Account: Don't delete home dir if user is not owner

Mark DeleteInstance of LMI_Account as deprecated.
Delete home dir of user only if the user is owner of that directory.

Bugzilla: #999410

Signed-off-by: Roman Rakus <rrakus@redhat.com>

1 files changed, 20 insertions, 3 deletions

diff --git a/src/account/LMI_AccountProvider.c b/src/account/LMI_AccountProvider.c
index 9727923..6ef0578 100644
--- a/src/account/LMI_AccountProvider.c
+++ b/src/account/LMI_AccountProvider.c
@@ -23,6 +23,9 @@
 
 #include <time.h>
 #include <stdbool.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
 
 #include <utmp.h>
 
@@ -442,6 +445,9 @@ static CMPIStatus LMI_AccountModifyInstance(
     CMReturn(CMPI_RC_OK);
 }
 
+/*
+ * DEPRECATED
+ */
 static CMPIStatus LMI_AccountDeleteInstance(
     CMPIInstanceMI* mi,
     const CMPIContext* cc,
@@ -476,12 +482,23 @@ static CMPIStatus LMI_AccountDeleteInstance(
 
     home = aux_lu_get_str(lue, LU_HOMEDIRECTORY);
     /* Be really safe here, it can delete ANY directory */
-    if (!lu_homedir_remove(home, &error)) {
+    /* Delete home dir only if the directory is owned by the user */
+    struct stat buf;
+    if (stat(home, &buf)) {
         lu_ent_free(lue);
         lu_end(luc);
         KReturn2(_cb, ERR_FAILED,
-          "User's homedir %s could not be deleted: %s\n", home,
-          lu_strerror(error));
+                 "User's homedir %s could not be deleted: %s\n", home,
+                 strerror(errno));
+    }
+    if (buf.st_uid == aux_lu_get_long(lue, LU_UIDNUMBER)) {
+        if (!lu_homedir_remove(home, &error)) {
+            lu_ent_free(lue);
+            lu_end(luc);
+            KReturn2(_cb, ERR_FAILED,
+                "User's homedir %s could not be deleted: %s\n", home,
+                lu_strerror(error));
+        }
     }
 
     if (!lu_user_delete(luc, lue, &error))