

I've reproduced the problem on another machine and now will go back and isolate what in particular is causing the issue.

It appears that successive adding of users to a group causes each group and subsequent groups below it to grow incredibly. The gshadow file is full of Hex 2c characters.

Here's an xxd dump of a portion of the gshadow file.
0001130: 2c2c 2c2c 2c2c 2c2c 2c0a 6265 636b 793a  ,,,,,,,,,.becky:
0001140: 213a 3a2c 212c 2c2c 2c2c 2c21 2c2c 2c21  !::,!,,,,,,!,,,!
0001150: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c  ,,,,,,,,,,,,,,,,
0001160: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c  ,,,,,,,,,,,,,,,,
0001170: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c  ,,,,,,,,,,,,,,,,
0001180: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c  ,,,,,,,,,,,,,,,,
0001190: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c  ,,,,,,,,,,,,,,,,
00011a0: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c  ,,,,,,,,,,,,,,,,
00011b0: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c  ,,,,,,,,,,,,,,,,
00011c0: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c  ,,,,,,,,,,,,,,,,
00011d0: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c  ,,,,,,,,,,,,,,,,
00011e0: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c  ,,,,,,,,,,,,,,,,
00011f0: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c  ,,,,,,,,,,,,,,,,
0001200: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c  ,,,,,,,,,,,,,,,,
0001210: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c  ,,,,,,,,,,,,,,,,
0001220: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c  ,,,,,,,,,,,,,,,,
0001230: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c  ,,,,,,,,,,,,,,,,

The top portion of the file looks much more reasonable, until you get to the first group I added - alan.
00001a0: 6d73 703a 783a 3a0a 7063 6170 3a78 3a3a msp:x::.pcap:x::
00001b0: 0a61 7061 6368 653a 783a 3a0a 7371 7569 .apache:x::.squi
00001c0: 643a 783a 3a0a 7765 6261 6c69 7a65 723a d:x::.webalizer:
00001d0: 783a 3a0a 7866 733a 783a 3a0a 6e74 703a x::.xfs:x::.ntp:
00001e0: 783a 3a0a 6764 6d3a 783a 3a0a 616c 616e x::.gdm:x::.alan
00001f0: 3a21 3a3a 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c :!::,,,,,,,,,,,,
0000200: 2c2c 212c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c ,,!,,,,,,,,,,,,,
0000210: 2c2c 2c2c 2c2c 2c21 2c2c 2c2c 2c61 6c61 ,,,,,,,!,,,,,ala
0000220: 6e0a 616c 616e 643a 213a 3a2c 212c 2c2c n.aland:!::,!,,,
0000230: 2c2c 2c21 2c2c 2c21 2c2c 2c2c 2c2c 2c2c ,,,!,,,!,,,,,,,,
0000240: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c ,,,,,,,,,,,,,,,,
0000250: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c ,,,,,,,,,,,,,,,,
0000260: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c ,,,,,,,,,,,,,,,,
0000270: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 0a61 ,,,,,,,,,,,,,,.a
0000280: 6c61 6e74 3a21 3a3a 2c21 2c2c 2c2c 2c2c lant:!::,!,,,,,,
0000290: 212c 2c2c 212c 2c2c 2c2c 2c2c 2c2c 2c2c !,,,!,,,,,,,,,,,
00002a0: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c ,,,,,,,,,,,,,,,,
00002b0: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c ,,,,,,,,,,,,,,,,
00002c0: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c ,,,,,,,,,,,,,,,,
00002d0: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c ,,,,,,,,,,,,,,,,
00002e0: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c ,,,,,,,,,,,,,,,,
00002f0: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c ,,,,,,,,,,,,,,,,
0000300: 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c 2c2c ,,,,,,,,,,,,,,,,


Then I added aland, followed by alant, etc. It seems like each user/group is taking up more and more space full of hex 2c's.

I'm adding users from a script which is creating them in alphabetical order. That script was created on another box where I wrote a perl script to analyze that machines users and groups and it wrote the bash script, a portion of it shown below: I need users and groups on one machine to be equal to them on another machine including their UID and GID, so the script creates things in a sequence that guarantees I get the UID and GID I need.

What you see here is what is actually running to cause the problem, but there's nothing being executed but simple commands. I'm not writing to any of the passwd, group, shadow, or gshadow files myself. The normal utilities are doing it.

#### alan
if ! userexists alan; then
  if ! gidexists 573 alan; then
     if ! groupadd -g 573 alan; then
        echo groupadd for 573 alan failed.
        exit 1
     fi
  fi
  if gidexists 573 alan; then
     if ! /usr/sbin/useradd -u 572 -g 573 -d /home/alan -s /bin/bash -c 'Alan Glubber     ' alan; then
        echo useradd for user 572 alan failed.
        exit 1
     fi
  else
     echo useradd for 572 alan not attempted due to gid non existence.
     exit 1
  fi
else
  echo LoginID alan already exists on this box. Skipping this user.
fi
if ! /usr/sbin/usermod -G sambashare,alan alan; then
  echo usermod -G sambashare,alan alan failed.
  exit 1
fi
if ! /usr/sbin/usermod -p '$1$aTDwruOO$ZTuCh9CCE9W8T1zJSlwjB.' alan; then
  echo usermod -p for alan failed.
  exit 1
fi


If you're wondering how some of the functions are written, here they are: userexists() { usermod -U ${1} 2>/dev/null return $? }

groupexists() {
  groupmod ${1} 2>/dev/null
  return $?
}

gidexists() {
  local groupID
  if [ $# -eq 2 ]; then
     if groupexists ${2}; then
        groupID=$(egrep "^$2:" /etc/group)
        groupID=${groupID%:*}
        groupID=${groupID##*:}
        [ "${groupID}" == "${1}" ] && return 0
        return 1
     else
        return 1
     fi
  else
     groupID=$(grep ${1} /etc/group|sed 's/^[^:]*:[^:]*://'|sed 's/:.*//'|sed "
/^${1}$/!d")
     [ "${groupID}" == "${1}" ] && return 0
     return 1
  fi
}



--
Bill Gradwohl
bill@xxxxxxx
http://www.ycc.com
spamSTOMPER Protected email


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux