When passwd or group information is changed (by pw, vipw, chpass, ...)
temporary file is created and then a rename() call move it to official file.
This operation didn't have any check to make sure data was written to disk
and if a power cycle happens system could end up with a 0 length passwd
or group database.

There is a pfSense bug with more infor about it:

https://redmine.pfsense.org/issues/4523

The following changes were made to protect passwd and group operations:

• lib/libutil/gr_util.c:
  • Replace mkstemp() by mkostemp() with O_SYNC flag to create temp file
  • After rename(), fsync() call on directory for faster result

• lib/libutil/pw_util.c
  • Replace mkstemp() by mkostemp() with O_SYNC flag to create temp file

• usr.sbin/pwd_mkdb/pwd_mkdb.c
  • Added O_SYNC flag on dbopen() calls
  • After rename(), fsync() call on directory for faster result

• lib/libutil/pw_util.3
  • pw_lock() returns a file descriptor to master password file on success

Differential Revision: https://reviews.freebsd.org/D2978
Approved by: bapt
Sponsored by: Netgate