summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChen Qi <qi.chen@windriver.com>2013-11-16 15:27:47 +0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2013-12-14 09:16:37 +0000
commit7b58b5feaa22c82e997165fc130c8545f5b1a129 (patch)
treebe256a23de45107d854045e7e427fd30007fe5f2
parent1034518fa73b742e81f2dc594bb9617b07763a6c (diff)
downloadpoky-7b58b5feaa22c82e997165fc130c8545f5b1a129.tar.gz
shadow-native: allow for setting password in clear text
Allow user to set password in clear text. This is convenient when we're building out an image. This feature is mainly used by useradd.bbclass and extrausers.bbclass. This patch adds a new option '-P' to useradd, usermod, groupadd and groupmod commands provided by shadow-native. The shadow package on target and in SDK will not be affected. [YOCTO #5365] (From OE-Core rev: 31dee7946340bf0f1e94e4e714191d3d6ca3bf6a) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch208
-rw-r--r--meta/recipes-extended/shadow/shadow.inc1
2 files changed, 209 insertions, 0 deletions
diff --git a/meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch b/meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch
new file mode 100644
index 0000000000..eafb935a3a
--- /dev/null
+++ b/meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch
@@ -0,0 +1,208 @@
1Upstream-Status: Inappropriate [OE specific]
2
3Allow for setting password in clear text.
4
5Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
6
7---
8 src/Makefile.am | 8 ++++----
9 src/groupadd.c | 8 +++++++-
10 src/groupmod.c | 9 ++++++++-
11 src/useradd.c | 9 +++++++--
12 src/usermod.c | 10 ++++++++--
13 5 files changed, 34 insertions(+), 10 deletions(-)
14
15diff --git a/src/Makefile.am b/src/Makefile.am
16index 6a3b4c5..1ffdbc6 100644
17--- a/src/Makefile.am
18+++ b/src/Makefile.am
19@@ -76,10 +76,10 @@ chgpasswd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBSELINUX) $(LIBCRYPT)
20 chsh_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD)
21 chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT)
22 gpasswd_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT)
23-groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
24+groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT)
25 groupdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
26 groupmems_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX)
27-groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
28+groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT)
29 grpck_LDADD = $(LDADD) $(LIBSELINUX)
30 grpconv_LDADD = $(LDADD) $(LIBSELINUX)
31 grpunconv_LDADD = $(LDADD) $(LIBSELINUX)
32@@ -99,9 +99,9 @@ su_SOURCES = \
33 suauth.c
34 su_LDADD = $(LDADD) $(LIBPAM) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD)
35 sulogin_LDADD = $(LDADD) $(LIBCRYPT)
36-useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
37+useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT)
38 userdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
39-usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
40+usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT)
41 vipw_LDADD = $(LDADD) $(LIBSELINUX)
42
43 install-am: all-am
44diff --git a/src/groupadd.c b/src/groupadd.c
45index 66b38de..3157486 100644
46--- a/src/groupadd.c
47+++ b/src/groupadd.c
48@@ -124,6 +124,7 @@ static void usage (void)
49 (void) fputs (_(" -o, --non-unique allow to create groups with duplicate\n"
50 " (non-unique) GID\n"), stderr);
51 (void) fputs (_(" -p, --password PASSWORD use this encrypted password for the new group\n"), stderr);
52+ (void) fputs (_(" -P, --clear-password PASSWORD use this clear text password for the new group\n"), stderr);
53 (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), stderr);
54 (void) fputs (_(" -r, --system create a system account\n"), stderr);
55 (void) fputs ("\n", stderr);
56@@ -388,13 +389,14 @@ static void process_flags (int argc, char **argv)
57 {"key", required_argument, NULL, 'K'},
58 {"non-unique", no_argument, NULL, 'o'},
59 {"password", required_argument, NULL, 'p'},
60+ {"clear-password", required_argument, NULL, 'P'},
61 {"root", required_argument, NULL, 'R'},
62 {"system", no_argument, NULL, 'r'},
63 {NULL, 0, NULL, '\0'}
64 };
65
66 while ((c =
67- getopt_long (argc, argv, "fg:hK:op:R:r", long_options,
68+ getopt_long (argc, argv, "fg:hK:op:P:R:r", long_options,
69 &option_index)) != -1) {
70 switch (c) {
71 case 'f':
72@@ -446,6 +448,10 @@ static void process_flags (int argc, char **argv)
73 pflg = true;
74 group_passwd = optarg;
75 break;
76+ case 'P':
77+ pflg = true;
78+ group_passwd = pw_encrypt (optarg, crypt_make_salt (NULL, NULL));
79+ break;
80 case 'R':
81 if ('/' != optarg[0]) {
82 fprintf (stderr,
83diff --git a/src/groupmod.c b/src/groupmod.c
84index 27eb159..17acbc3 100644
85--- a/src/groupmod.c
86+++ b/src/groupmod.c
87@@ -127,6 +127,8 @@ static void usage (void)
88 (void) fputs (_(" -o, --non-unique allow to use a duplicate (non-unique) GID\n"), stderr);
89 (void) fputs (_(" -p, --password PASSWORD change the password to this (encrypted)\n"
90 " PASSWORD\n"), stderr);
91+ (void) fputs (_(" -P, --clear-password PASSWORD change the password to this (clear text)\n"
92+ " PASSWORD\n"), stderr);
93 (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), stderr);
94 (void) fputs ("\n", stderr);
95 exit (E_USAGE);
96@@ -348,11 +350,12 @@ static void process_flags (int argc, char **argv)
97 {"new-name", required_argument, NULL, 'n'},
98 {"non-unique", no_argument, NULL, 'o'},
99 {"password", required_argument, NULL, 'p'},
100+ {"clear-password", required_argument, NULL, 'P'},
101 {"root", required_argument, NULL, 'R'},
102 {NULL, 0, NULL, '\0'}
103 };
104 while ((c =
105- getopt_long (argc, argv, "g:hn:op:R:",
106+ getopt_long (argc, argv, "g:hn:op:P:R:",
107 long_options, &option_index)) != -1) {
108 switch (c) {
109 case 'g':
110@@ -376,6 +379,10 @@ static void process_flags (int argc, char **argv)
111 group_passwd = optarg;
112 pflg = true;
113 break;
114+ case 'P':
115+ group_passwd = pw_encrypt (optarg, crypt_make_salt (NULL, NULL));
116+ pflg = true;
117+ break;
118 case 'R':
119 if ('/' != optarg[0]) {
120 fprintf (stderr,
121diff --git a/src/useradd.c b/src/useradd.c
122index 2102630..390909c 100644
123--- a/src/useradd.c
124+++ b/src/useradd.c
125@@ -716,6 +716,7 @@ static void usage (void)
126 (void) fputs (_(" -o, --non-unique allow to create users with duplicate\n"
127 " (non-unique) UID\n"), stderr);
128 (void) fputs (_(" -p, --password PASSWORD encrypted password of the new account\n"), stderr);
129+ (void) fputs (_(" -P, --clear-password PASSWORD clear text password of the new account\n"), stderr);
130 (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), stderr);
131 (void) fputs (_(" -r, --system create a system account\n"), stderr);
132 (void) fputs (_(" -s, --shell SHELL login shell of the new account\n"), stderr);
133@@ -1035,6 +1036,7 @@ static void process_flags (int argc, char **argv)
134 {"no-user-group", no_argument, NULL, 'N'},
135 {"non-unique", no_argument, NULL, 'o'},
136 {"password", required_argument, NULL, 'p'},
137+ {"clear-password", required_argument, NULL, 'P'},
138 {"root", required_argument, NULL, 'R'},
139 {"system", no_argument, NULL, 'r'},
140 {"shell", required_argument, NULL, 's'},
141@@ -1047,9 +1049,9 @@ static void process_flags (int argc, char **argv)
142 };
143 while ((c = getopt_long (argc, argv,
144 #ifdef WITH_SELINUX
145- "b:c:d:De:f:g:G:k:K:lmMNop:R:rs:u:UZ:",
146+ "b:c:d:De:f:g:G:k:K:lmMNop:P:R:rs:u:UZ:",
147 #else
148- "b:c:d:De:f:g:G:k:K:lmMNop:R:rs:u:U",
149+ "b:c:d:De:f:g:G:k:K:lmMNop:P:R:rs:u:U",
150 #endif
151 long_options, NULL)) != -1) {
152 switch (c) {
153@@ -1214,6 +1216,9 @@ static void process_flags (int argc, char **argv)
154 }
155 user_pass = optarg;
156 break;
157+ case 'P': /* set clear text password */
158+ user_pass = pw_encrypt (optarg, crypt_make_salt (NULL, NULL));
159+ break;
160 case 'R':
161 /* no-op since we handled this in process_root_flag() earlier */
162 break;
163diff --git a/src/usermod.c b/src/usermod.c
164index 8363597..f4c1cee 100644
165--- a/src/usermod.c
166+++ b/src/usermod.c
167@@ -325,6 +325,7 @@ static void usage (void)
168 " new location (use only with -d)\n"
169 " -o, --non-unique allow using duplicate (non-unique) UID\n"
170 " -p, --password PASSWORD use encrypted password for the new password\n"
171+ " -P, --clear-password PASSWORD use clear text password for the new password\n"
172 " -R --root CHROOT_DIR directory to chroot into\n"
173 " -s, --shell SHELL new login shell for the user account\n"
174 " -u, --uid UID new UID for the user account\n"
175@@ -950,6 +951,7 @@ static void process_flags (int argc, char **argv)
176 {"move-home", no_argument, NULL, 'm'},
177 {"non-unique", no_argument, NULL, 'o'},
178 {"password", required_argument, NULL, 'p'},
179+ {"clear-password", required_argument, NULL, 'P'},
180 {"root", required_argument, NULL, 'R'},
181 #ifdef WITH_SELINUX
182 {"selinux-user", required_argument, NULL, 'Z'},
183@@ -961,9 +963,9 @@ static void process_flags (int argc, char **argv)
184 };
185 while ((c = getopt_long (argc, argv,
186 #ifdef WITH_SELINUX
187- "ac:d:e:f:g:G:hl:Lmop:R:s:u:UZ:",
188+ "ac:d:e:f:g:G:hl:Lmop:P:R:s:u:UZ:",
189 #else
190- "ac:d:e:f:g:G:hl:Lmop:R:s:u:U",
191+ "ac:d:e:f:g:G:hl:Lmop:P:R:s:u:U",
192 #endif
193 long_options, NULL)) != -1) {
194 switch (c) {
195@@ -1055,6 +1057,10 @@ static void process_flags (int argc, char **argv)
196 user_pass = optarg;
197 pflg = true;
198 break;
199+ case 'P':
200+ user_pass = pw_encrypt (optarg, crypt_make_salt (NULL, NULL));
201+ pflg = true;
202+ break;
203 case 'R':
204 /* no-op since we handled this in process_root_flag() earlier */
205 break;
206--
2071.7.9.5
208
diff --git a/meta/recipes-extended/shadow/shadow.inc b/meta/recipes-extended/shadow/shadow.inc
index 048709edd2..c5534eefec 100644
--- a/meta/recipes-extended/shadow/shadow.inc
+++ b/meta/recipes-extended/shadow/shadow.inc
@@ -32,6 +32,7 @@ SRC_URI_append_class-native = " \
32 file://disable-syslog.patch \ 32 file://disable-syslog.patch \
33 file://useradd.patch \ 33 file://useradd.patch \
34 file://add_root_cmd_groupmems.patch \ 34 file://add_root_cmd_groupmems.patch \
35 file://allow-for-setting-password-in-clear-text.patch \
35 " 36 "
36SRC_URI_append_class-nativesdk = " \ 37SRC_URI_append_class-nativesdk = " \
37 file://add_root_cmd_options.patch \ 38 file://add_root_cmd_options.patch \