summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMark Asselstine <mark.asselstine@windriver.com>2016-04-08 17:46:27 -0400
committerRichard Purdie <richard.purdie@linuxfoundation.org>2016-04-09 23:00:45 +0100
commit9fe3d01f27445652c3020413d66a5cdeb3c3259c (patch)
tree59ff2224eaf90e580325f195415f0992bafe4e5f
parentfb8e5f903ce341eec1929bf315fa8e3752a4e3a5 (diff)
downloadpoky-9fe3d01f27445652c3020413d66a5cdeb3c3259c.tar.gz
useradd_base.bbclass: prevent variable expansion in $opts
Many user/group operations will involve hashes which will include '$' followed by a number or even possibly an env. variable name. Passing $opts to flock requires that we take additional precautions to prevent the unexpected expansion of these instances. This was found by an image which used usermod operations to set the password hash for root. The image could not be logged-in to and examining /etc/shadow clearly showed that $0 and other $* variables had been expanded unexpectedly. This change returnes the behavior to what existed prior to commit 2ebf697b46c42cee8bfa6d2e6087397f8cce385c [useradd_base.bbclass: replace retry logic with flock]. (From OE-Core rev: d80065642c5a1c95a298b235a8d575460147ede1) Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/classes/useradd_base.bbclass14
1 files changed, 7 insertions, 7 deletions
diff --git a/meta/classes/useradd_base.bbclass b/meta/classes/useradd_base.bbclass
index 9b8f5c2207..e7081d98f0 100644
--- a/meta/classes/useradd_base.bbclass
+++ b/meta/classes/useradd_base.bbclass
@@ -18,7 +18,7 @@ perform_groupadd () {
18 local group_exists="`grep "^$groupname:" $rootdir/etc/group || true`" 18 local group_exists="`grep "^$groupname:" $rootdir/etc/group || true`"
19 if test "x$group_exists" = "x"; then 19 if test "x$group_exists" = "x"; then
20 opts=`echo $opts | sed s/\'/\"/g` 20 opts=`echo $opts | sed s/\'/\"/g`
21 eval flock -x -w 100 $rootdir${sysconfdir} -c \'$PSEUDO groupadd $opts\' || true 21 eval flock -x -w 100 $rootdir${sysconfdir} -c \"$PSEUDO groupadd \$opts\" || true
22 group_exists="`grep "^$groupname:" $rootdir/etc/group || true`" 22 group_exists="`grep "^$groupname:" $rootdir/etc/group || true`"
23 if test "x$group_exists" = "x"; then 23 if test "x$group_exists" = "x"; then
24 bbfatal "${PN}: groupadd command did not succeed." 24 bbfatal "${PN}: groupadd command did not succeed."
@@ -36,7 +36,7 @@ perform_useradd () {
36 local user_exists="`grep "^$username:" $rootdir/etc/passwd || true`" 36 local user_exists="`grep "^$username:" $rootdir/etc/passwd || true`"
37 if test "x$user_exists" = "x"; then 37 if test "x$user_exists" = "x"; then
38 opts=`echo $opts | sed s/\'/\"/g` 38 opts=`echo $opts | sed s/\'/\"/g`
39 eval flock -x -w 100 $rootdir${sysconfdir} -c \'$PSEUDO useradd $opts\' || true 39 eval flock -x -w 100 $rootdir${sysconfdir} -c \"$PSEUDO useradd \$opts\" || true
40 user_exists="`grep "^$username:" $rootdir/etc/passwd || true`" 40 user_exists="`grep "^$username:" $rootdir/etc/passwd || true`"
41 if test "x$user_exists" = "x"; then 41 if test "x$user_exists" = "x"; then
42 bbfatal "${PN}: useradd command did not succeed." 42 bbfatal "${PN}: useradd command did not succeed."
@@ -63,7 +63,7 @@ perform_groupmems () {
63 fi 63 fi
64 local mem_exists="`grep "^$groupname:[^:]*:[^:]*:\([^,]*,\)*$username\(,[^,]*\)*" $rootdir/etc/group || true`" 64 local mem_exists="`grep "^$groupname:[^:]*:[^:]*:\([^,]*,\)*$username\(,[^,]*\)*" $rootdir/etc/group || true`"
65 if test "x$mem_exists" = "x"; then 65 if test "x$mem_exists" = "x"; then
66 eval flock -x -w 100 $rootdir${sysconfdir} -c \'$PSEUDO groupmems $opts\' || true 66 eval flock -x -w 100 $rootdir${sysconfdir} -c \"$PSEUDO groupmems \$opts\" || true
67 mem_exists="`grep "^$groupname:[^:]*:[^:]*:\([^,]*,\)*$username\(,[^,]*\)*" $rootdir/etc/group || true`" 67 mem_exists="`grep "^$groupname:[^:]*:[^:]*:\([^,]*,\)*$username\(,[^,]*\)*" $rootdir/etc/group || true`"
68 if test "x$mem_exists" = "x"; then 68 if test "x$mem_exists" = "x"; then
69 bbfatal "${PN}: groupmems command did not succeed." 69 bbfatal "${PN}: groupmems command did not succeed."
@@ -84,7 +84,7 @@ perform_groupdel () {
84 local groupname=`echo "$opts" | awk '{ print $NF }'` 84 local groupname=`echo "$opts" | awk '{ print $NF }'`
85 local group_exists="`grep "^$groupname:" $rootdir/etc/group || true`" 85 local group_exists="`grep "^$groupname:" $rootdir/etc/group || true`"
86 if test "x$group_exists" != "x"; then 86 if test "x$group_exists" != "x"; then
87 eval flock -x -w 100 $rootdir${sysconfdir} -c \'$PSEUDO groupdel $opts\' || true 87 eval flock -x -w 100 $rootdir${sysconfdir} -c \"$PSEUDO groupdel \$opts\" || true
88 group_exists="`grep "^$groupname:" $rootdir/etc/group || true`" 88 group_exists="`grep "^$groupname:" $rootdir/etc/group || true`"
89 if test "x$group_exists" != "x"; then 89 if test "x$group_exists" != "x"; then
90 bbfatal "${PN}: groupdel command did not succeed." 90 bbfatal "${PN}: groupdel command did not succeed."
@@ -101,7 +101,7 @@ perform_userdel () {
101 local username=`echo "$opts" | awk '{ print $NF }'` 101 local username=`echo "$opts" | awk '{ print $NF }'`
102 local user_exists="`grep "^$username:" $rootdir/etc/passwd || true`" 102 local user_exists="`grep "^$username:" $rootdir/etc/passwd || true`"
103 if test "x$user_exists" != "x"; then 103 if test "x$user_exists" != "x"; then
104 eval flock -x -w 100 $rootdir${sysconfdir} -c \'$PSEUDO userdel $opts\' || true 104 eval flock -x -w 100 $rootdir${sysconfdir} -c \"$PSEUDO userdel \$opts\" || true
105 user_exists="`grep "^$username:" $rootdir/etc/passwd || true`" 105 user_exists="`grep "^$username:" $rootdir/etc/passwd || true`"
106 if test "x$user_exists" != "x"; then 106 if test "x$user_exists" != "x"; then
107 bbfatal "${PN}: userdel command did not succeed." 107 bbfatal "${PN}: userdel command did not succeed."
@@ -121,7 +121,7 @@ perform_groupmod () {
121 local groupname=`echo "$opts" | awk '{ print $NF }'` 121 local groupname=`echo "$opts" | awk '{ print $NF }'`
122 local group_exists="`grep "^$groupname:" $rootdir/etc/group || true`" 122 local group_exists="`grep "^$groupname:" $rootdir/etc/group || true`"
123 if test "x$group_exists" != "x"; then 123 if test "x$group_exists" != "x"; then
124 eval flock -x -w 100 $rootdir${sysconfdir} -c \'$PSEUDO groupmod $opts\' 124 eval flock -x -w 100 $rootdir${sysconfdir} -c \"$PSEUDO groupmod \$opts\"
125 if test $? != 0; then 125 if test $? != 0; then
126 bbwarn "${PN}: groupmod command did not succeed." 126 bbwarn "${PN}: groupmod command did not succeed."
127 fi 127 fi
@@ -140,7 +140,7 @@ perform_usermod () {
140 local username=`echo "$opts" | awk '{ print $NF }'` 140 local username=`echo "$opts" | awk '{ print $NF }'`
141 local user_exists="`grep "^$username:" $rootdir/etc/passwd || true`" 141 local user_exists="`grep "^$username:" $rootdir/etc/passwd || true`"
142 if test "x$user_exists" != "x"; then 142 if test "x$user_exists" != "x"; then
143 eval flock -x -w 100 $rootdir${sysconfdir} -c \'$PSEUDO usermod $opts\' 143 eval flock -x -w 100 $rootdir${sysconfdir} -c \"$PSEUDO usermod \$opts\"
144 if test $? != 0; then 144 if test $? != 0; then
145 bbfatal "${PN}: usermod command did not succeed." 145 bbfatal "${PN}: usermod command did not succeed."
146 fi 146 fi