Bug 480632 - usermod with -u option does not check the sanity of home directory
usermod with -u option does not check the sanity of home directory
Product: Fedora
Classification: Fedora
Component: shadow-utils (Show other bugs)
All Linux
high Severity high
: ---
: ---
Assigned To: Peter Vrabec
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2009-01-19 10:07 EST by Lev Shamardin
Modified: 2009-04-14 06:27 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-04-14 06:27:11 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Lev Shamardin 2009-01-19 10:07:26 EST
Description of problem:
usermod when used with -u option blindly tries to change the ownership of all files in home directory to a new uid. This is not a good idea if the home directory is set to '/'.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. usermod -d / someuser
2. usermod -u 1234 someuser
Actual results:
Broken system.

Expected results:
Error message or warning message and no change of ownership on files.

Additional info:
I've ran into this bug by an accident while tuning a server running Fedora 8. I was fixing uid of users for compliance to a new local policy, and tried to change the uid of the user 'pulse' which had default home directory '/' on fedora 8 installation. Fortunately hit Ctrl-C just in time.
Comment 1 Peter Vrabec 2009-04-02 05:37:22 EDT
This is not a bug, but I have suggested a small change in behaviour that could help.
See upstream: 
Comment 2 Lev Shamardin 2009-04-02 05:45:30 EDT
Well, classification of such 'features' as bugs or features is a matter of philosophy.

Anyway, I completely agree with your proposed change. I would also suggest to add some option like 'force chown_tree anyway'.

Note You need to log in before you can comment on or make changes to this bug.