useradd command does not copy all of /etc/skel

Bug #1998169 reported by Chris Deckard
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
shadow (Ubuntu)
Fix Released
Undecided
Camila Camargo de Matos

Bug Description

====================================================
I know the useradd command is discouraged, but I wanted to report the bug to make the maintainers of the package aware.

Recently there was an update of Ubuntu's passwd package which is sourced from shadow from version 4.8.1-1ubuntu5.20.04.2 to version 4.8.1-1ubuntu5.20.04.3

When using the useradd command, the /etc/skel directory with contents below, an only copies in one empty folder.

====================================================
ls -lah /etc/skel
total 60K
drwxrwxrwx 10 root user 4.0K Nov 28 18:33 .
drwxr-xr-x 155 root root 12K Nov 28 19:12 ..
drwxrwxrwx 2 root user 4.0K Nov 28 18:23 .backgrounds
-rwxrwxrwx 1 root user 220 Nov 28 18:23 .bash_logout
-rwxrwxrwx 1 root user 3.7K Nov 28 18:23 .bashrc
drwxrwxrwx 6 root user 4.0K Nov 28 18:23 .config
drwxrwxrwx 3 root user 4.0K Nov 28 18:23 Desktop
drwxrwxrwx 2 root user 4.0K Nov 28 18:30 .fonts_stuff
drwxrwxrwx 2 root user 4.0K Nov 28 18:23 .icons
-rwxrwxrwx 1 root user 765 Nov 28 18:23 .profile
drwxrwxrwx 2 root root 4.0K Nov 28 18:32 testfolderempty
drwxrwxrwx 3 root user 4.0K Nov 28 18:23 .themes
drwxrwxrwx 14 root user 4.0K Nov 28 18:23 WinAte
====================================================
ls -lah /home/user20
total 12K
drwx------ 3 user20 user 4.0K Nov 28 19:12 .
drwxr-xr-x 18 root root 4.0K Nov 28 19:12 ..
drwx------ 2 user20 user 4.0K Nov 28 19:12 WinAte

ls -lah /home/user20/WinAte/
total 8.0K
drwx------ 2 user20 user 4.0K Nov 28 19:12 .
drwx------ 3 user20 user 4.0K Nov 28 19:12 ..

====================================================
I noticed in the strace calls for useradd that the kernel is returning the correct count of directories, but the useradd is clearly not copying all of them. Below is the strace output.
====================================================

strace useradd -k /etc/skel -g 900 -m -s /bin/bash -p a_password -c User20 user20
execve("/usr/sbin/useradd", ["useradd", "-k", "/etc/skel", "-g", "900", "-m", "-s", "/bin/bash", "-p", "P@ssw0rd!", "-c", "User20", "user20"], 0x7fffe10eba10 /* 24 vars */) = 0
brk(NULL) = 0x5631ba1c2000
arch_prctl(0x3001 /* ARCH_??? */, 0x7fff0e47bab0) = -1 EINVAL (Invalid argument)
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=98383, ...}) = 0
mmap(NULL, 98383, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fea9b7bf000
close(3) = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libaudit.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\3407\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=133200, ...}) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fea9b7bd000
mmap(NULL, 176296, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fea9b791000
mprotect(0x7fea9b794000, 118784, PROT_NONE) = 0
mmap(0x7fea9b794000, 32768, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7fea9b794000
mmap(0x7fea9b79c000, 81920, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x7fea9b79c000
mmap(0x7fea9b7b1000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1f000) = 0x7fea9b7b1000
mmap(0x7fea9b7b3000, 37032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fea9b7b3000
close(3) = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libselinux.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@p\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=163200, ...}) = 0
mmap(NULL, 174600, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fea9b766000
mprotect(0x7fea9b76c000, 135168, PROT_NONE) = 0
mmap(0x7fea9b76c000, 102400, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7fea9b76c000
mmap(0x7fea9b785000, 28672, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1f000) = 0x7fea9b785000
mmap(0x7fea9b78d000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x26000) = 0x7fea9b78d000
mmap(0x7fea9b78f000, 6664, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fea9b78f000
close(3) = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libsemanage.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340\364\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=268920, ...}) = 0
mmap(NULL, 271912, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fea9b723000
mmap(0x7fea9b730000, 143360, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xd000) = 0x7fea9b730000
mmap(0x7fea9b753000, 65536, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x30000) = 0x7fea9b753000
mmap(0x7fea9b763000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3f000) = 0x7fea9b763000
close(3) = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\300A\2\0\0\0\0\0"..., 832) = 832
pread64(3, "\6\0\0\0\4\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0"..., 784, 64) = 784
pread64(3, "\4\0\0\0\20\0\0\0\5\0\0\0GNU\0\2\0\0\300\4\0\0\0\3\0\0\0\0\0\0\0", 32, 848) = 32
pread64(3, "\4\0\0\0\24\0\0\0\3\0\0\0GNU\0\30x\346\264ur\f|Q\226\236i\253-'o"..., 68, 880) = 68
fstat(3, {st_mode=S_IFREG|0755, st_size=2029592, ...}) = 0
pread64(3, "\6\0\0\0\4\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0"..., 784, 64) = 784
pread64(3, "\4\0\0\0\20\0\0\0\5\0\0\0GNU\0\2\0\0\300\4\0\0\0\3\0\0\0\0\0\0\0", 32, 848) = 32
pread64(3, "\4\0\0\0\24\0\0\0\3\0\0\0GNU\0\30x\346\264ur\f|Q\226\236i\253-'o"..., 68, 880) = 68
mmap(NULL, 2037344, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fea9b531000
mmap(0x7fea9b553000, 1540096, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x22000) = 0x7fea9b553000
mmap(0x7fea9b6cb000, 319488, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x19a000) = 0x7fea9b6cb000
mmap(0x7fea9b719000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1e7000) = 0x7fea9b719000
mmap(0x7fea9b71f000, 13920, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fea9b71f000
close(3) = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libcap-ng.so.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220$\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=27064, ...}) = 0
mmap(NULL, 28984, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fea9b529000
mmap(0x7fea9b52b000, 12288, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7fea9b52b000
mmap(0x7fea9b52e000, 4096, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x5000) = 0x7fea9b52e000
mmap(0x7fea9b52f000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x5000) = 0x7fea9b52f000
close(3) = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libpcre2-8.so.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340\"\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=588488, ...}) = 0
mmap(NULL, 590632, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fea9b498000
mmap(0x7fea9b49a000, 413696, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7fea9b49a000
mmap(0x7fea9b4ff000, 163840, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x67000) = 0x7fea9b4ff000
mmap(0x7fea9b527000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x8e000) = 0x7fea9b527000
close(3) = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 \22\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=18848, ...}) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fea9b496000
mmap(NULL, 20752, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fea9b490000
mmap(0x7fea9b491000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1000) = 0x7fea9b491000
mmap(0x7fea9b493000, 4096, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7fea9b493000
mmap(0x7fea9b494000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7fea9b494000
close(3) = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libsepol.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\300w\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=713192, ...}) = 0
mmap(NULL, 722536, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fea9b3df000
mprotect(0x7fea9b3e6000, 679936, PROT_NONE) = 0
mmap(0x7fea9b3e6000, 507904, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7000) = 0x7fea9b3e6000
mmap(0x7fea9b462000, 167936, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x83000) = 0x7fea9b462000
mmap(0x7fea9b48c000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xac000) = 0x7fea9b48c000
mmap(0x7fea9b48e000, 5736, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fea9b48e000
close(3) = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libbz2.so.1.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@\"\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=74848, ...}) = 0
mmap(NULL, 76840, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fea9b3cc000
mmap(0x7fea9b3ce000, 53248, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7fea9b3ce000
mmap(0x7fea9b3db000, 8192, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xf000) = 0x7fea9b3db000
mmap(0x7fea9b3dd000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x10000) = 0x7fea9b3dd000
close(3) = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libpthread.so.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220q\0\0\0\0\0\0"..., 832) = 832
pread64(3, "\4\0\0\0\24\0\0\0\3\0\0\0GNU\0{E6\364\34\332\245\210\204\10\350-\0106\343="..., 68, 824) = 68
fstat(3, {st_mode=S_IFREG|0755, st_size=157224, ...}) = 0
pread64(3, "\4\0\0\0\24\0\0\0\3\0\0\0GNU\0{E6\364\34\332\245\210\204\10\350-\0106\343="..., 68, 824) = 68
mmap(NULL, 140408, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fea9b3a9000
mmap(0x7fea9b3af000, 69632, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7fea9b3af000
mmap(0x7fea9b3c0000, 24576, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x17000) = 0x7fea9b3c0000
mmap(0x7fea9b3c6000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1c000) = 0x7fea9b3c6000
mmap(0x7fea9b3c8000, 13432, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fea9b3c8000
close(3) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fea9b3a7000
arch_prctl(ARCH_SET_FS, 0x7fea9b3a8280) = 0
mprotect(0x7fea9b719000, 16384, PROT_READ) = 0
mprotect(0x7fea9b3c6000, 4096, PROT_READ) = 0
mprotect(0x7fea9b3dd000, 4096, PROT_READ) = 0
mprotect(0x7fea9b48c000, 4096, PROT_READ) = 0
mprotect(0x7fea9b494000, 4096, PROT_READ) = 0
mprotect(0x7fea9b527000, 4096, PROT_READ) = 0
mprotect(0x7fea9b52f000, 4096, PROT_READ) = 0
mprotect(0x7fea9b7b1000, 4096, PROT_READ) = 0
mprotect(0x7fea9b78d000, 4096, PROT_READ) = 0
mprotect(0x7fea9b763000, 4096, PROT_READ) = 0
mprotect(0x5631b85c0000, 8192, PROT_READ) = 0
mprotect(0x7fea9b805000, 4096, PROT_READ) = 0
munmap(0x7fea9b7bf000, 98383) = 0
set_tid_address(0x7fea9b3a8550) = 49452
set_robust_list(0x7fea9b3a8560, 24) = 0
rt_sigaction(SIGRTMIN, {sa_handler=0x7fea9b3afbf0, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7fea9b3bd420}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=0x7fea9b3afc90, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fea9b3bd420}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
statfs("/sys/fs/selinux", 0x7fff0e47ba00) = -1 ENOENT (No such file or directory)
statfs("/selinux", 0x7fff0e47ba00) = -1 ENOENT (No such file or directory)
brk(NULL) = 0x5631ba1c2000
brk(0x5631ba1e3000) = 0x5631ba1e3000
openat(AT_FDCWD, "/proc/filesystems", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
read(3, "nodev\tsysfs\nnodev\ttmpfs\nnodev\tbd"..., 1024) = 378
read(3, "", 1024) = 0
close(3) = 0
access("/etc/selinux/config", F_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=120914336, ...}) = 0
mmap(NULL, 120914336, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fea94056000
close(3) = 0
socket(AF_NETLINK, SOCK_RAW, NETLINK_AUDIT) = 3
fcntl(3, F_SETFD, FD_CLOEXEC) = 0
openat(AT_FDCWD, "/proc/sys/kernel/ngroups_max", O_RDONLY) = 4
read(4, "65536\n", 31) = 6
close(4) = 0
mmap(NULL, 528384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fea93fd5000
openat(AT_FDCWD, "/etc/login.defs", O_RDONLY) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=10550, ...}) = 0
read(4, "#\n# /etc/login.defs - Configurat"..., 4096) = 4096
read(4, " issuing \n# the \"mesg y\" command"..., 4096) = 4096
read(4, "algorithm compatible with the on"..., 4096) = 2358
read(4, "", 4096) = 0
close(4) = 0
access("/etc/shadow", F_OK) = 0
access("/etc/gshadow", F_OK) = 0
openat(AT_FDCWD, "/etc/default/useradd", O_RDONLY) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=1118, ...}) = 0
read(4, "# Default values for useradd(8)\n"..., 4096) = 1118
read(4, "", 4096) = 0
close(4) = 0
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
connect(4, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = 0
sendto(4, "\2\0\0\0\f\0\0\0\6\0\0\0group\0", 18, MSG_NOSIGNAL, NULL, 0) = 18
poll([{fd=4, events=POLLIN|POLLERR|POLLHUP}], 1, 5000) = 1 ([{fd=4, revents=POLLIN|POLLHUP}])
recvmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="group\0", iov_len=6}, {iov_base="\310O\3\0\0\0\0\0", iov_len=8}], msg_iovlen=2, msg_control=[{cmsg_len=20, cmsg_level=SOL_SOCKET, cmsg_type=SCM_RIGHTS, cmsg_data=[5]}], msg_controllen=20, msg_flags=MSG_CMSG_CLOEXEC}, MSG_CMSG_CLOEXEC) = 14
mmap(NULL, 217032, PROT_READ, MAP_SHARED, 5, 0) = 0x7fea93fa0000
close(5) = 0
close(4) = 0
stat("/bin/bash", {st_mode=S_IFREG|0755, st_size=1183448, ...}) = 0
access("/bin/bash", X_OK) = 0
access("/etc/subuid", F_OK) = 0
access("/etc/subgid", F_OK) = 0
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
connect(4, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = 0
sendto(4, "\2\0\0\0\v\0\0\0\7\0\0\0passwd\0", 19, MSG_NOSIGNAL, NULL, 0) = 19
poll([{fd=4, events=POLLIN|POLLERR|POLLHUP}], 1, 5000) = 1 ([{fd=4, revents=POLLIN|POLLHUP}])
recvmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="passwd\0", iov_len=7}, {iov_base="\310O\3\0\0\0\0\0", iov_len=8}], msg_iovlen=2, msg_control=[{cmsg_len=20, cmsg_level=SOL_SOCKET, cmsg_type=SCM_RIGHTS, cmsg_data=[5]}], msg_controllen=20, msg_flags=MSG_CMSG_CLOEXEC}, MSG_CMSG_CLOEXEC) = 15
mmap(NULL, 217032, PROT_READ, MAP_SHARED, 5, 0) = 0x7fea93f6b000
close(5) = 0
close(4) = 0
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
connect(4, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = 0
sendto(4, "\2\0\0\0\0\0\0\0\7\0\0\0user20\0", 19, MSG_NOSIGNAL, NULL, 0) = 19
poll([{fd=4, events=POLLIN|POLLERR|POLLHUP}], 1, 5000) = 1 ([{fd=4, revents=POLLIN}])
read(4, "\2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\377\377\377\377\377\377\377\377\0\0\0\0\0\0\0\0"..., 36) = 36
close(4) = 0
openat(AT_FDCWD, "/etc/.pwd.lock", O_WRONLY|O_CREAT|O_CLOEXEC, 0600) = 4
rt_sigaction(SIGALRM, {sa_handler=0x7fea9b6565b0, sa_mask=~[], sa_flags=SA_RESTORER, sa_restorer=0x7fea9b574090}, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [ALRM], [], 8) = 0
alarm(15) = 0
fcntl(4, F_SETLKW, {l_type=F_WRLCK, l_whence=SEEK_SET, l_start=0, l_len=0}) = 0
alarm(0) = 15
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
rt_sigaction(SIGALRM, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fea9b574090}, NULL, 8) = 0
getpid() = 49452
openat(AT_FDCWD, "/etc/passwd.49452", O_WRONLY|O_CREAT|O_TRUNC, 0600) = 5
getpid() = 49452
write(5, "49452\0", 6) = 6
close(5) = 0
link("/etc/passwd.49452", "/etc/passwd.lock") = 0
stat("/etc/passwd.49452", {st_mode=S_IFREG|0600, st_size=6, ...}) = 0
unlink("/etc/passwd.49452") = 0
openat(AT_FDCWD, "/etc/passwd", O_RDWR|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW) = 5
fcntl(5, F_GETFL) = 0x28802 (flags O_RDWR|O_NONBLOCK|O_LARGEFILE|O_NOFOLLOW)
fcntl(5, F_SETFD, FD_CLOEXEC) = 0
fstat(5, {st_mode=S_IFREG|0644, st_size=3559, ...}) = 0
read(5, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 3559
read(5, "", 4096) = 0
getpid() = 49452
openat(AT_FDCWD, "/etc/group.49452", O_WRONLY|O_CREAT|O_TRUNC, 0600) = 6
getpid() = 49452
write(6, "49452\0", 6) = 6
close(6) = 0
link("/etc/group.49452", "/etc/group.lock") = 0
stat("/etc/group.49452", {st_mode=S_IFREG|0600, st_size=6, ...}) = 0
unlink("/etc/group.49452") = 0
openat(AT_FDCWD, "/etc/group", O_RDWR|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW) = 6
fcntl(6, F_GETFL) = 0x28802 (flags O_RDWR|O_NONBLOCK|O_LARGEFILE|O_NOFOLLOW)
fcntl(6, F_SETFD, FD_CLOEXEC) = 0
fstat(6, {st_mode=S_IFREG|0644, st_size=1112, ...}) = 0
read(6, "root:x:0:\ndaemon:x:1:\nbin:x:2:\ns"..., 4096) = 1112
read(6, "", 4096) = 0
getpid() = 49452
openat(AT_FDCWD, "/etc/gshadow.49452", O_WRONLY|O_CREAT|O_TRUNC, 0600) = 7
getpid() = 49452
write(7, "49452\0", 6) = 6
close(7) = 0
link("/etc/gshadow.49452", "/etc/gshadow.lock") = 0
stat("/etc/gshadow.49452", {st_mode=S_IFREG|0600, st_size=6, ...}) = 0
unlink("/etc/gshadow.49452") = 0
openat(AT_FDCWD, "/etc/gshadow", O_RDWR|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW) = 7
fcntl(7, F_GETFL) = 0x28802 (flags O_RDWR|O_NONBLOCK|O_LARGEFILE|O_NOFOLLOW)
fcntl(7, F_SETFD, FD_CLOEXEC) = 0
fstat(7, {st_mode=S_IFREG|0640, st_size=914, ...}) = 0
read(7, "root:*::\ndaemon:*::\nbin:*::\nsys:"..., 4096) = 914
read(7, "", 4096) = 0
getpid() = 49452
openat(AT_FDCWD, "/etc/subuid.49452", O_WRONLY|O_CREAT|O_TRUNC, 0600) = 8
getpid() = 49452
write(8, "49452\0", 6) = 6
close(8) = 0
link("/etc/subuid.49452", "/etc/subuid.lock") = 0
stat("/etc/subuid.49452", {st_mode=S_IFREG|0600, st_size=6, ...}) = 0
unlink("/etc/subuid.49452") = 0
openat(AT_FDCWD, "/etc/subuid", O_RDWR|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW) = 8
fcntl(8, F_GETFL) = 0x28802 (flags O_RDWR|O_NONBLOCK|O_LARGEFILE|O_NOFOLLOW)
fcntl(8, F_SETFD, FD_CLOEXEC) = 0
fstat(8, {st_mode=S_IFREG|0644, st_size=254, ...}) = 0
read(8, "ubuntu:100000:65536\nssfuser:1655"..., 4096) = 254
read(8, "", 4096) = 0
getpid() = 49452
openat(AT_FDCWD, "/etc/subgid.49452", O_WRONLY|O_CREAT|O_TRUNC, 0600) = 9
getpid() = 49452
write(9, "49452\0", 6) = 6
close(9) = 0
link("/etc/subgid.49452", "/etc/subgid.lock") = 0
stat("/etc/subgid.49452", {st_mode=S_IFREG|0600, st_size=6, ...}) = 0
unlink("/etc/subgid.49452") = 0
openat(AT_FDCWD, "/etc/subgid", O_RDWR|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW) = 9
fcntl(9, F_GETFL) = 0x28802 (flags O_RDWR|O_NONBLOCK|O_LARGEFILE|O_NOFOLLOW)
fcntl(9, F_SETFD, FD_CLOEXEC) = 0
fstat(9, {st_mode=S_IFREG|0644, st_size=254, ...}) = 0
read(9, "ubuntu:100000:65536\nssfuser:1655"..., 4096) = 254
read(9, "", 4096) = 0
brk(0x5631ba20a000) = 0x5631ba20a000
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 10
connect(10, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = 0
sendto(10, "\2\0\0\0\1\0\0\0\5\0\0\0001013\0", 17, MSG_NOSIGNAL, NULL, 0) = 17
poll([{fd=10, events=POLLIN|POLLERR|POLLHUP}], 1, 5000) = 1 ([{fd=10, revents=POLLIN|POLLHUP}])
read(10, "\2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\377\377\377\377\377\377\377\377\0\0\0\0\0\0\0\0"..., 36) = 36
close(10) = 0
brk(0x5631ba1fb000) = 0x5631ba1fb000
getpid() = 49452
openat(AT_FDCWD, "/etc/shadow.49452", O_WRONLY|O_CREAT|O_TRUNC, 0600) = 10
getpid() = 49452
write(10, "49452\0", 6) = 6
close(10) = 0
link("/etc/shadow.49452", "/etc/shadow.lock") = 0
stat("/etc/shadow.49452", {st_mode=S_IFREG|0600, st_size=6, ...}) = 0
unlink("/etc/shadow.49452") = 0
openat(AT_FDCWD, "/etc/shadow", O_RDWR|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW) = 10
fcntl(10, F_GETFL) = 0x28802 (flags O_RDWR|O_NONBLOCK|O_LARGEFILE|O_NOFOLLOW)
fcntl(10, F_SETFD, FD_CLOEXEC) = 0
fstat(10, {st_mode=S_IFREG|0640, st_size=2309, ...}) = 0
read(10, "root:$6$AluCThYb6CawLX4T$S.fl6J7"..., 4096) = 2309
read(10, "", 4096) = 0
ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
fstat(0, {st_mode=S_IFCHR|0600, st_rdev=makedev(0x88, 0), ...}) = 0
readlink("/proc/self/fd/0", "/dev/pts/0", 4095) = 10
stat("/dev/pts/0", {st_mode=S_IFCHR|0600, st_rdev=makedev(0x88, 0), ...}) = 0
openat(AT_FDCWD, "/etc/localtime", O_RDONLY|O_CLOEXEC) = 11
fstat(11, {st_mode=S_IFREG|0644, st_size=2852, ...}) = 0
fstat(11, {st_mode=S_IFREG|0644, st_size=2852, ...}) = 0
read(11, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\6\0\0\0\6\0\0\0\0"..., 4096) = 2852
lseek(11, -1810, SEEK_CUR) = 1042
read(11, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\6\0\0\0\6\0\0\0\0"..., 4096) = 1810
close(11) = 0
getpid() = 49452
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 11
connect(11, {sa_family=AF_UNIX, sun_path="/dev/log"}, 110) = 0
sendto(11, "<86>Nov 28 19:12:15 useradd[4945"..., 129, MSG_NOSIGNAL, NULL, 0) = 129
access("/var/log/faillog", F_OK) = -1 ENOENT (No such file or directory)
access("/var/log/lastlog", F_OK) = 0
openat(AT_FDCWD, "/var/log/lastlog", O_RDWR) = 12
lseek(12, 295796, SEEK_SET) = 295796
write(12, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 292) = 292
fsync(12) = 0
close(12) = 0
readlink("/proc/self/exe", "/usr/sbin/useradd", 4096) = 17
ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
fstat(0, {st_mode=S_IFCHR|0600, st_rdev=makedev(0x88, 0), ...}) = 0
readlink("/proc/self/fd/0", "/dev/pts/0", 31) = 10
stat("/dev/pts/0", {st_mode=S_IFCHR|0600, st_rdev=makedev(0x88, 0), ...}) = 0
lstat("/dev/pts/0", {st_mode=S_IFCHR|0600, st_rdev=makedev(0x88, 0), ...}) = 0
uname({sysname="Linux", nodename="ip-172-31-63-195", ...}) = 0
sendto(3, {{len=124, type=0x45a /* NLMSG_??? */, flags=NLM_F_REQUEST|NLM_F_ACK, seq=1, pid=0}, "\x6f\x70\x3d\x61\x64\x64\x69\x6e\x67\x20\x75\x73\x65\x72\x20\x69\x64\x3d\x31\x30\x31\x33\x20\x65\x78\x65\x3d\x22\x2f\x75\x73\x72"...}, 124, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 124
poll([{fd=3, events=POLLIN}], 1, 500) = 1 ([{fd=3, revents=POLLIN}])
recvfrom(3, {{len=36, type=NLMSG_ERROR, flags=NLM_F_CAPPED, seq=1, pid=49452}, {error=0, msg={len=124, type=0x45a /* AUDIT_??? */, flags=NLM_F_REQUEST|NLM_F_ACK, seq=1, pid=0}}}, 8988, MSG_PEEK|MSG_DONTWAIT, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, [12]) = 36
recvfrom(3, {{len=36, type=NLMSG_ERROR, flags=NLM_F_CAPPED, seq=1, pid=49452}, {error=0, msg={len=124, type=0x45a /* AUDIT_??? */, flags=NLM_F_REQUEST|NLM_F_ACK, seq=1, pid=0}}}, 8988, MSG_DONTWAIT, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, [12]) = 36
access("/home/user20", F_OK) = -1 ENOENT (No such file or directory)
access("/home", F_OK) = 0
access("/home/user20", F_OK) = -1 ENOENT (No such file or directory)
mkdir("/home/user20", 000) = 0
chown("/home/user20", 0, 0) = 0
chmod("/home/user20", 0755) = 0
chown("/home/user20", 1013, 900) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7fea9b3a8550) = 49453
wait4(49453, [{WIFEXITED(s) && WEXITSTATUS(s) == 42}], 0, NULL) = 49453
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=49453, si_uid=0, si_status=42, si_utime=0, si_stime=0} ---
chown("/home/user20", 1013, 900) = 0
chmod("/home/user20", 0700) = 0
ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
fstat(0, {st_mode=S_IFCHR|0600, st_rdev=makedev(0x88, 0), ...}) = 0
readlink("/proc/self/fd/0", "/dev/pts/0", 31) = 10
stat("/dev/pts/0", {st_mode=S_IFCHR|0600, st_rdev=makedev(0x88, 0), ...}) = 0
lstat("/dev/pts/0", {st_mode=S_IFCHR|0600, st_rdev=makedev(0x88, 0), ...}) = 0
sendto(3, {{len=136, type=0x45a /* AUDIT_??? */, flags=NLM_F_REQUEST|NLM_F_ACK, seq=2, pid=0}, "\x6f\x70\x3d\x61\x64\x64\x69\x6e\x67\x20\x68\x6f\x6d\x65\x20\x64\x69\x72\x65\x63\x74\x6f\x72\x79\x20\x69\x64\x3d\x31\x30\x31\x33"...}, 136, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 136
poll([{fd=3, events=POLLIN}], 1, 500) = 1 ([{fd=3, revents=POLLIN}])
recvfrom(3, {{len=36, type=NLMSG_ERROR, flags=NLM_F_CAPPED, seq=2, pid=49452}, {error=0, msg={len=136, type=0x45a /* AUDIT_??? */, flags=NLM_F_REQUEST|NLM_F_ACK, seq=2, pid=0}}}, 8988, MSG_PEEK|MSG_DONTWAIT, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, [12]) = 36
recvfrom(3, {{len=36, type=NLMSG_ERROR, flags=NLM_F_CAPPED, seq=2, pid=49452}, {error=0, msg={len=136, type=0x45a /* AUDIT_??? */, flags=NLM_F_REQUEST|NLM_F_ACK, seq=2, pid=0}}}, 8988, MSG_DONTWAIT, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, [12]) = 36
openat(AT_FDCWD, "/etc/skel", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|O_DIRECTORY) = 12
openat(AT_FDCWD, "/home/user20", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|O_DIRECTORY) = 13
fstat(12, {st_mode=S_IFDIR|0777, st_size=4096, ...}) = 0
fcntl(12, F_GETFL) = 0x38000 (flags O_RDONLY|O_LARGEFILE|O_NOFOLLOW|O_DIRECTORY)
fcntl(12, F_SETFD, FD_CLOEXEC) = 0
getdents64(12, /* 13 entries */, 32768) = 408
newfstatat(12, "WinAte", {st_mode=S_IFDIR|0777, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
mkdirat(13, "WinAte", 0700) = 0
fchownat(13, "WinAte", 1013, 900, AT_SYMLINK_NOFOLLOW) = 0
close(12) = 0
close(13) = 0
fstat(5, {st_mode=S_IFREG|0644, st_size=3559, ...}) = 0
fstat(5, {st_mode=S_IFREG|0644, st_size=3559, ...}) = 0
umask(0777) = 077
openat(AT_FDCWD, "/etc/passwd-", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 12
umask(077) = 0777
fchown(12, 0, 0) = 0
fchmod(12, 0644) = 0
lseek(5, 0, SEEK_SET) = 0
read(5, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 3559
fstat(12, {st_mode=S_IFREG|0644, st_size=0, ...}) = 0
read(5, "", 4096) = 0
write(12, "root:x:0:0:root:/root:/bin/bash\n"..., 3559) = 3559
fsync(12) = 0
close(12) = 0
utime("/etc/passwd-", {actime=1669690399 /* 2022-11-28T18:53:19-0800 */, modtime=1669690398 /* 2022-11-28T18:53:18-0800 */}) = 0
close(5) = 0
umask(0777) = 077
openat(AT_FDCWD, "/etc/passwd+", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 5
umask(077) = 0777
fchown(5, 0, 0) = 0
fchmod(5, 0644) = 0
fstat(5, {st_mode=S_IFREG|0644, st_size=0, ...}) = 0
write(5, "root:x:0:0:root:/root:/bin/bash\n"..., 3607) = 3607
fsync(5) = 0
close(5) = 0
lstat("/etc/passwd", {st_mode=S_IFREG|0644, st_size=3559, ...}) = 0
rename("/etc/passwd+", "/etc/passwd") = 0
fstat(10, {st_mode=S_IFREG|0640, st_size=2309, ...}) = 0
fstat(10, {st_mode=S_IFREG|0640, st_size=2309, ...}) = 0
umask(0777) = 077
openat(AT_FDCWD, "/etc/shadow-", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 5
umask(077) = 0777
fchown(5, 0, 42) = 0
fchmod(5, 0640) = 0
lseek(10, 0, SEEK_SET) = 0
read(10, "root:$6$AluCThYb6CawLX4T$S.fl6J7"..., 4096) = 2309
fstat(5, {st_mode=S_IFREG|0640, st_size=0, ...}) = 0
read(10, "", 4096) = 0
write(5, "root:$6$AluCThYb6CawLX4T$S.fl6J7"..., 2309) = 2309
fsync(5) = 0
close(5) = 0
utime("/etc/shadow-", {actime=1669690422 /* 2022-11-28T18:53:42-0800 */, modtime=1669690421 /* 2022-11-28T18:53:41-0800 */}) = 0
close(10) = 0
umask(0777) = 077
openat(AT_FDCWD, "/etc/shadow+", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 5
umask(077) = 0777
fchown(5, 0, 42) = 0
fchmod(5, 0640) = 0
fstat(5, {st_mode=S_IFREG|0640, st_size=0, ...}) = 0
write(5, "root:$6$AluCThYb6CawLX4T$S.fl6J7"..., 2345) = 2345
fsync(5) = 0
close(5) = 0
lstat("/etc/shadow", {st_mode=S_IFREG|0640, st_size=2309, ...}) = 0
rename("/etc/shadow+", "/etc/shadow") = 0
fstat(8, {st_mode=S_IFREG|0644, st_size=254, ...}) = 0
fstat(8, {st_mode=S_IFREG|0644, st_size=254, ...}) = 0
umask(0777) = 077
openat(AT_FDCWD, "/etc/subuid-", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 5
umask(077) = 0777
fchown(5, 0, 0) = 0
fchmod(5, 0644) = 0
lseek(8, 0, SEEK_SET) = 0
read(8, "ubuntu:100000:65536\nssfuser:1655"..., 4096) = 254
fstat(5, {st_mode=S_IFREG|0644, st_size=0, ...}) = 0
read(8, "", 4096) = 0
write(5, "ubuntu:100000:65536\nssfuser:1655"..., 254) = 254
fsync(5) = 0
close(5) = 0
utime("/etc/subuid-", {actime=1669691535 /* 2022-11-28T19:12:15-0800 */, modtime=1669690391 /* 2022-11-28T18:53:11-0800 */}) = 0
close(8) = 0
umask(0777) = 077
openat(AT_FDCWD, "/etc/subuid+", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 5
umask(077) = 0777
fchown(5, 0, 0) = 0
fchmod(5, 0644) = 0
fstat(5, {st_mode=S_IFREG|0644, st_size=0, ...}) = 0
write(5, "ubuntu:100000:65536\nssfuser:1655"..., 274) = 274
fsync(5) = 0
close(5) = 0
lstat("/etc/subuid", {st_mode=S_IFREG|0644, st_size=254, ...}) = 0
rename("/etc/subuid+", "/etc/subuid") = 0
fstat(9, {st_mode=S_IFREG|0644, st_size=254, ...}) = 0
fstat(9, {st_mode=S_IFREG|0644, st_size=254, ...}) = 0
umask(0777) = 077
openat(AT_FDCWD, "/etc/subgid-", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 5
umask(077) = 0777
fchown(5, 0, 0) = 0
fchmod(5, 0644) = 0
lseek(9, 0, SEEK_SET) = 0
read(9, "ubuntu:100000:65536\nssfuser:1655"..., 4096) = 254
fstat(5, {st_mode=S_IFREG|0644, st_size=0, ...}) = 0
read(9, "", 4096) = 0
write(5, "ubuntu:100000:65536\nssfuser:1655"..., 254) = 254
fsync(5) = 0
close(5) = 0
utime("/etc/subgid-", {actime=1669691535 /* 2022-11-28T19:12:15-0800 */, modtime=1669690391 /* 2022-11-28T18:53:11-0800 */}) = 0
close(9) = 0
umask(0777) = 077
openat(AT_FDCWD, "/etc/subgid+", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 5
umask(077) = 0777
fchown(5, 0, 0) = 0
fchmod(5, 0644) = 0
fstat(5, {st_mode=S_IFREG|0644, st_size=0, ...}) = 0
write(5, "ubuntu:100000:65536\nssfuser:1655"..., 274) = 274
fsync(5) = 0
close(5) = 0
lstat("/etc/subgid", {st_mode=S_IFREG|0644, st_size=254, ...}) = 0
rename("/etc/subgid+", "/etc/subgid") = 0
unlink("/etc/shadow.lock") = 0
unlink("/etc/passwd.lock") = 0
close(6) = 0
unlink("/etc/group.lock") = 0
close(7) = 0
unlink("/etc/gshadow.lock") = 0
unlink("/etc/subuid.lock") = 0
unlink("/etc/subgid.lock") = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7fea9b3a8550) = 49454
wait4(49454, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0, NULL) = 49454
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=49454, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7fea9b3a8550) = 49455
wait4(49455, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0, NULL) = 49455
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=49455, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7fea9b3a8550) = 49456
wait4(49456, [{WIFEXITED(s) && WEXITSTATUS(s) == 127}], 0, NULL) = 49456
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=49456, si_uid=0, si_status=127, si_utime=0, si_stime=0} ---
close(4) = 0
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
connect(4, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = 0
sendto(4, "\2\0\0\0\1\0\0\0\5\0\0\0001013\0", 17, MSG_NOSIGNAL, NULL, 0) = 17
poll([{fd=4, events=POLLIN|POLLERR|POLLHUP}], 1, 5000) = 1 ([{fd=4, revents=POLLIN|POLLHUP}])
read(4, "\2\0\0\0\1\0\0\0\7\0\0\0\2\0\0\0\365\3\0\0\204\3\0\0\7\0\0\0\r\0\0\0"..., 36) = 36
read(4, "user20\0x\0User20\0/home/user20\0/bi"..., 39) = 39
close(4) = 0
access("/sbin/pam_tally2", X_OK) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7fea9b3a8550) = 49457
wait4(49457, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0, NULL) = 49457
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=49457, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7fea9b3a8550) = 49458
wait4(49458, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0, NULL) = 49458
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=49458, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7fea9b3a8550) = 49459
wait4(49459, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0, NULL) = 49459
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=49459, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7fea9b3a8550) = 49460
wait4(49460, [{WIFEXITED(s) && WEXITSTATUS(s) == 127}], 0, NULL) = 49460
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=49460, si_uid=0, si_status=127, si_utime=0, si_stime=0} ---
exit_group(0) = ?
+++ exited with 0 +++

CVE References

description: updated
Changed in shadow (Ubuntu):
status: New → Confirmed
Revision history for this message
Camila Camargo de Matos (ccdm94) wrote (last edit ):

Initial analysis seems to indicate that this is happening due to a patch added in the last update which is related to this commit:

https://github.com/shadow-maint/shadow/commit/f3bdb28e57e5e38c1e89347976c7d61a181eec32

Checking the manual for fchmodat in focal, it is possible to see the following:

AT_SYMLINK_NOFOLLOW
       If pathname is a symbolic link, do not dereference it: instead operate on the link itself. This flag is not currently implemented.

The flags seems to not be currently implemented.

No further changes to the code have been made by upstream.

More investigation will be made and the last update will possibly be reverted.

Changed in shadow (Ubuntu):
assignee: nobody → Camila Camargo de Matos (ccdm94)
Revision history for this message
Camila Camargo de Matos (ccdm94) wrote (last edit ):

Further investigation made by the security team has identified that focal and lower are affected because glibc in these versions does not include the following commit:

https://sourceware.org/git/?p=glibc.git;a=commit;h=752dd17443e55a4535cb9e6baa4e550ede383540.

Therefore, jammy and kinetic, which have also been updated, do not have this problem.

Focal, bionic, xenial and trusty, however, do, and therefore, the updates will be reverted in order to remove the regression.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package shadow - 1:4.5-1ubuntu2.5

---------------
shadow (1:4.5-1ubuntu2.5) bionic-security; urgency=medium

  * SECURITY REGRESSION: useradd command does not copy all of /etc/skel
    (LP: #1998169)
    - debian/patches/CVE-2013-4235-pre1.patch: removed
    - debian/patches/CVE-2013-4235-pre2.patch: removed
    - debian/patches/CVE-2013-4235-1.patch: removed
    - debian/patches/CVE-2013-4235-2.patch: removed
    - debian/patches/CVE-2013-4235-3.patch: removed
    - debian/patches/CVE-2013-4235-4.patch: removed
    - debian/patches/CVE-2013-4235-5.patch: removed
    - debian/patches/CVE-2013-4235-6.patch: removed
    - debian/patches/CVE-2013-4235-7.patch: removed
    - debian/patches/CVE-2013-4235-post1.patch: removed
    - debian/patches/CVE-2013-4235-post2.patch: removed
    - debian/patches/CVE-2013-4235-post3.patch: removed

 -- Camila Camargo de Matos <email address hidden> Tue, 29 Nov 2022 09:25:19 -0300

Changed in shadow (Ubuntu):
status: Confirmed → Fix Released
Changed in shadow (Ubuntu):
status: Fix Released → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package shadow - 1:4.8.1-1ubuntu5.20.04.4

---------------
shadow (1:4.8.1-1ubuntu5.20.04.4) focal-security; urgency=medium

  * SECURITY REGRESSION: useradd command does not copy all of /etc/skel
    (LP: #1998169)
    - debian/patches/CVE-2013-4235-pre1.patch: removed
    - debian/patches/CVE-2013-4235-pre2.patch: removed
    - debian/patches/CVE-2013-4235-1.patch: removed
    - debian/patches/CVE-2013-4235-2.patch: removed
    - debian/patches/CVE-2013-4235-3.patch: removed
    - debian/patches/CVE-2013-4235-4.patch: removed
    - debian/patches/CVE-2013-4235-5.patch: removed
    - debian/patches/CVE-2013-4235-6.patch: removed
    - debian/patches/CVE-2013-4235-7.patch: removed
    - debian/patches/CVE-2013-4235-post1.patch: removed
    - debian/patches/CVE-2013-4235-post2.patch: removed
    - debian/patches/CVE-2013-4235-post3.patch: removed

 -- Camila Camargo de Matos <email address hidden> Tue, 29 Nov 2022 08:53:10 -0300

Changed in shadow (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.