From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Q312461)
Description of problem:
'usermod' cannot add more than 800 users into a group.
# cat account.txt
# addgroup hello
# for acc in `cat account.txt`
>usermod -G hello $acc
After executing above shell script, I found /etc/group was broken.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1.make account list more than 800.
3.execute script written bellow.
for acc in `cat account.txt`
usermod -G hello $acc
Actual Results: /etc/group file was broken.
Expected Results: all users are added into 'hello' group.
Problem looks to be in a 4096 byte barrier somewhere - I found this problem
also to exist when I add a user with adduser and secundairy groups; right at a
4096 byte length line it's broken and the groupfile is truncated (and thus
I ran into this as well.
fix is in shadow cvs at:
comment from the above fix:
2001-09-07 Tomasz K3oczko <firstname.lastname@example.org>
* lib/commonio.c, NEWS:
Fix bug discovered and fixed by Marcel Ritter <Marcel.Ritter@rrze.uni-erlangen.de>
Due to a big buffer size in lib/commonio.c this error does only appear
if a line gets longer than 4096 bytes (there are probably very few people
stumbling across this).
Ths bug can be exposed by trashing /etc/groups file using useradd with script:
typeset -i NUM
while [ $NUM -le 1000 ]; do
useradd -g demogroup -G demogroup -p "NONE" user$NUM
After applying the above patch to the source, I was able to create a group that
exceeded 4096 characters with the usermod tool.
this also affects RedHat 7.3
This affects newest RawHide packages, and Red Hat 8.0. I have a multiuser system
and the current number of users causes useradd to delete all my users' groups,
truncating the 'users' group. I'm attaching my own patch applying clearly to
shadow-utils-20000902-12 sources, which I came up with when trying to understand
what is happening to my system. It doesn't use any dynamically allocated
integer, contrary to PLD patch. This also isn't the perfect patch. It allocates
4096 bytes and reads at most 4095 at a time, so on a system with one /etc/group
line having 8192 characters, it wastes 2 bytes. What a pity :) Works for me now,
but I'm really disappointed on Red Hat having the patch since almost two years
(take a look at bug 3809!) and doing nothing, when the tools they provide delete
their users' and clients' data...
Created attachment 78444 [details]
My proposed patch fixing the issue.
Oh, by the way, building an rpm with my patch, I have noticed:
useradd.o(.text+0x5c4): the use of `mktemp' is dangerous, better use `mkstemp'
Maybe it's harmful, but also doesn't give me the sense of security a Linux
distribution should provide.
I meant "harmless", please excuse me.
Any ideas as to when we can expect this bug fixed?
Just discovered this bug the hard way on RedHat 8.0, a trashed /etc/group file.
Not very nice for large linux servers. This is really bad for enterprise sized
servers. Will this be fixed in version 8.1 ?
This appears to be fixed in RedHat 9 however it is still broken in RedHat 7.2.
Any ideas as to whether this will be fixed in 7.2 seeing as it goes End Of Life
at the end of this year?