Bug 89591 - useradd home creation defaults dangerous and confusing
useradd home creation defaults dangerous and confusing
Product: Red Hat Linux
Classification: Retired
Component: shadow-utils (Show other bugs)
i686 Linux
medium Severity low
: ---
: ---
Assigned To: Peter Vrabec
David Lawrence
: 158574 (view as bug list)
Depends On:
  Show dependency treegraph
Reported: 2003-04-24 14:28 EDT by ldd
Modified: 2007-04-18 12:53 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-08-08 07:53:32 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description ldd 2003-04-24 14:28:08 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3a) Gecko/20021212

Description of problem:
useradd by default creates a new user directory and populates it with the files
from /etc/skel.  If the directory already exists, it is not created anew but the
files from /etc/skel are still copied.

This behavior is dangerous and the documentation does nothing to indicate that
this is the default behavior.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Create /home/foo manually.
2. Create a fake /home/foo/.bashrc.
3. Execute: useradd -d /home/foo foo.    

Actual Results:  .bashrc is overwritten.

Expected Results:  .bashrc should not be overwritten.

Additional info:

Suggested solutions, in order of decreasing preference:

1. If a skel file already exists in the new home, don't overwrite it.

2. If the home already exists, don't copy the skel files.

3. Backup any skel files that are going to be overwritten.

4. Change the behavior back to the original default of useradd which is to not

The documentation is also not quite clear.  Here is what man has to say:

-m     The  user’s home directory will be created if it does not exist.
       The files contained in skeleton_dir will be copied to  the  home
       directory  if  the  -k  option is used, otherwise the files con-
       tained in /etc/skel will be used instead.  Any directories  con-
       tained  in  skeleton_dir  or  /etc/skel  will  be created in the
       user’s home directory as well.  The -k option is only  valid  in
       conjunction  with  the  -m option.  The default is to not create
       the directory and to not copy any files.

It doesn't make it clear that the file copying happens whether or not a new home
directory is actually created.  The fact that the copying happens whether or not
the home already exists should be made explicit.  Also it says the default is
not to create the directory but it should also mention that /etc/login.defs can
override this default behavior.  (And login.defs should get proper documentation
too.)  This is what bit me: I read the above and thought useradd would not
attempt to create the directory (or copy any files) since there was no
indication that /etc/login.defs would override that behavior.
Comment 1 Peter Vrabec 2005-08-01 08:54:45 EDT
*** Bug 158574 has been marked as a duplicate of this bug. ***
Comment 2 Peter Vrabec 2005-08-08 07:53:32 EDT
fixed since shadow-utils-4.0.7-10.FC4

Note You need to log in before you can comment on or make changes to this bug.