Red Hat Bugzilla – Bug 121828
s-c-u user delete - allows deletion of /dev/null - causing system death
Last modified: 2007-11-30 17:10:41 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040312
Description of problem:
With samba installed, machine accounts are created with a netbios name
followed by the $ sign, and using a home directory of /dev/null. In
sorting out a particular samba problem I used s-c-u to delete a
By default this dialog has a checkbox checked that says to also delete
the users home directory. The deletion does actually occur, even
though the directory is the "bit bucket" /dev/null.
The machine will survive for a while, until the bit bucket (now being
written to disk in directory /dev/null) fills the disk.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Add a samba machine account to the unix users eg:
useradd -d /dev/null -s /bin/false -m davidspc\$
2. Open s-c-u go to this account, and click delete
ps. The following is bad....do it only on a test machine...
3. Leave the delete directory checked and click OK.
Actual Results: The account is deleted.OK
The "home directory" /dev/null is erased.
Expected Results: Special system file /dev/null should never be deleted.
[On an active samba server, the machine will spawn hundreds/thousands
of samba processes; and any program trying to use /dev/null, will
actually be writing to disk, eventually filling memory and disk, maybe
requiring file system repair.]
Obviously can be worked around by unchecking the erase home directory
box, but this relies on the experience of the user to not do something
wrong, and understand /dev/null's usage.
Possible add this as a special check in the -users delete
functionality (is there other "home directory"s that shouldn't be
I'm somewhat confused as to how you could be seeing this problem since
there is already a check to make sure /dev/null is never deleted.
def rmrf(self, path):
if path != "/dev/null": #Don't allow /dev/null to be deleted
# just use rm to avoid having to worry about races
args = [ "/bin/rm", "-rf", "%s" %(path,) ]
I have followed your steps to reproduce exactly on an FC2 test3 system
and the rmrf() function correctly prevents the deletion of /dev/null
for me in my testing.
Can you attach the /usr/share/system-config-users/mainWindow.py file
to this bug report?
Sorry to waste your time: I typed system-config-users-1.2.13-1 but the
other machine where this happened was redhat-config-users-1.2.4-1 (and
is running core 1 not core2 test 2 like I said). It does not have the
if path != line.
But knowing the damage it can do, I wasn't willing to test this again
on the server to write this bug, maybe I should try the newer version ?
BTW, the changelog doesn't seem to suggest a fix was made to miss
/dev/null at any point... For my interest is there a web interface
into cvs where I could see the change ?