On Tue, Mar 04, 2025 at 03:23:17PM +0100, Vincent Lefevre wrote:
Well, I don't know whether a system account may have a password,
but this would still fail unexpectedly in such a case.
The adduser(8) man page says:
"adduser --system" does not set a password for the new account.
but it seems that passwd(1) can set a password: its man page says
while the superuser may change the password for any account.
If a password is forbidden for a system account, then this should
be enforced in passwd(1).
A password ist not forbidden for a system account. Are there any docs
that suggest this prohibition?
1. For a system account, there would still be an issue if the account
has a password (if possible). If EXISTING_ID_MISMATCH is set, this
would also yield an issue; I think that this is possible if the --uid
adduser option is used, with an id different from the current one for
this account. You should add a test for this case.
2. For a non-system account, the problematic test would always be
false, while it is actually meant to be true (the error message
contains "but is not a system user"). So you should add a test
adduser --system username
where the username account already exists and is not a system account
(not sure whether other options, such as --disabled-password, may be
needed). One would expect a non-zero exit status because --system is
used while username exists and is not a system account.
Thanks for this input. It is valuable. I have opened #1099570 and would
appreciate if you could add possible command chains that we could use
for these test cases.
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
