[Bug 1223008] [NEW] option to change defaults restricts access to defaults file

Jamin W. Collins jcollins at asgardsrealm.net
Mon Sep 9 20:14:43 UTC 2013 

Public bug reported:

The option to update defaults (-D or --defaults along with any other
option) results in more restricted rights to the defaults file.

Before using the command:

$ ls -l useradd
-rw-r--r-- 1 root root 1118 Sep  9 13:10 useradd

Now update a default value:

$ sudo useradd -D -s /bin/bash
$ ls -l useradd
-rw------- 1 root root 1197 Sep  9 13:11 useradd

Furthermore, this permissions change isn't readily apparent as there is
no error when requesting the display of the defaults as a non-root user.
However the data displayed is indeed different:

$ useradd -D
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=
SKEL=/etc/skel
CREATE_MAIL_SPOOL=no

$ sudo useradd -D
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=no

ProblemType: Bug
DistroRelease: Ubuntu 13.04
Package: passwd 1:4.1.5.1-1ubuntu4.1
ProcVersionSignature: Ubuntu 3.8.0-30.44-generic 3.8.13.6
Uname: Linux 3.8.0-30-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 2.9.2-0ubuntu8.4
Architecture: amd64
Date: Mon Sep  9 13:07:25 2013
InstallationDate: Installed on 2009-12-21 (1358 days ago)
InstallationMedia: Ubuntu 9.10 "Karmic Koala" - Release amd64 (20091027)
MarkForUpload: True
SourcePackage: shadow
UpgradeStatus: Upgraded to raring on 2013-04-26 (136 days ago)
modified.conffile..etc.default.useradd: [inaccessible: [Errno 13] Permission denied: '/etc/default/useradd']

** Affects: shadow (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: amd64 apport-bug raring

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to shadow in Ubuntu.
https://bugs.launchpad.net/bugs/1223008

Title:
  option to change defaults restricts access to defaults file

Status in “shadow” package in Ubuntu:
  New

Bug description:
  The option to update defaults (-D or --defaults along with any other
  option) results in more restricted rights to the defaults file.

  Before using the command:

  $ ls -l useradd
  -rw-r--r-- 1 root root 1118 Sep  9 13:10 useradd

  Now update a default value:

  $ sudo useradd -D -s /bin/bash
  $ ls -l useradd
  -rw------- 1 root root 1197 Sep  9 13:11 useradd

  Furthermore, this permissions change isn't readily apparent as there
  is no error when requesting the display of the defaults as a non-root
  user.  However the data displayed is indeed different:

  $ useradd -D
  GROUP=100
  HOME=/home
  INACTIVE=-1
  EXPIRE=
  SHELL=
  SKEL=/etc/skel
  CREATE_MAIL_SPOOL=no

  $ sudo useradd -D
  GROUP=100
  HOME=/home
  INACTIVE=-1
  EXPIRE=
  SHELL=/bin/bash
  SKEL=/etc/skel
  CREATE_MAIL_SPOOL=no

  ProblemType: Bug
  DistroRelease: Ubuntu 13.04
  Package: passwd 1:4.1.5.1-1ubuntu4.1
  ProcVersionSignature: Ubuntu 3.8.0-30.44-generic 3.8.13.6
  Uname: Linux 3.8.0-30-generic x86_64
  NonfreeKernelModules: nvidia
  ApportVersion: 2.9.2-0ubuntu8.4
  Architecture: amd64
  Date: Mon Sep  9 13:07:25 2013
  InstallationDate: Installed on 2009-12-21 (1358 days ago)
  InstallationMedia: Ubuntu 9.10 "Karmic Koala" - Release amd64 (20091027)
  MarkForUpload: True
  SourcePackage: shadow
  UpgradeStatus: Upgraded to raring on 2013-04-26 (136 days ago)
  modified.conffile..etc.default.useradd: [inaccessible: [Errno 13] Permission denied: '/etc/default/useradd']

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1223008/+subscriptions

More information about the foundations-bugs mailing list