/var/tmp/passwd grows with duplicate entries

[frater]

I have 2 packages with its own user added to Freetz for years. These are zabbix and ntp.
A few of my boxes became inaccessible over time because /var/tmp/passwd and /var/tmp/passwd.avm became huge.
At first I thought the boxes were hacked, but it turned out to be an anomaly....

I now have created this in startup to get rid of that:

if [ `stat -c%s /var/tmp/passwd` -gt 4000 ] ; then
  echo "Sanitizing /var/tmp/passwd" >>${LOG}
  rm /var/tmp/passwd-
  rm /var/tmp/passwd.avm
  echo 'root:x:0:0:root:/mod/root:/bin/sh' >/tmp/passwd.tmp
  sort -u /var/tmp/passwd | grep -v ^root: >>/tmp/passwd.tmp
  cat /tmp/passwd.tmp >/var/tmp/passwd
  rm /tmp/passwd.tmp
  modsave all
fi

It seems ctlmgr gets confused with the foreign entries of ntp and zabbix that look like this:

zabbix:x:100:1000:zabbix:/home/zabbix:/bin/false
ntp:x:101:1001:ntp:/home/ntp:/bin/false

I see this behaviour only on 7.12 and 7.13
The lines containing ntp and zabbix get duplicated each time that ctlmgr starts.
I have patched the hashes before publication.

root@fritz:/var/mod/root# cat /var/tmp/passwd
root:x:0:0:root:/mod/root:/bin/sh
ntp:x:100:1000:ntp:/home/ntp:/bin/false
zabbix:x:101:1001:zabbix:/home/zabbix:/bin/false
ntp:x:100:1000:ntp:/home/ntp:/bin/false
zabbix:x:101:1001:zabbix:/home/zabbix:/bin/false
boxusr11:$1$ancyluh$AeY7zRwEcbco5wRC3Cc4P1:1011:0:box user:/home-not-used:/bin/sh
boxusr11int:$1$gvfycdl$Uu43YKkcX83A./QscuLSF/:2011:0:box user:/home-not-used:/bin/sh
boxusr10:$1$ffpmcpc$x0IGSjCOTjXXrfnttmtWD/:1010:0:box user:/home-not-used:/bin/sh
boxusr10int:$1$ydcntvg$TK822zJ2Xj3U8TwCF0JeV/:2010:0:box user:/home-not-used:/bin/sh
boxusr100:$1$pmuiqcx$vuKWznXe2OmuuFSLFuQwH1:1100:0:box user:/home-not-used:/bin/sh
boxusr100int:$1$iacdflp$7XSwsAX5yU9.Uzbxmvq3D1:2100:0:box user:/home-not-used:/bin/sh

root@fritz:/var/mod/root# ctlmgr -s

root@fritz:/var/mod/root# cat /var/tmp/passwd
root:x:0:0:root:/mod/root:/bin/sh
ntp:x:100:1000:ntp:/home/ntp:/bin/false
zabbix:x:101:1001:zabbix:/home/zabbix:/bin/false
ntp:x:100:1000:ntp:/home/ntp:/bin/false
zabbix:x:101:1001:zabbix:/home/zabbix:/bin/false
boxusr11:$1$ancyluh$AeY7zRwEcbco5wRC3Cc4P1:1011:0:box user:/home-not-used:/bin/sh
boxusr11int:$1$gvfycdl$Uu43YKkcX83A./QscuLSF/:2011:0:box user:/home-not-used:/bin/sh
boxusr10:$1$ffpmcpc$x0IGSjCOTjXXrfnttmtWD/:1010:0:box user:/home-not-used:/bin/sh
boxusr10int:$1$ydcntvg$TK822zJ2Xj3U8TwCF0JeV/:2010:0:box user:/home-not-used:/bin/sh
boxusr100:$1$pmuiqcx$vuKWznXe2OmuuFSLFuQwH1:1100:0:box user:/home-not-used:/bin/sh
boxusr100int:$1$iacdflp$7XSwsAX5yU9.Uzbxmvq3D1:2100:0:box user:/home-not-used:/bin/sh

root@fritz:/var/mod/root# ctlmgr

root@fritz:/var/mod/root# cat /var/tmp/passwd
root:x:0:0:root:/mod/root:/bin/sh
ntp:x:100:1000:ntp:/home/ntp:/bin/false
zabbix:x:101:1001:zabbix:/home/zabbix:/bin/false
ntp:x:100:1000:ntp:/home/ntp:/bin/false
zabbix:x:101:1001:zabbix:/home/zabbix:/bin/false
ntp:x:100:1000:ntp:/home/ntp:/bin/false
zabbix:x:101:1001:zabbix:/home/zabbix:/bin/false
ntp:x:100:1000:ntp:/home/ntp:/bin/false
zabbix:x:101:1001:zabbix:/home/zabbix:/bin/false
boxusr11:$1$ancyluh$AeY7zRwEcbco5wRC3Cc4P1:1011:0:box user:/home-not-used:/bin/sh
boxusr11int:$1$gvfycdl$Uu43YKkcX83A./QscuLSF/:2011:0:box user:/home-not-used:/bin/sh
boxusr10:$1$ffpmcpc$x0IGSjCOTjXXrfnttmtWD/:1010:0:box user:/home-not-used:/bin/sh
boxusr10int:$1$ydcntvg$TK822zJ2Xj3U8TwCF0JeV/:2010:0:box user:/home-not-used:/bin/sh
boxusr100:$1$pmuiqcx$vuKWznXe2OmuuFSLFuQwH1:1100:0:box user:/home-not-used:/bin/sh
boxusr100int:$1$iacdflp$7XSwsAX5yU9.Uzbxmvq3D1:2100:0:box user:/home-not-used:/bin/sh

 

[braunechrysler]

I have the same problem with a 7590 with fritz OS 7.12. I was able to solve this with a userid from 1000. It looks as if the ctlmgr now writes users with userids smaller than 1000 in the /var/tmp/passwd.tmp and these users are then reproduced by modusers.

 

[mischmit]

Me too:

7590
Firmware: 154.07.12 rev69995
Freetz: master-20190811-ccfffebe9

/var/tmp/passwd.avm:

tor:x:100:1000:tor:/home/tor:/bin/false
tor:x:100:1000:tor:/home/tor:/bin/false
openvpn:x:102:1002:openvpn:/home/openvpn:/bin/false
tor:x:100:1000:tor:/home/tor:/bin/false
tor:x:100:1000:tor:/home/tor:/bin/false
openvpn:x:102:1002:openvpn:/home/openvpn:/bin/false
...

And I have bootloops after updating to freetz-ng 7.19. Maybe there is a connection to this issue.

I was able to solve this with a userid from 1000.

Can you explain what you did exactly? What do I have to do to change a userid on a 7590?

It looks as if the ctlmgr now writes users with userids smaller than 1000 in the /var/tmp/passwd.tmp and these users are then reproduced by modusers.

Can you explain what you mean by "these users are then reproduced by modusers"?

Thanks in advance!

 

[braunechrysler]

Can you explain what you did exactly? What do I have to do to change a userid on a 7590?

Delete all tor users from /var/tmp/passwd and /var/tmp/passwd.avm. Then change the id with vi in the file /var/tmp/flash/users/passwd (third column, i.e. with tor for you currently 100) to a free number greater than or equal to 1000. Then modsave all and a reboot.

Can you explain what you mean by "these users are then reproduced by modusers"?

The command /usr/bin/modusers is called by some freetz scripts (e.g. from /var/mod/etc/init.d/rc.nfsd via modlib_add_user_and_group from /etc/init.d/modlibrc). Take a look at the modusers script and you will understand what I mean.