diff options
author | Alexander Kanavin <alex.kanavin@gmail.com> | 2019-12-04 17:56:00 +0100 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-12-28 23:25:42 +0000 |
commit | af2b2c4d9ff44b5951ef17dd0fba32021b232a27 (patch) | |
tree | 822d1717c9397cbdd6c910ee6f80d913e569ac85 /meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch | |
parent | 40f28d15c5808207461f6064d15965d9f92a8d09 (diff) | |
download | poky-af2b2c4d9ff44b5951ef17dd0fba32021b232a27.tar.gz |
shadow: update 4.6 -> 4.8
Drop two backports.
Remove 0001-useradd.c-create-parent-directories-when-necessary.patch
as upstream has addressed the issue:
https://github.com/shadow-maint/shadow/commit/b3b6d9d77c1d18b98670b97157777bb74092cd69
Rebase the rest of the paches.
Add a patch to remove the check for validity of login shells
which does not work in our environment.
Disable sssd cache support as that needs Fedora-specific tooling.
(From OE-Core rev: fee6c063dfb80425caa7080083c61d1544d929c6)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch')
-rw-r--r-- | meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch | 300 |
1 files changed, 0 insertions, 300 deletions
diff --git a/meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch b/meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch deleted file mode 100644 index fa7eb07aa5..0000000000 --- a/meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch +++ /dev/null | |||
@@ -1,300 +0,0 @@ | |||
1 | Subject: [PATCH] Allow for setting password in clear text | ||
2 | |||
3 | Upstream-Status: Inappropriate [OE specific] | ||
4 | |||
5 | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> | ||
6 | --- | ||
7 | src/Makefile.am | 8 ++++---- | ||
8 | src/groupadd.c | 20 +++++++++++++++----- | ||
9 | src/groupmod.c | 20 +++++++++++++++----- | ||
10 | src/useradd.c | 21 +++++++++++++++------ | ||
11 | src/usermod.c | 20 +++++++++++++++----- | ||
12 | 5 files changed, 64 insertions(+), 25 deletions(-) | ||
13 | |||
14 | diff --git a/src/Makefile.am b/src/Makefile.am | ||
15 | index 3c98a8d..b8093d5 100644 | ||
16 | --- a/src/Makefile.am | ||
17 | +++ b/src/Makefile.am | ||
18 | @@ -93,10 +93,10 @@ chgpasswd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBSELINUX) $(LIBCRYPT) | ||
19 | chsh_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) | ||
20 | chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT) | ||
21 | gpasswd_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) | ||
22 | -groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) | ||
23 | +groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) | ||
24 | groupdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) | ||
25 | groupmems_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) | ||
26 | -groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) | ||
27 | +groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) | ||
28 | grpck_LDADD = $(LDADD) $(LIBSELINUX) | ||
29 | grpconv_LDADD = $(LDADD) $(LIBSELINUX) | ||
30 | grpunconv_LDADD = $(LDADD) $(LIBSELINUX) | ||
31 | @@ -117,9 +117,9 @@ su_SOURCES = \ | ||
32 | suauth.c | ||
33 | su_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) | ||
34 | sulogin_LDADD = $(LDADD) $(LIBCRYPT) | ||
35 | -useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) | ||
36 | +useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBCRYPT) | ||
37 | userdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) | ||
38 | -usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) | ||
39 | +usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBCRYPT) | ||
40 | vipw_LDADD = $(LDADD) $(LIBSELINUX) | ||
41 | |||
42 | install-am: all-am | ||
43 | diff --git a/src/groupadd.c b/src/groupadd.c | ||
44 | index b57006c..63e1c48 100644 | ||
45 | --- a/src/groupadd.c | ||
46 | +++ b/src/groupadd.c | ||
47 | @@ -123,9 +123,10 @@ static /*@noreturn@*/void usage (int status) | ||
48 | (void) fputs (_(" -o, --non-unique allow to create groups with duplicate\n" | ||
49 | " (non-unique) GID\n"), usageout); | ||
50 | (void) fputs (_(" -p, --password PASSWORD use this encrypted password for the new group\n"), usageout); | ||
51 | + (void) fputs (_(" -P, --clear-password PASSWORD use this clear password for the new group\n"), usageout); | ||
52 | (void) fputs (_(" -r, --system create a system account\n"), usageout); | ||
53 | (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); | ||
54 | - (void) fputs (_(" -P, --prefix PREFIX_DIR directory prefix\n"), usageout); | ||
55 | + (void) fputs (_(" -A, --prefix PREFIX_DIR directory prefix\n"), usageout); | ||
56 | (void) fputs ("\n", usageout); | ||
57 | exit (status); | ||
58 | } | ||
59 | @@ -387,13 +388,14 @@ static void process_flags (int argc, char **argv) | ||
60 | {"key", required_argument, NULL, 'K'}, | ||
61 | {"non-unique", no_argument, NULL, 'o'}, | ||
62 | {"password", required_argument, NULL, 'p'}, | ||
63 | + {"clear-password", required_argument, NULL, 'P'}, | ||
64 | {"system", no_argument, NULL, 'r'}, | ||
65 | {"root", required_argument, NULL, 'R'}, | ||
66 | - {"prefix", required_argument, NULL, 'P'}, | ||
67 | + {"prefix", required_argument, NULL, 'A'}, | ||
68 | {NULL, 0, NULL, '\0'} | ||
69 | }; | ||
70 | |||
71 | - while ((c = getopt_long (argc, argv, "fg:hK:op:rR:P:", | ||
72 | + while ((c = getopt_long (argc, argv, "fg:hK:op:P:rR:A:", | ||
73 | long_options, NULL)) != -1) { | ||
74 | switch (c) { | ||
75 | case 'f': | ||
76 | @@ -445,12 +447,20 @@ static void process_flags (int argc, char **argv) | ||
77 | pflg = true; | ||
78 | group_passwd = optarg; | ||
79 | break; | ||
80 | + case 'P': | ||
81 | + pflg = true; | ||
82 | + group_passwd = pw_encrypt (optarg, crypt_make_salt (NULL, NULL)); | ||
83 | + break; | ||
84 | case 'r': | ||
85 | rflg = true; | ||
86 | break; | ||
87 | case 'R': /* no-op, handled in process_root_flag () */ | ||
88 | break; | ||
89 | - case 'P': /* no-op, handled in process_prefix_flag () */ | ||
90 | + case 'A': /* no-op, handled in process_prefix_flag () */ | ||
91 | + fprintf (stderr, | ||
92 | + _("%s: -A is deliberately not supported \n"), | ||
93 | + Prog); | ||
94 | + exit (E_BAD_ARG); | ||
95 | break; | ||
96 | default: | ||
97 | usage (E_USAGE); | ||
98 | @@ -584,7 +594,7 @@ int main (int argc, char **argv) | ||
99 | (void) textdomain (PACKAGE); | ||
100 | |||
101 | process_root_flag ("-R", argc, argv); | ||
102 | - prefix = process_prefix_flag ("-P", argc, argv); | ||
103 | + prefix = process_prefix_flag ("-A", argc, argv); | ||
104 | |||
105 | OPENLOG ("groupadd"); | ||
106 | #ifdef WITH_AUDIT | ||
107 | diff --git a/src/groupmod.c b/src/groupmod.c | ||
108 | index b293b98..72daf2c 100644 | ||
109 | --- a/src/groupmod.c | ||
110 | +++ b/src/groupmod.c | ||
111 | @@ -134,8 +134,9 @@ static void usage (int status) | ||
112 | (void) fputs (_(" -o, --non-unique allow to use a duplicate (non-unique) GID\n"), usageout); | ||
113 | (void) fputs (_(" -p, --password PASSWORD change the password to this (encrypted)\n" | ||
114 | " PASSWORD\n"), usageout); | ||
115 | + (void) fputs (_(" -P, --clear-password PASSWORD change the password to this clear PASSWORD\n"), usageout); | ||
116 | (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); | ||
117 | - (void) fputs (_(" -P, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); | ||
118 | + (void) fputs (_(" -A, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); | ||
119 | (void) fputs ("\n", usageout); | ||
120 | exit (status); | ||
121 | } | ||
122 | @@ -383,11 +384,12 @@ static void process_flags (int argc, char **argv) | ||
123 | {"new-name", required_argument, NULL, 'n'}, | ||
124 | {"non-unique", no_argument, NULL, 'o'}, | ||
125 | {"password", required_argument, NULL, 'p'}, | ||
126 | + {"clear-password", required_argument, NULL, 'P'}, | ||
127 | {"root", required_argument, NULL, 'R'}, | ||
128 | - {"prefix", required_argument, NULL, 'P'}, | ||
129 | + {"prefix", required_argument, NULL, 'A'}, | ||
130 | {NULL, 0, NULL, '\0'} | ||
131 | }; | ||
132 | - while ((c = getopt_long (argc, argv, "g:hn:op:R:P:", | ||
133 | + while ((c = getopt_long (argc, argv, "g:hn:op:P:R:A:", | ||
134 | long_options, NULL)) != -1) { | ||
135 | switch (c) { | ||
136 | case 'g': | ||
137 | @@ -414,9 +416,17 @@ static void process_flags (int argc, char **argv) | ||
138 | group_passwd = optarg; | ||
139 | pflg = true; | ||
140 | break; | ||
141 | + case 'P': | ||
142 | + group_passwd = pw_encrypt (optarg, crypt_make_salt (NULL, NULL)); | ||
143 | + pflg = true; | ||
144 | + break; | ||
145 | case 'R': /* no-op, handled in process_root_flag () */ | ||
146 | break; | ||
147 | - case 'P': /* no-op, handled in process_prefix_flag () */ | ||
148 | + case 'A': /* no-op, handled in process_prefix_flag () */ | ||
149 | + fprintf (stderr, | ||
150 | + _("%s: -A is deliberately not supported \n"), | ||
151 | + Prog); | ||
152 | + exit (E_BAD_ARG); | ||
153 | break; | ||
154 | default: | ||
155 | usage (E_USAGE); | ||
156 | @@ -757,7 +767,7 @@ int main (int argc, char **argv) | ||
157 | (void) textdomain (PACKAGE); | ||
158 | |||
159 | process_root_flag ("-R", argc, argv); | ||
160 | - prefix = process_prefix_flag ("-P", argc, argv); | ||
161 | + prefix = process_prefix_flag ("-A", argc, argv); | ||
162 | |||
163 | OPENLOG ("groupmod"); | ||
164 | #ifdef WITH_AUDIT | ||
165 | diff --git a/src/useradd.c b/src/useradd.c | ||
166 | index c74e491..7214e72 100644 | ||
167 | --- a/src/useradd.c | ||
168 | +++ b/src/useradd.c | ||
169 | @@ -829,9 +829,10 @@ static void usage (int status) | ||
170 | (void) fputs (_(" -o, --non-unique allow to create users with duplicate\n" | ||
171 | " (non-unique) UID\n"), usageout); | ||
172 | (void) fputs (_(" -p, --password PASSWORD encrypted password of the new account\n"), usageout); | ||
173 | + (void) fputs (_(" -P, --clear-password PASSWORD clear password of the new account\n"), usageout); | ||
174 | (void) fputs (_(" -r, --system create a system account\n"), usageout); | ||
175 | (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); | ||
176 | - (void) fputs (_(" -P, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); | ||
177 | + (void) fputs (_(" -A, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); | ||
178 | (void) fputs (_(" -s, --shell SHELL login shell of the new account\n"), usageout); | ||
179 | (void) fputs (_(" -u, --uid UID user ID of the new account\n"), usageout); | ||
180 | (void) fputs (_(" -U, --user-group create a group with the same name as the user\n"), usageout); | ||
181 | @@ -1104,9 +1105,10 @@ static void process_flags (int argc, char **argv) | ||
182 | {"no-user-group", no_argument, NULL, 'N'}, | ||
183 | {"non-unique", no_argument, NULL, 'o'}, | ||
184 | {"password", required_argument, NULL, 'p'}, | ||
185 | + {"clear-password", required_argument, NULL, 'P'}, | ||
186 | {"system", no_argument, NULL, 'r'}, | ||
187 | {"root", required_argument, NULL, 'R'}, | ||
188 | - {"prefix", required_argument, NULL, 'P'}, | ||
189 | + {"prefix", required_argument, NULL, 'A'}, | ||
190 | {"shell", required_argument, NULL, 's'}, | ||
191 | {"uid", required_argument, NULL, 'u'}, | ||
192 | {"user-group", no_argument, NULL, 'U'}, | ||
193 | @@ -1117,9 +1119,9 @@ static void process_flags (int argc, char **argv) | ||
194 | }; | ||
195 | while ((c = getopt_long (argc, argv, | ||
196 | #ifdef WITH_SELINUX | ||
197 | - "b:c:d:De:f:g:G:hk:K:lmMNop:rR:P:s:u:UZ:", | ||
198 | + "b:c:d:De:f:g:G:hk:K:lmMNop:P:rR:A:s:u:UZ:", | ||
199 | #else /* !WITH_SELINUX */ | ||
200 | - "b:c:d:De:f:g:G:hk:K:lmMNop:rR:P:s:u:U", | ||
201 | + "b:c:d:De:f:g:G:hk:K:lmMNop:P:rR:A:s:u:U", | ||
202 | #endif /* !WITH_SELINUX */ | ||
203 | long_options, NULL)) != -1) { | ||
204 | switch (c) { | ||
205 | @@ -1285,12 +1287,19 @@ static void process_flags (int argc, char **argv) | ||
206 | } | ||
207 | user_pass = optarg; | ||
208 | break; | ||
209 | + case 'P': /* set clear text password */ | ||
210 | + user_pass = pw_encrypt (optarg, crypt_make_salt (NULL, NULL)); | ||
211 | + break; | ||
212 | case 'r': | ||
213 | rflg = true; | ||
214 | break; | ||
215 | case 'R': /* no-op, handled in process_root_flag () */ | ||
216 | break; | ||
217 | - case 'P': /* no-op, handled in process_prefix_flag () */ | ||
218 | + case 'A': /* no-op, handled in process_prefix_flag () */ | ||
219 | + fprintf (stderr, | ||
220 | + _("%s: -A is deliberately not supported \n"), | ||
221 | + Prog); | ||
222 | + exit (E_BAD_ARG); | ||
223 | break; | ||
224 | case 's': | ||
225 | if ( ( !VALID (optarg) ) | ||
226 | @@ -2148,7 +2157,7 @@ int main (int argc, char **argv) | ||
227 | |||
228 | process_root_flag ("-R", argc, argv); | ||
229 | |||
230 | - prefix = process_prefix_flag("-P", argc, argv); | ||
231 | + prefix = process_prefix_flag("-A", argc, argv); | ||
232 | |||
233 | OPENLOG ("useradd"); | ||
234 | #ifdef WITH_AUDIT | ||
235 | diff --git a/src/usermod.c b/src/usermod.c | ||
236 | index e571426..ccfbb99 100644 | ||
237 | --- a/src/usermod.c | ||
238 | +++ b/src/usermod.c | ||
239 | @@ -424,8 +424,9 @@ static /*@noreturn@*/void usage (int status) | ||
240 | " new location (use only with -d)\n"), usageout); | ||
241 | (void) fputs (_(" -o, --non-unique allow using duplicate (non-unique) UID\n"), usageout); | ||
242 | (void) fputs (_(" -p, --password PASSWORD use encrypted password for the new password\n"), usageout); | ||
243 | + (void) fputs (_(" -P, --clear-password PASSWORD use clear password for the new password\n"), usageout); | ||
244 | (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); | ||
245 | - (void) fputs (_(" -P, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); | ||
246 | + (void) fputs (_(" -A, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); | ||
247 | (void) fputs (_(" -s, --shell SHELL new login shell for the user account\n"), usageout); | ||
248 | (void) fputs (_(" -u, --uid UID new UID for the user account\n"), usageout); | ||
249 | (void) fputs (_(" -U, --unlock unlock the user account\n"), usageout); | ||
250 | @@ -1002,8 +1003,9 @@ static void process_flags (int argc, char **argv) | ||
251 | {"move-home", no_argument, NULL, 'm'}, | ||
252 | {"non-unique", no_argument, NULL, 'o'}, | ||
253 | {"password", required_argument, NULL, 'p'}, | ||
254 | + {"clear-password", required_argument, NULL, 'P'}, | ||
255 | {"root", required_argument, NULL, 'R'}, | ||
256 | - {"prefix", required_argument, NULL, 'P'}, | ||
257 | + {"prefix", required_argument, NULL, 'A'}, | ||
258 | {"shell", required_argument, NULL, 's'}, | ||
259 | {"uid", required_argument, NULL, 'u'}, | ||
260 | {"unlock", no_argument, NULL, 'U'}, | ||
261 | @@ -1019,7 +1021,7 @@ static void process_flags (int argc, char **argv) | ||
262 | {NULL, 0, NULL, '\0'} | ||
263 | }; | ||
264 | while ((c = getopt_long (argc, argv, | ||
265 | - "ac:d:e:f:g:G:hl:Lmop:R:s:u:UP:" | ||
266 | + "ac:d:e:f:g:G:hl:Lmop:P:R:s:u:UA:" | ||
267 | #ifdef ENABLE_SUBIDS | ||
268 | "v:w:V:W:" | ||
269 | #endif /* ENABLE_SUBIDS */ | ||
270 | @@ -1119,9 +1121,17 @@ static void process_flags (int argc, char **argv) | ||
271 | user_pass = optarg; | ||
272 | pflg = true; | ||
273 | break; | ||
274 | + case 'P': | ||
275 | + user_pass = pw_encrypt (optarg, crypt_make_salt (NULL, NULL)); | ||
276 | + pflg = true; | ||
277 | + break; | ||
278 | case 'R': /* no-op, handled in process_root_flag () */ | ||
279 | break; | ||
280 | - case 'P': /* no-op, handled in process_prefix_flag () */ | ||
281 | + case 'A': /* no-op, handled in process_prefix_flag () */ | ||
282 | + fprintf (stderr, | ||
283 | + _("%s: -A is deliberately not supported \n"), | ||
284 | + Prog); | ||
285 | + exit (E_BAD_ARG); | ||
286 | break; | ||
287 | case 's': | ||
288 | if (!VALID (optarg)) { | ||
289 | @@ -2098,7 +2108,7 @@ int main (int argc, char **argv) | ||
290 | (void) textdomain (PACKAGE); | ||
291 | |||
292 | process_root_flag ("-R", argc, argv); | ||
293 | - prefix = process_prefix_flag ("-P", argc, argv); | ||
294 | + prefix = process_prefix_flag ("-A", argc, argv); | ||
295 | |||
296 | OPENLOG ("usermod"); | ||
297 | #ifdef WITH_AUDIT | ||
298 | -- | ||
299 | 2.11.0 | ||
300 | |||