Debian Bug report logs - #248500
adduser: do not re-use uids used once

Reply or subscribe to this bug.

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Marc Haber <mh+debian-bugs@zugschlus.de>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: adduser: do not re-use uids used once

Date: Tue, 11 May 2004 18:51:13 +0200

Package: adduser
Version: 3.52
Severity: wishlist

|From: Roland Bauerschmidt <rb@debian.org>
|Newsgroups: gmane.linux.debian.devel.general
|Subject: Re: [RFC] adding system users: which is the best way??
|Date: Mon, 1 Dec 2003 09:36:51 +0100
|
|Steve Greenland wrote:
|> If you're not going to re-use the ids (a good idea), then you might as
|> well leave a username associated with it, so that the admin identify
|> *why* it was used.
|> 
|> My personal opinion and policy is that user ids should never be re-used.
|> I realize that on very large networks with many users (possibly
|> distributed timewise, like a univesity undergraduate system), this may
|> not be possible, but it ought to be true for at least the "system"
|> users.
|
|That's a good idea. I'll try to add that as an option to adduser.
|
|-- Roland

This is not yet implemented, but should be easy enough to build-

Greetings
Marc

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.4.26-darren
Locale: LANG=C, LC_CTYPE=C

Versions of packages adduser depends on:
ii  debconf                       1.4.25     Debian configuration management sy
ii  passwd                        1:4.0.3-28 Change and administer password and
ii  perl-base                     5.8.4-1    The Pathologically Eclectic Rubbis

-- debconf information excluded

Message #10 received at 248500-maintonly@bugs.debian.org (full text, mbox, reply):

From: Marc Haber <mh+debian-bugs@zugschlus.de>

To: 248500-maintonly@bugs.debian.org

Subject: Re: Bug#248500: adduser: do not re-use uids used once

Date: Tue, 11 May 2004 19:17:24 +0200

On Tue, May 11, 2004 at 06:51:13PM +0200, Marc Haber wrote:
> This is not yet implemented, but should be easy enough to build-

After thinking more about it, the naive approach of simply looking for
the last used UID in the range to be used and taking the first one
after that one is bad since that uid could also have been used and
deleted again.

We'd need to use a persistent state file, which makes the change less
trivial.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Karlsruhe, Germany |  lose things."    Winona Ryder | Fon: *49 721 966 32 15
Nordisch by Nature |  How to make an American Quilt | Fax: *49 721 966 31 29

Message #17 received at 248500-maintonly@bugs.debian.org (full text, mbox, reply):

From: Marc Haber <mh+debian-packages@zugschlus.de>

To: 248500-maintonly@bugs.debian.org

Cc: Marc Haber <mh+debian-packages@zugschlus.de>

Subject: Re: adduser: do not re-use uids used once

Date: Sat, 5 Feb 2005 13:55:19 +0100

tags #248500 confirmed
thanks

Message #22 received at 248500@bugs.debian.org (full text, mbox, reply):

From: Aaron Hall <ahall@vitaphone.net>

To: 248500@bugs.debian.org

Subject: Re: Bug#248500: adduser: do not re-use uids used once

Date: Tue, 10 Jan 2006 23:37:28 -0600 (CST)

[Message part 1 (text/plain, inline)]

Hello, on a local system I wanted to fix the problem talked about in
this bug, and for us, the "naive" approach of selecting a UID one higher
than the highest currently in the range was good enough. I locally
modified adduser on my system to do that, and I created a patch against
3.80 in case it would be at all useful.

The patch uses a "NO_REUSE_IDS" option, which activates the new behavior
if set to "yes". It implements the change in the "first_avail_id()"
routine.

I am curious about the state-file approach, though; if that is
introduced with a new version of adduser, what do you do about "holes"
in the passwd file that existed prior to installation of that new
version? Maybe do something similar to the naive approach once, to
pre-fill the state file?

Cheers,
Aaron

-- 
Aaron Hall           :      Badly configured DNS will, not may, but WILL
ahall@vitaphone.net  :      reach out and touch many, many other people
                     :      in a way they didn't want to be touched.
                     :                                 -- John C. Welch

[adduser.diff (text/plain, attachment)]

Message #27 received at 248500@bugs.debian.org (full text, mbox, reply):

From: Joerg Hoh <joerg@joerghoh.de>

To: Aaron Hall <ahall@vitaphone.net>, 248500@bugs.debian.org

Subject: Re: [Adduser-devel] Bug#248500: adduser: do not re-use uids used once

Date: Fri, 13 Jan 2006 22:08:26 +0100

[Message part 1 (text/plain, inline)]

Hi Aaron

On Tue, Jan 10, 2006 at 11:37:28PM -0600, Aaron Hall wrote:
> Hello, on a local system I wanted to fix the problem talked about in
> this bug, and for us, the "naive" approach of selecting a UID one higher
> than the highest currently in the range was good enough. I locally
> modified adduser on my system to do that, and I created a patch against
> 3.80 in case it would be at all useful.

Thank you for the patch.

> The patch uses a "NO_REUSE_IDS" option, which activates the new behavior

"NO_REUSE_IDS" sounds a bit strange, I'd rather call it "REUSE_IDS"
and set it to "yes" by default.


> I am curious about the state-file approach, though; if that is
> introduced with a new version of adduser, what do you do about "holes"
> in the passwd file that existed prior to installation of that new
> version? Maybe do something similar to the naive approach once, to
> pre-fill the state file?

That would be the only feasible solution.

Jörg

-- 
Was denen einen ihr Watergate, ist den anderen ihr Firstgate.
- Thomas Bliessner, <slrnd1hklm.g53.nospam@melix.com.mx>

[signature.asc (application/pgp-signature, inline)]

Message #32 received at 248500@bugs.debian.org (full text, mbox, reply):

From: Marc Haber <mh+0523mail@zugschlus.de>

To: Joerg Hoh <joerg@joerghoh.de>, 248500@bugs.debian.org

Subject: Re: Bug#248500: [Adduser-devel] Bug#248500: adduser: do not re-use uids used once

Date: Sat, 25 Feb 2006 23:11:38 +0100

On Fri, Jan 13, 2006 at 10:08:26PM +0100, Joerg Hoh wrote:
> On Tue, Jan 10, 2006 at 11:37:28PM -0600, Aaron Hall wrote:
> > Hello, on a local system I wanted to fix the problem talked about in
> > this bug, and for us, the "naive" approach of selecting a UID one higher
> > than the highest currently in the range was good enough. I locally
> > modified adduser on my system to do that, and I created a patch against
> > 3.80 in case it would be at all useful.
> 
> Thank you for the patch.

Hast Du den applied? Ich find "reuse" nicht in der Konfigdatei und
auch nicht in adduser.

Grüße
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 72739835

Message #37 received at 248500@bugs.debian.org (full text, mbox, reply):

From: Marc Haber <mh+debian-packages@zugschlus.de>

To: Joerg Hoh <joerg@joerghoh.de>, 248500@bugs.debian.org

Subject: Re: Bug#248500: [Adduser-devel] Bug#248500: adduser: do not re-use uids used once

Date: Sat, 25 Feb 2006 23:24:23 +0100

On Sat, Feb 25, 2006 at 11:11:38PM +0100, Marc Haber wrote:
> Hast Du den applied? Ich find "reuse" nicht in der Konfigdatei und
> auch nicht in adduser.

Errm. That one was not meant to go to the BTS. I apologize.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 72739835

Message #42 received at 248500@bugs.debian.org (full text, mbox, reply):

From: Joerg Hoh <joerg@joerghoh.de>

To: 248500@bugs.debian.org

Subject: Re: [Adduser-devel] Bug#248500: adduser: do not re-use uids used once

Date: Tue, 28 Feb 2006 23:29:58 +0100

[Message part 1 (text/plain, inline)]

Hi

We need to have a persistent statefile if we want to avoid to reuse a uid
which was already used by some other user. Think of the following scenario:

adduser foo
-> foo gets uid X

deluser foo
-> uid X is no longer used

adduser bar
-> bar gets uid X

So this uid is reused, even with the "always increment the hightest
already used uid by one and assign it to the new user"-algorithm.


But the whole thing of making this value persistent seems rather ugly to
me. Need to think some time about that, maybe I have a better idea to solve
that issue (a file for a single value).

Joerg


-- 
Was denen einen ihr Watergate, ist den anderen ihr Firstgate.
- Thomas Bliessner, <slrnd1hklm.g53.nospam@melix.com.mx>

[signature.asc (application/pgp-signature, inline)]

Message #47 received at 248500@bugs.debian.org (full text, mbox, reply):

From: Pepe <pepe@naleco.com>

To: joerg@joerghoh.de

Cc: 248500@bugs.debian.org

Subject: Re: [Adduser-devel] Bug#248500: adduser: do not re-use uids used once

Date: Sat, 18 Jul 2009 15:32:53 +0200

On Tue, Feb 28, 2006 at 11:29:58PM +0100, Joerg Hoh wrote:
> Hi
> 
> We need to have a persistent statefile if we want to avoid to reuse a uid
> which was already used by some other user. Think of the following scenario:
> 
> adduser foo
> -> foo gets uid X
> 
> deluser foo
> -> uid X is no longer used
> 
> adduser bar
> -> bar gets uid X
> 
> So this uid is reused, even with the "always increment the hightest
> already used uid by one and assign it to the new user"-algorithm.
> 
> 
> But the whole thing of making this value persistent seems rather ugly to
> me. Need to think some time about that, maybe I have a better idea to solve
> that issue (a file for a single value).

Well, we already have this "state file" in the system, namely
"/etc/passwd". We could create a disabled system user with a system UID
(for example UID 999, and for example named "adduser"), which would be
managed by the adduser scripts, and which would hold in the GECOS field
the highest ever used user ID in the system.

So, every time a new user is added to the system, the adduser scripts
would update the GECOS field of this "adduser" system user.

This "adduser" user could be disabled ("passwd -l adduser") as it is
never meant to login into the system.

This solution keeps compatibility with the old scheme of things, and
needs no special state file, while solves the problem.

What do you think?

-- 
Pepe
pepe@naleco.com

Message #52 received at 248500@bugs.debian.org (full text, mbox, reply):

From: Marc Haber <mh+debian-packages@zugschlus.de>

To: Pepe <pepe@naleco.com>, 248500@bugs.debian.org, 248500-submitter@bugs.debian.org

Cc: joerg@joerghoh.de

Subject: Re: Bug#248500: [Adduser-devel] Bug#248500: adduser: do not re-use uids used once

Date: Wed, 23 Nov 2011 11:53:25 +0100

On Sat, Jul 18, 2009 at 03:32:53PM +0200, Pepe wrote:
> Well, we already have this "state file" in the system, namely
> "/etc/passwd".

*UGH*

I'd prefer a /var/lib/adduser/state over abusing /etc/passwd any time.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 31958061
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 31958062

Send a report that this bug log contains spam.