File prevent-possible-exceptions-on-salt.utils.user.get_g.patch of Package salt

From 4ea91a61abbb6ef001f057685370454c85b72c3a Mon Sep 17 00:00:00 2001
From: Victor Zhestkov <vzhestkov@suse.com>
Date: Mon, 21 Aug 2023 13:04:32 +0200
Subject: [PATCH] Prevent possible exceptions on
 salt.utils.user.get_group_dict (bsc#1212794)

* Prevent KeyError on calling grp.getgrnam in case of improper group

* Add test of calling salt.utils.user.get_group_dict

for the user having improper duplicate group

* Update tests/pytests/functional/utils/user/test_get_group_dict.py

Co-authored-by: Pedro Algarvio <pedro@algarvio.me>

---------

Co-authored-by: Pedro Algarvio <pedro@algarvio.me>
---
 salt/utils/user.py                              |  6 +++++-
 .../utils/user/test_get_group_dict.py           | 17 +++++++++++++++++
 2 files changed, 22 insertions(+), 1 deletion(-)
 create mode 100644 tests/pytests/functional/utils/user/test_get_group_dict.py

diff --git a/salt/utils/user.py b/salt/utils/user.py
index 9763667443..2f1ca65cf9 100644
--- a/salt/utils/user.py
+++ b/salt/utils/user.py
@@ -352,7 +352,11 @@ def get_group_dict(user=None, include_default=True):
     group_dict = {}
     group_names = get_group_list(user, include_default=include_default)
     for group in group_names:
-        group_dict.update({group: grp.getgrnam(group).gr_gid})
+        try:
+            group_dict.update({group: grp.getgrnam(group).gr_gid})
+        except KeyError:
+            # In case if imporer duplicate group was returned by get_group_list
+            pass
     return group_dict
 
 
diff --git a/tests/pytests/functional/utils/user/test_get_group_dict.py b/tests/pytests/functional/utils/user/test_get_group_dict.py
new file mode 100644
index 0000000000..653d664607
--- /dev/null
+++ b/tests/pytests/functional/utils/user/test_get_group_dict.py
@@ -0,0 +1,17 @@
+import logging
+
+import pytest
+
+import salt.utils.platform
+import salt.utils.user
+from tests.support.mock import patch
+
+log = logging.getLogger(__name__)
+
+pytestmark = [
+    pytest.mark.skip_unless_on_linux(reason="Should only run in platforms which have duplicate GID support"),
+]
+def test_get_group_dict_with_improper_duplicate_root_group():
+    with patch("salt.utils.user.get_group_list", return_value=["+", "root"]):
+        group_list = salt.utils.user.get_group_dict("root")
+        assert group_list == {"root": 0}
-- 
2.41.0

openSUSE Build Service is sponsored by