GNU bug report logs - #45570
operating-system definitions allow duplicate passwd and group entries

Previous Next

Package: guix;

Reported by: Jason Conroy <conjaroy <at> gmail.com>

Date: Thu, 31 Dec 2020 18:15:02 UTC

Severity: normal

Done: Leo Prikler <leo.prikler <at> student.tugraz.at>

Bug is archived. No further changes may be made.

Full log

Message #8 received at 45570 <at> debbugs.gnu.org (full text, mbox):

From: Leo Prikler <leo.prikler <at> student.tugraz.at>
To: 45570 <at> debbugs.gnu.org
Cc: conjaroy <at> gmail.com
Subject: [PATCH] system: Assert, that user and group names are unique.
Date: Fri,  1 Jan 2021 12:13:10 +0100

*gnu/system/shadow.scm (assert-unique-account-names)
(assert-unique-group-names): New variables.
(account-activation): Use them here.
---
 gnu/system/shadow.scm | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/gnu/system/shadow.scm b/gnu/system/shadow.scm
index a69339bc07..61562f225e 100644
--- a/gnu/system/shadow.scm
+++ b/gnu/system/shadow.scm
@@ -222,6 +222,32 @@ for a colorful Guile experience.\\n\\n\"))))\n"))
                          (rename-file ".nanorc" ".config/nano/nanorc"))
                        #t))))
 
+(define (assert-unique-account-names users)
+  (let loop ((names '())
+             (users users))
+    (unless (null? users)
+      (let ((name (user-account-name (car users))))
+        (if (member name names)
+            (raise (condition
+                    (&message
+                     (message
+                      (format #f (G_ "account with name '~a' found twice")
+                              name)))))
+            (loop (cons name names) (cdr users)))))))
+
+(define (assert-unique-group-names groups)
+  (let loop ((names '())
+             (groups groups))
+    (unless (null? groups)
+      (let ((name (user-account-name (car groups))))
+        (if (member name names)
+            (raise (condition
+                    (&message
+                     (message
+                      (format #f (G_ "group with name '~a' found twice")
+                              name)))))
+            (loop (cons name names) (cdr groups)))))))
+
 (define (assert-valid-users/groups users groups)
   "Raise an error if USERS refer to groups not listed in GROUPS."
   (let ((groups (list->set (map user-group-name groups))))
@@ -292,6 +318,8 @@ group."
   (define group-specs
     (map user-group->gexp groups))
 
+  (assert-unique-account-names accounts)
+  (assert-unique-group-names groups)
   (assert-valid-users/groups accounts groups)
 
   ;; Add users and user groups.
-- 
2.29.2

This bug report was last modified 4 years and 217 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #45570 operating-system definitions allow duplicate passwd and group entries

GNU bug report logs - #45570
operating-system definitions allow duplicate passwd and group entries