When removing a user with userdel, userdel always exits 1 even if the user was removed. It produces no output and according to the man page exiting one means it can not modify the passwd file. It does however modify the passwd file fine. This is with: sys-apps/shadow-4.0.4.1-r3 -debug -nls +pam -(selinux) -(uclibc) Reproducible: Always Steps to Reproduce: 1. useradd foo 2. userdel foo 3. echo $? Actual Results: 1 Expected Results: 0 sbeck ~ # emerge info Portage 2.0.50-r11 (default-x86-1.4, gcc-3.3.4, glibc-2.3.4.20040808-r0, 2.6.9-rc1) ================================================================= System uname: 2.6.9-rc1 i686 AMD Athlon(tm) XP 1800+ Gentoo Base System version 1.5.3 distcc 2.14 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] Autoconf: sys-devel/autoconf-2.59-r4 Automake: sys-devel/automake-1.8.5-r1 ACCEPT_KEYWORDS="x86 ~x86" AUTOCLEAN="yes" CFLAGS="-march=athlon-xp -O3 -mmmx -msse -m3dnow -mfpmath=sse -pipe -fomit-frame-pointer -fforce-addr -funroll-loops -frerun-loop-opt" CHOST="i686-pc-linux-gnu" COMPILER="" CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3.2/share/config /usr/kde/3/share/config /usr/local/Y/etc /usr/share/config /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-march=athlon-xp -O3 -mmmx -msse -m3dnow -mfpmath=sse -pipe -fomit-frame-pointer -fforce-addr -funroll-loops -frerun-loop-opt" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs ccache sandbox" GENTOO_MIRRORS="http://gentoo.osuosl.org http://distro.ibiblio.org/pub/Linux/distributions/gentoo" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://backup/gentoo-portage" USE="3dfx 3dnow X Xaw3d aalib alsa apache2 avi berkdb bitmap-fonts bonobo cdr crypt cups dga directfb dvd encode esd foomaticdb gdbm gif gnome2 gpm gtk gtk2 gtkhtml guile imap imlib java jpeg ldap libg++ libwww mad mikmod mmx mozilla moznoirc moznomail mpeg mpeg4 mysql ncurses nocardbus oggvorbis opengl pam pdflib perl pic png postgres python readline samba sdl spell sse ssl svga tcltk tcpd tiff truetype x86 xml2 xmms xprint xv zlib"
This comes down to what appears to be a bug in userdel.c when PAM is enabled. In some places where a PAM error occurs, the code looks roughly like: if (retval != PAM_SUCCESS) { fprintf (stderr, _("%s: some error message\n"), Prog); exit (1); } However, the PAM-specific code at line 813 appears to have a rather obvious bug: if (retval != PAM_SUCCESS) fprintf (stderr, _("%s: PAM chauthtok failed\n"), Prog); exit (1); if (retval == PAM_SUCCESS) pam_end (pamh, PAM_SUCCESS); It would certainly appear that the bug lies in the lack of { } around the first if statement - the exit (1) should only happen if retval != PAM_SUCCESS, but as is currently present, exit (1) *always* happens.
Created attachment 41322 [details, diff] Patch to fix exit status when using PAM This patch fixes the problem; the following should be added to the shadow ebuild: # userdel has a bug when PAM is enabled that causes it to always exit with # exit status 1 when successful. This should close bug #66687. use pam && epatch ${FILESDIR}/${P}-userdel-pam-exit-status.patch
sys-apps/shadow-4.0.4.1-r4 now in portage, thanks for the patch :) also tried mailing it to the current maintainer and the shadow list since the cvs version still contains this bug