Red Hat Bugzilla – Bug 80242
useradd overwrites files in existing home directory
Last modified: 2007-04-18 12:49:14 EDT
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20021218 Description of problem: Even if a home directory already exists, containing files that are not derived from (earlier) skeleton files, useradd will overwrite them. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1.Create a home directory for a user by hand 2.Create a .bash_profile in it, with arbitrary contents 3.Run useradd without -M to create an account for the user Actual Results: The hand-created .bash_profile is overwritten. Expected Results: I understand -m is the default because of login.defs, but I'd find it safer if it did not overwrite files that already existed. Perhaps we should have markers in skeleton files that useradd could recognize and use as an indication that it is ok to overwrite those files, or replace the marked part of the file? Of course this wouldn't work for existing skeleton files, but I'd rather not update a file that should be updated than overwrite a precious file because of the absence of a command-line option. Additional info:
On the other hand, not wiping out previous data could be a security concern and our a hassle (obsolete bash_profile preventing login with a newer system)
So wouldn't it be better if it failed noisily if it finds a file it would like to replace, offering command-line options to replace files or to leave them alone? Accidentally replacing user files without notice is not exactly something nice to do.
fixed since shadow-utils-4.0.7-10.FC4