userdel: Use Core::Account::sync() to interact with sensitive files

2025-05-14 09:14:58 +00:00 · 2022-12-07 00:51:11 +01:00 · 2022-12-07 00:51:11 +01:00 · ebe925b7c0
commit ebe925b7c0
parent 945d2079b4
1 changed files with 2 additions and 98 deletions
--- a/Userland/Utilities/userdel.cpp
+++ b/Userland/Utilities/userdel.cpp
@ -6,18 +6,11 @@
 */

 #include <AK/DeprecatedString.h>
-#include <AK/ScopeGuard.h>
 #include <LibCore/Account.h>
 #include <LibCore/ArgsParser.h>
 #include <LibCore/File.h>
 #include <LibCore/System.h>
 #include <LibMain/Main.h>
-#include <pwd.h>
-#include <shadow.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/stat.h>
 #include <unistd.h>

 ErrorOr<int> serenity_main(Main::Arguments arguments)
@ -47,97 +40,8 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)

    TRY(Core::System::unveil(nullptr, nullptr));

-    char temp_passwd[] = "/etc/passwd.XXXXXX";
-    char temp_shadow[] = "/etc/shadow.XXXXXX";
-
-    auto unlink_temp_files = [&] {
-        if (unlink(temp_passwd) < 0)
-            perror("unlink");
-        if (unlink(temp_shadow) < 0)
-            perror("unlink");
-    };
-
-    ArmedScopeGuard unlink_temp_files_guard = [&] {
-        unlink_temp_files();
-    };
-
-    auto temp_passwd_fd = mkstemp(temp_passwd);
-    if (temp_passwd_fd == -1) {
-        perror("failed to create temporary passwd file");
-        return 1;
-    }
-
-    auto temp_shadow_fd = mkstemp(temp_shadow);
-    if (temp_shadow_fd == -1) {
-        perror("failed to create temporary shadow file");
-        return 1;
-    }
-
-    FILE* temp_passwd_file = fdopen(temp_passwd_fd, "w");
-    if (!temp_passwd_file) {
-        perror("fdopen");
-        return 1;
-    }
-
-    FILE* temp_shadow_file = fdopen(temp_shadow_fd, "w");
-    if (!temp_shadow_file) {
-        perror("fdopen");
-        return 1;
-    }
-
-    setpwent();
-    for (auto* pw = getpwent(); pw; pw = getpwent()) {
-        if (strcmp(pw->pw_name, target_account.username().characters())) {
-            if (putpwent(pw, temp_passwd_file) != 0) {
-                perror("failed to put an entry in the temporary passwd file");
-                return 1;
-            }
-        }
-    }
-    endpwent();
-
-    setspent();
-    for (auto* spwd = getspent(); spwd; spwd = getspent()) {
-        if (strcmp(spwd->sp_namp, target_account.username().characters())) {
-            if (putspent(spwd, temp_shadow_file) != 0) {
-                perror("failed to put an entry in the temporary shadow file");
-                return 1;
-            }
-        }
-    }
-    endspent();
-
-    if (fclose(temp_passwd_file)) {
-        perror("fclose");
-        return 1;
-    }
-
-    if (fclose(temp_shadow_file)) {
-        perror("fclose");
-        return 1;
-    }
-
-    if (chmod(temp_passwd, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH)) {
-        perror("chmod");
-        return 1;
-    }
-
-    if (chmod(temp_shadow, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH)) {
-        perror("chmod");
-        return 1;
-    }
-
-    if (rename(temp_passwd, "/etc/passwd") < 0) {
-        perror("failed to rename the temporary passwd file");
-        return 1;
-    }
-
-    if (rename(temp_shadow, "/etc/shadow") < 0) {
-        perror("failed to rename the temporary shadow file");
-        return 1;
-    }
-
-    unlink_temp_files_guard.disarm();
+    target_account.set_deleted();
+    TRY(target_account.sync());

    if (remove_home) {
        if (access(target_account.home_directory().characters(), F_OK) == -1)