Andy Kurth created VCL-860:
------------------------------
Summary: Linux.pm's create_user silently fails if vcl group does
not exist
Key: VCL-860
URL: https://issues.apache.org/jira/browse/VCL-860
Project: VCL
Issue Type: Improvement
Components: vcld (backend)
Affects Versions: 2.4, 2.4.1, 2.4.2
Reporter: Andy Kurth
Priority: Minor
The {{Linux.pm::create_user}} subroutine could be improved. If the *_vcl_*
user group does not exist, {{create_user}} does not successfully create the
user but returns true. No useful output is displayed in _vcld.log_ indicating
the user was not created. The following error message is being generated by
the command but not being caught or displayed:
{noformat}
useradd: group 'vcl' does not exist
{noformat}
Later on, the following is displayed in _vcld.log_ when the code attempts to
set the password of the non-existent user:
{noformat}
chpasswd: (user arkurth) pam_chauthtok() failed, error:
Authentication token manipulation error
chpasswd: (line 1, user arkurth) password not changed
{noformat}
This leads someone to try to troubleshoot a problem with the _passwd_ command,
even though the underlying problem is with sloppy code in {{create_user}}.
This subroutine should be improved.
Why is the *_vcl_* group even needed? This user group is not a default
characteristic of the OS and is hard-coded in the VCL code -- something which
should be avoided. It would simplify things if the default user group named
after the user is used. If we add features in the future allowing more
elaborate user groups to be configured, the *_vcl_* user group is going to
continue to be a nuisance.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
