From 4ea91a61abbb6ef001f057685370454c85b72c3a Mon Sep 17 00:00:00 2001 From: Victor Zhestkov Date: Mon, 21 Aug 2023 13:04:32 +0200 Subject: [PATCH] Prevent possible exceptions on salt.utils.user.get_group_dict (bsc#1212794) * Prevent KeyError on calling grp.getgrnam in case of improper group * Add test of calling salt.utils.user.get_group_dict for the user having improper duplicate group * Update tests/pytests/functional/utils/user/test_get_group_dict.py Co-authored-by: Pedro Algarvio --------- Co-authored-by: Pedro Algarvio --- salt/utils/user.py | 6 +++++- .../utils/user/test_get_group_dict.py | 17 +++++++++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) create mode 100644 tests/pytests/functional/utils/user/test_get_group_dict.py diff --git a/salt/utils/user.py b/salt/utils/user.py index 9763667443..2f1ca65cf9 100644 --- a/salt/utils/user.py +++ b/salt/utils/user.py @@ -352,7 +352,11 @@ def get_group_dict(user=None, include_default=True): group_dict = {} group_names = get_group_list(user, include_default=include_default) for group in group_names: - group_dict.update({group: grp.getgrnam(group).gr_gid}) + try: + group_dict.update({group: grp.getgrnam(group).gr_gid}) + except KeyError: + # In case if imporer duplicate group was returned by get_group_list + pass return group_dict diff --git a/tests/pytests/functional/utils/user/test_get_group_dict.py b/tests/pytests/functional/utils/user/test_get_group_dict.py new file mode 100644 index 0000000000..653d664607 --- /dev/null +++ b/tests/pytests/functional/utils/user/test_get_group_dict.py @@ -0,0 +1,17 @@ +import logging + +import pytest + +import salt.utils.platform +import salt.utils.user +from tests.support.mock import patch + +log = logging.getLogger(__name__) + +pytestmark = [ + pytest.mark.skip_unless_on_linux(reason="Should only run in platforms which have duplicate GID support"), +] +def test_get_group_dict_with_improper_duplicate_root_group(): + with patch("salt.utils.user.get_group_list", return_value=["+", "root"]): + group_list = salt.utils.user.get_group_dict("root") + assert group_list == {"root": 0} -- 2.41.0