shadow: 'useradd' copies root's extended attributes

The copy of extended attributes is interesting for
Smack systems because it allows to set the security
template of the user's home directories without
modifying the tools (useradd here). But the version
of useradd that copies the extended attributes doesn't
copy the extended attributes of the root. This can make
use of homes impossible! This patch corrects the issue
by copying the extended attributes of the root directory:
/home/user will get the extended attributes of /etc/skel.

The patch is submitted upstream (see
http://lists.alioth.debian.org/pipermail/pkg-shadow-commits/2017-March/003804.html)

The existing patch specific to open-embedded is updated:
  0001-useradd.c-create-parent-directories-when-necessary.patch

Also, attr are activated for native tools.
This is needed when users are created during image creation.

(From OE-Core rev: eed66e85af5ca6bbdd80cc3d5cf8453e8d8880bc)

Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

1 files changed, 4 insertions, 4 deletions

diff --git a/meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch b/meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch
index 68da25f406..615c6e002d 100644
--- a/meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch
+++ b/meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch
@@ -118,7 +118,7 @@ diff --git a/src/useradd.c b/src/useradd.c
 index b3bd451..4416f90 100644
 --- a/src/useradd.c
 +++ b/src/useradd.c
-@@ -773,6 +773,7 @@ static void usage (int status)
+@@ -776,6 +776,7 @@ static void usage (int status)
         (void) fputs (_("  -o, --non-unique              allow to create users with duplicate\n"
                         "                                (non-unique) UID\n"), usageout);
         (void) fputs (_("  -p, --password PASSWORD       encrypted password of the new account\n"), usageout);
@@ -126,7 +126,7 @@ index b3bd451..4416f90 100644
         (void) fputs (_("  -r, --system                  create a system account\n"), usageout);
         (void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
         (void) fputs (_("  -s, --shell SHELL             login shell of the new account\n"), usageout);
-@@ -1047,6 +1048,7 @@ static void process_flags (int argc, char **argv)
+@@ -1050,6 +1051,7 @@ static void process_flags (int argc, char **argv)
                         {"no-user-group",  no_argument,       NULL, 'N'},
                         {"non-unique",     no_argument,       NULL, 'o'},
                         {"password",       required_argument, NULL, 'p'},
@@ -134,7 +134,7 @@ index b3bd451..4416f90 100644
                         {"system",         no_argument,       NULL, 'r'},
                         {"root",           required_argument, NULL, 'R'},
                         {"shell",          required_argument, NULL, 's'},
-@@ -1059,9 +1061,9 @@ static void process_flags (int argc, char **argv)
+@@ -1062,9 +1064,9 @@ static void process_flags (int argc, char **argv)
                 };
                 while ((c = getopt_long (argc, argv,
  #ifdef WITH_SELINUX
@@ -146,7 +146,7 @@ index b3bd451..4416f90 100644
  #endif                         /* !WITH_SELINUX */
                                          long_options, NULL)) != -1) {
                         switch (c) {
-@@ -1227,6 +1229,9 @@ static void process_flags (int argc, char **argv)
+@@ -1230,6 +1232,9 @@ static void process_flags (int argc, char **argv)
                                 }
                                 user_pass = optarg;
                                 break;