From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-3.0 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL autolearn=ham autolearn_force=no version=3.4.4 Received: from second.openwall.net (second.openwall.net [193.110.157.125]) by inbox.vuxu.org (Postfix) with SMTP id 2419721510 for ; Thu, 23 May 2024 15:21:07 +0200 (CEST) Received: (qmail 20142 invoked by uid 550); 23 May 2024 13:21:03 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Reply-To: musl@lists.openwall.com Received: (qmail 20091 invoked from network); 23 May 2024 13:21:03 -0000 Date: Thu, 23 May 2024 09:21:17 -0400 From: Rich Felker To: Collin Funk Cc: musl@lists.openwall.com Message-ID: <20240523132117.GZ10433@brightrain.aerifal.cx> References: <625e06f9-10ca-4ad3-86e2-6f6edf585ec9@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <625e06f9-10ca-4ad3-86e2-6f6edf585ec9@gmail.com> User-Agent: Mutt/1.5.21 (2010-09-15) Subject: Re: [musl] getusershell should ignore comments and empty lines. On Fri, May 17, 2024 at 08:17:54PM -0700, Collin Funk wrote: > Hello Musl maintainers, > > The getusershell function behaves differently from Glibc and FreeBSD. > I believe that it should follow those implementations by ignoring > comments and empty lines. > > I wrote a test for Gnulib that catches this issue. You may find it > helpful for testing [1]. > > On FreeBSD I have the following etc/shells: > > ============================================== > # List of acceptable shells for chpass(1). > # ftpd(8) will not allow users to connect who are not using > # one of these shells. > > > > /bin/sh > /bin/csh > /bin/tcsh > /usr/local/bin/bash > /usr/local/bin/rbash > /usr/local/libexec/git-core/git-shell > ============================================== > > And I run the following in a Gnulib checkout: > > $ rm -rf testdir1 && ./gnulib-tool --create-testdir --dir testdir1 getusershell > $ cd testdir1 > $ ./configure > $ make > $ ./gltests/test-getusershell > /bin/sh > /bin/csh > /bin/tcsh > /usr/local/bin/bash > /usr/local/bin/rbash > /usr/local/libexec/git-core/git-shell > > GNU libc behaves the same way. I have not checked the other BSDs but I > assume they use the same code derived from 4.3BSD or 4.4BSD. > > Using an Alpine Linux virtual machine with Musl Version 1.2.4_git20230717 > and a few packages installed I have the default /etc/shells: > > ============================================== > # valid login shells > /bin/sh > /bin/ash > /bin/bash > ============================================== > > Using the same commands listed earlier I run: > > $ ./gltests/test-getusershell > test-getusershell.c:54: assertion 'ptr[0] != '#'' failed > Aborted > > And after adding an empty line before the comment: > > $ ./gltests/test-getusershell > test-getusershell.c:55: assertion 'ptr[0] != '\0'' failed > Aborted > > Let me know if you have any questions. The FreeBSD shells(5) man page > is pretty good and might be helpful [2]. Here is a link to their > implementation incase that helps too [3]. It says: "A hash mark (``#'') indicates the beginning of a comment; subsequent characters up to the end of the line are not interpreted by the routines which search the file." This isn't very clear whether # is only a comment on the beginning of a line (after potential whitespace?) or whether # appearing in a line with a shell pathname is a comment or part of the pathname. If it's a comment, it's not clear if whitespace before it is part of the shell pathname -- e.g. does "/bin/sh # best shell" define "/bin/sh" or "/bin/sh " as the shell pathname? It sounds like nobody ever thought about whitespace, quoting, or rigorous comment syntax here... Rich