/var/tmp/passwd grows with duplicate entries

frater

Mitglied
Mitglied seit
23 Nov 2008
Beiträge
455
Punkte für Reaktionen
3
Punkte
18
I have 2 packages with its own user added to Freetz for years. These are zabbix and ntp.
A few of my boxes became inaccessible over time because /var/tmp/passwd and /var/tmp/passwd.avm became huge.
At first I thought the boxes were hacked, but it turned out to be an anomaly....

I now have created this in startup to get rid of that:

Code:
if [ `stat -c%s /var/tmp/passwd` -gt 4000 ] ; then
  echo "Sanitizing /var/tmp/passwd" >>${LOG}
  rm /var/tmp/passwd-
  rm /var/tmp/passwd.avm
  echo 'root:x:0:0:root:/mod/root:/bin/sh' >/tmp/passwd.tmp
  sort -u /var/tmp/passwd | grep -v ^root: >>/tmp/passwd.tmp
  cat /tmp/passwd.tmp >/var/tmp/passwd
  rm /tmp/passwd.tmp
  modsave all
fi

It seems ctlmgr gets confused with the foreign entries of ntp and zabbix that look like this:

Code:
zabbix:x:100:1000:zabbix:/home/zabbix:/bin/false
ntp:x:101:1001:ntp:/home/ntp:/bin/false

I see this behaviour only on 7.12 and 7.13
The lines containing ntp and zabbix get duplicated each time that ctlmgr starts.
I have patched the hashes before publication.

Code:
root@fritz:/var/mod/root# cat /var/tmp/passwd
root:x:0:0:root:/mod/root:/bin/sh
ntp:x:100:1000:ntp:/home/ntp:/bin/false
zabbix:x:101:1001:zabbix:/home/zabbix:/bin/false
ntp:x:100:1000:ntp:/home/ntp:/bin/false
zabbix:x:101:1001:zabbix:/home/zabbix:/bin/false
boxusr11:$1$ancyluh$AeY7zRwEcbco5wRC3Cc4P1:1011:0:box user:/home-not-used:/bin/sh
boxusr11int:$1$gvfycdl$Uu43YKkcX83A./QscuLSF/:2011:0:box user:/home-not-used:/bin/sh
boxusr10:$1$ffpmcpc$x0IGSjCOTjXXrfnttmtWD/:1010:0:box user:/home-not-used:/bin/sh
boxusr10int:$1$ydcntvg$TK822zJ2Xj3U8TwCF0JeV/:2010:0:box user:/home-not-used:/bin/sh
boxusr100:$1$pmuiqcx$vuKWznXe2OmuuFSLFuQwH1:1100:0:box user:/home-not-used:/bin/sh
boxusr100int:$1$iacdflp$7XSwsAX5yU9.Uzbxmvq3D1:2100:0:box user:/home-not-used:/bin/sh

root@fritz:/var/mod/root# ctlmgr -s

root@fritz:/var/mod/root# cat /var/tmp/passwd
root:x:0:0:root:/mod/root:/bin/sh
ntp:x:100:1000:ntp:/home/ntp:/bin/false
zabbix:x:101:1001:zabbix:/home/zabbix:/bin/false
ntp:x:100:1000:ntp:/home/ntp:/bin/false
zabbix:x:101:1001:zabbix:/home/zabbix:/bin/false
boxusr11:$1$ancyluh$AeY7zRwEcbco5wRC3Cc4P1:1011:0:box user:/home-not-used:/bin/sh
boxusr11int:$1$gvfycdl$Uu43YKkcX83A./QscuLSF/:2011:0:box user:/home-not-used:/bin/sh
boxusr10:$1$ffpmcpc$x0IGSjCOTjXXrfnttmtWD/:1010:0:box user:/home-not-used:/bin/sh
boxusr10int:$1$ydcntvg$TK822zJ2Xj3U8TwCF0JeV/:2010:0:box user:/home-not-used:/bin/sh
boxusr100:$1$pmuiqcx$vuKWznXe2OmuuFSLFuQwH1:1100:0:box user:/home-not-used:/bin/sh
boxusr100int:$1$iacdflp$7XSwsAX5yU9.Uzbxmvq3D1:2100:0:box user:/home-not-used:/bin/sh

root@fritz:/var/mod/root# ctlmgr

root@fritz:/var/mod/root# cat /var/tmp/passwd
root:x:0:0:root:/mod/root:/bin/sh
ntp:x:100:1000:ntp:/home/ntp:/bin/false
zabbix:x:101:1001:zabbix:/home/zabbix:/bin/false
ntp:x:100:1000:ntp:/home/ntp:/bin/false
zabbix:x:101:1001:zabbix:/home/zabbix:/bin/false
ntp:x:100:1000:ntp:/home/ntp:/bin/false
zabbix:x:101:1001:zabbix:/home/zabbix:/bin/false
ntp:x:100:1000:ntp:/home/ntp:/bin/false
zabbix:x:101:1001:zabbix:/home/zabbix:/bin/false
boxusr11:$1$ancyluh$AeY7zRwEcbco5wRC3Cc4P1:1011:0:box user:/home-not-used:/bin/sh
boxusr11int:$1$gvfycdl$Uu43YKkcX83A./QscuLSF/:2011:0:box user:/home-not-used:/bin/sh
boxusr10:$1$ffpmcpc$x0IGSjCOTjXXrfnttmtWD/:1010:0:box user:/home-not-used:/bin/sh
boxusr10int:$1$ydcntvg$TK822zJ2Xj3U8TwCF0JeV/:2010:0:box user:/home-not-used:/bin/sh
boxusr100:$1$pmuiqcx$vuKWznXe2OmuuFSLFuQwH1:1100:0:box user:/home-not-used:/bin/sh
boxusr100int:$1$iacdflp$7XSwsAX5yU9.Uzbxmvq3D1:2100:0:box user:/home-not-used:/bin/sh
 
Zuletzt bearbeitet:
I have the same problem with a 7590 with fritz OS 7.12. I was able to solve this with a userid from 1000. It looks as if the ctlmgr now writes users with userids smaller than 1000 in the /var/tmp/passwd.tmp and these users are then reproduced by modusers.
 
Me too:

7590
Firmware: 154.07.12 rev69995
Freetz: master-20190811-ccfffebe9

/var/tmp/passwd.avm:

Code:
tor:x:100:1000:tor:/home/tor:/bin/false
tor:x:100:1000:tor:/home/tor:/bin/false
openvpn:x:102:1002:openvpn:/home/openvpn:/bin/false
tor:x:100:1000:tor:/home/tor:/bin/false
tor:x:100:1000:tor:/home/tor:/bin/false
openvpn:x:102:1002:openvpn:/home/openvpn:/bin/false
...

And I have bootloops after updating to freetz-ng 7.19. Maybe there is a connection to this issue.

I was able to solve this with a userid from 1000.

Can you explain what you did exactly? What do I have to do to change a userid on a 7590?

It looks as if the ctlmgr now writes users with userids smaller than 1000 in the /var/tmp/passwd.tmp and these users are then reproduced by modusers.

Can you explain what you mean by "these users are then reproduced by modusers"?

Thanks in advance!
 
Can you explain what you did exactly? What do I have to do to change a userid on a 7590?
Delete all tor users from /var/tmp/passwd and /var/tmp/passwd.avm. Then change the id with vi in the file /var/tmp/flash/users/passwd (third column, i.e. with tor for you currently 100) to a free number greater than or equal to 1000. Then modsave all and a reboot.

Can you explain what you mean by "these users are then reproduced by modusers"?
The command /usr/bin/modusers is called by some freetz scripts (e.g. from /var/mod/etc/init.d/rc.nfsd via modlib_add_user_and_group from /etc/init.d/modlibrc). Take a look at the modusers script and you will understand what I mean.
 
Holen Sie sich 3CX - völlig kostenlos!
Verbinden Sie Ihr Team und Ihre Kunden Telefonie Livechat Videokonferenzen

Gehostet oder selbst-verwaltet. Für bis zu 10 Nutzer dauerhaft kostenlos. Keine Kreditkartendetails erforderlich. Ohne Risiko testen.

3CX
Für diese E-Mail-Adresse besteht bereits ein 3CX-Konto. Sie werden zum Kundenportal weitergeleitet, wo Sie sich anmelden oder Ihr Passwort zurücksetzen können, falls Sie dieses vergessen haben.