diff options
author | Alexander Kanavin <alex.kanavin@gmail.com> | 2019-12-04 17:56:00 +0100 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-12-28 23:25:42 +0000 |
commit | af2b2c4d9ff44b5951ef17dd0fba32021b232a27 (patch) | |
tree | 822d1717c9397cbdd6c910ee6f80d913e569ac85 /meta/recipes-extended/shadow/files | |
parent | 40f28d15c5808207461f6064d15965d9f92a8d09 (diff) | |
download | poky-af2b2c4d9ff44b5951ef17dd0fba32021b232a27.tar.gz |
shadow: update 4.6 -> 4.8
Drop two backports.
Remove 0001-useradd.c-create-parent-directories-when-necessary.patch
as upstream has addressed the issue:
https://github.com/shadow-maint/shadow/commit/b3b6d9d77c1d18b98670b97157777bb74092cd69
Rebase the rest of the paches.
Add a patch to remove the check for validity of login shells
which does not work in our environment.
Disable sssd cache support as that needs Fedora-specific tooling.
(From OE-Core rev: fee6c063dfb80425caa7080083c61d1544d929c6)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/shadow/files')
-rw-r--r-- | meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch | 18 | ||||
-rw-r--r-- | meta/recipes-extended/shadow/files/0001-Do-not-check-for-validity-of-shell-executable.patch | 29 | ||||
-rw-r--r-- | meta/recipes-extended/shadow/files/0001-Make-the-sp_lstchg-shadow-field-reproducible-re.-71.patch | 89 | ||||
-rw-r--r-- | meta/recipes-extended/shadow/files/0001-configure.ac-fix-configure-error-with-dash.patch | 36 | ||||
-rw-r--r-- | meta/recipes-extended/shadow/files/0001-useradd.c-create-parent-directories-when-necessary.patch | 116 | ||||
-rw-r--r-- | meta/recipes-extended/shadow/files/0002-Allow-for-setting-password-in-clear-text.patch (renamed from meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch) | 101 | ||||
-rw-r--r-- | meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch | 15 | ||||
-rw-r--r-- | meta/recipes-extended/shadow/files/shadow-relaxed-usernames.patch | 51 |
8 files changed, 128 insertions, 327 deletions
diff --git a/meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch b/meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch index aac2d42b12..ab317b9aa0 100644 --- a/meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch +++ b/meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 8cf3454d567f77233023be49a39a33e9f0836f89 Mon Sep 17 00:00:00 2001 | 1 | From fa2d9453656641002802d8165e80adb9e6a729d2 Mon Sep 17 00:00:00 2001 |
2 | From: Scott Garman <scott.a.garman@intel.com> | 2 | From: Scott Garman <scott.a.garman@intel.com> |
3 | Date: Thu, 14 Apr 2016 12:28:57 +0200 | 3 | Date: Thu, 14 Apr 2016 12:28:57 +0200 |
4 | Subject: [PATCH] Disable use of syslog for sysroot | 4 | Subject: [PATCH] Disable use of syslog for sysroot |
@@ -12,6 +12,7 @@ Upstream-Status: Inappropriate [disable feature] | |||
12 | Signed-off-by: Scott Garman <scott.a.garman@intel.com> | 12 | Signed-off-by: Scott Garman <scott.a.garman@intel.com> |
13 | Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> | 13 | Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> |
14 | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> | 14 | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> |
15 | |||
15 | --- | 16 | --- |
16 | src/groupadd.c | 3 +++ | 17 | src/groupadd.c | 3 +++ |
17 | src/groupdel.c | 3 +++ | 18 | src/groupdel.c | 3 +++ |
@@ -23,7 +24,7 @@ Signed-off-by: Chen Qi <Qi.Chen@windriver.com> | |||
23 | 7 files changed, 21 insertions(+) | 24 | 7 files changed, 21 insertions(+) |
24 | 25 | ||
25 | diff --git a/src/groupadd.c b/src/groupadd.c | 26 | diff --git a/src/groupadd.c b/src/groupadd.c |
26 | index 63e1c48..a596c49 100644 | 27 | index 2dd8eec..e9c4bb7 100644 |
27 | --- a/src/groupadd.c | 28 | --- a/src/groupadd.c |
28 | +++ b/src/groupadd.c | 29 | +++ b/src/groupadd.c |
29 | @@ -34,6 +34,9 @@ | 30 | @@ -34,6 +34,9 @@ |
@@ -37,7 +38,7 @@ index 63e1c48..a596c49 100644 | |||
37 | #include <fcntl.h> | 38 | #include <fcntl.h> |
38 | #include <getopt.h> | 39 | #include <getopt.h> |
39 | diff --git a/src/groupdel.c b/src/groupdel.c | 40 | diff --git a/src/groupdel.c b/src/groupdel.c |
40 | index 70bed01..ababd81 100644 | 41 | index f941a84..5a70056 100644 |
41 | --- a/src/groupdel.c | 42 | --- a/src/groupdel.c |
42 | +++ b/src/groupdel.c | 43 | +++ b/src/groupdel.c |
43 | @@ -34,6 +34,9 @@ | 44 | @@ -34,6 +34,9 @@ |
@@ -65,7 +66,7 @@ index fc91c8b..2842514 100644 | |||
65 | #include <getopt.h> | 66 | #include <getopt.h> |
66 | #include <grp.h> | 67 | #include <grp.h> |
67 | diff --git a/src/groupmod.c b/src/groupmod.c | 68 | diff --git a/src/groupmod.c b/src/groupmod.c |
68 | index 72daf2c..8965f9d 100644 | 69 | index 1dca5fc..bc14438 100644 |
69 | --- a/src/groupmod.c | 70 | --- a/src/groupmod.c |
70 | +++ b/src/groupmod.c | 71 | +++ b/src/groupmod.c |
71 | @@ -34,6 +34,9 @@ | 72 | @@ -34,6 +34,9 @@ |
@@ -79,7 +80,7 @@ index 72daf2c..8965f9d 100644 | |||
79 | #include <fcntl.h> | 80 | #include <fcntl.h> |
80 | #include <getopt.h> | 81 | #include <getopt.h> |
81 | diff --git a/src/useradd.c b/src/useradd.c | 82 | diff --git a/src/useradd.c b/src/useradd.c |
82 | index 3aaf45c..1ab9174 100644 | 83 | index 4af0f7c..1b7bf06 100644 |
83 | --- a/src/useradd.c | 84 | --- a/src/useradd.c |
84 | +++ b/src/useradd.c | 85 | +++ b/src/useradd.c |
85 | @@ -34,6 +34,9 @@ | 86 | @@ -34,6 +34,9 @@ |
@@ -93,7 +94,7 @@ index 3aaf45c..1ab9174 100644 | |||
93 | #include <ctype.h> | 94 | #include <ctype.h> |
94 | #include <errno.h> | 95 | #include <errno.h> |
95 | diff --git a/src/userdel.c b/src/userdel.c | 96 | diff --git a/src/userdel.c b/src/userdel.c |
96 | index c8de1d3..24d3ea9 100644 | 97 | index cc951e5..153e0be 100644 |
97 | --- a/src/userdel.c | 98 | --- a/src/userdel.c |
98 | +++ b/src/userdel.c | 99 | +++ b/src/userdel.c |
99 | @@ -34,6 +34,9 @@ | 100 | @@ -34,6 +34,9 @@ |
@@ -107,7 +108,7 @@ index c8de1d3..24d3ea9 100644 | |||
107 | #include <errno.h> | 108 | #include <errno.h> |
108 | #include <fcntl.h> | 109 | #include <fcntl.h> |
109 | diff --git a/src/usermod.c b/src/usermod.c | 110 | diff --git a/src/usermod.c b/src/usermod.c |
110 | index ccfbb99..24fb60d 100644 | 111 | index 05b9871..21c6da9 100644 |
111 | --- a/src/usermod.c | 112 | --- a/src/usermod.c |
112 | +++ b/src/usermod.c | 113 | +++ b/src/usermod.c |
113 | @@ -34,6 +34,9 @@ | 114 | @@ -34,6 +34,9 @@ |
@@ -120,6 +121,3 @@ index ccfbb99..24fb60d 100644 | |||
120 | #include <assert.h> | 121 | #include <assert.h> |
121 | #include <ctype.h> | 122 | #include <ctype.h> |
122 | #include <errno.h> | 123 | #include <errno.h> |
123 | -- | ||
124 | 2.11.0 | ||
125 | |||
diff --git a/meta/recipes-extended/shadow/files/0001-Do-not-check-for-validity-of-shell-executable.patch b/meta/recipes-extended/shadow/files/0001-Do-not-check-for-validity-of-shell-executable.patch new file mode 100644 index 0000000000..2d15ff0673 --- /dev/null +++ b/meta/recipes-extended/shadow/files/0001-Do-not-check-for-validity-of-shell-executable.patch | |||
@@ -0,0 +1,29 @@ | |||
1 | From 0d0aded7307a9f4ee0d299951512acd18b3e029e Mon Sep 17 00:00:00 2001 | ||
2 | From: Alexander Kanavin <alex.kanavin@gmail.com> | ||
3 | Date: Wed, 4 Dec 2019 19:28:48 +0100 | ||
4 | Subject: [PATCH] Do not check for validity of shell executable. | ||
5 | |||
6 | This kind of check fails when building a rootfs. | ||
7 | |||
8 | Upstream-Status: Inappropriate [oe-core specific] | ||
9 | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> | ||
10 | --- | ||
11 | src/useradd.c | 5 +---- | ||
12 | 1 file changed, 1 insertion(+), 4 deletions(-) | ||
13 | |||
14 | diff --git a/src/useradd.c b/src/useradd.c | ||
15 | index 4af0f7c..898fe02 100644 | ||
16 | --- a/src/useradd.c | ||
17 | +++ b/src/useradd.c | ||
18 | @@ -1328,10 +1328,7 @@ static void process_flags (int argc, char **argv) | ||
19 | if ( ( !VALID (optarg) ) | ||
20 | || ( ('\0' != optarg[0]) | ||
21 | && ('/' != optarg[0]) | ||
22 | - && ('*' != optarg[0]) ) | ||
23 | - || (stat(optarg, &st) != 0) | ||
24 | - || (S_ISDIR(st.st_mode)) | ||
25 | - || (access(optarg, X_OK) != 0)) { | ||
26 | + && ('*' != optarg[0]) )) { | ||
27 | fprintf (stderr, | ||
28 | _("%s: invalid shell '%s'\n"), | ||
29 | Prog, optarg); | ||
diff --git a/meta/recipes-extended/shadow/files/0001-Make-the-sp_lstchg-shadow-field-reproducible-re.-71.patch b/meta/recipes-extended/shadow/files/0001-Make-the-sp_lstchg-shadow-field-reproducible-re.-71.patch deleted file mode 100644 index de0ba3ebb4..0000000000 --- a/meta/recipes-extended/shadow/files/0001-Make-the-sp_lstchg-shadow-field-reproducible-re.-71.patch +++ /dev/null | |||
@@ -1,89 +0,0 @@ | |||
1 | From fe34a2a0e44bc80ff213bfd185046a5f10c94997 Mon Sep 17 00:00:00 2001 | ||
2 | From: Chris Lamb <chris@chris-lamb.co.uk> | ||
3 | Date: Wed, 2 Jan 2019 18:06:16 +0000 | ||
4 | Subject: [PATCH 1/2] Make the sp_lstchg shadow field reproducible (re. #71) | ||
5 | |||
6 | From <https://github.com/shadow-maint/shadow/pull/71>: | ||
7 | |||
8 | ``` | ||
9 | The third field in the /etc/shadow file (sp_lstchg) contains the date of | ||
10 | the last password change expressed as the number of days since Jan 1, 1970. | ||
11 | As this is a relative time, creating a user today will result in: | ||
12 | |||
13 | username:17238:0:99999:7::: | ||
14 | whilst creating the same user tomorrow will result in: | ||
15 | |||
16 | username:17239:0:99999:7::: | ||
17 | This has an impact for the Reproducible Builds[0] project where we aim to | ||
18 | be independent of as many elements the build environment as possible, | ||
19 | including the current date. | ||
20 | |||
21 | This patch changes the behaviour to use the SOURCE_DATE_EPOCH[1] | ||
22 | environment variable (instead of Jan 1, 1970) if valid. | ||
23 | ``` | ||
24 | |||
25 | This updated PR adds some missing calls to gettime (). This was originally | ||
26 | filed by Johannes Schauer in Debian as #917773 [2]. | ||
27 | |||
28 | [0] https://reproducible-builds.org/ | ||
29 | [1] https://reproducible-builds.org/specs/source-date-epoch/ | ||
30 | [2] https://bugs.debian.org/917773 | ||
31 | |||
32 | Upstream-Status: Backport | ||
33 | Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> | ||
34 | --- | ||
35 | libmisc/pwd2spwd.c | 3 +-- | ||
36 | src/pwck.c | 2 +- | ||
37 | src/pwconv.c | 2 +- | ||
38 | 3 files changed, 3 insertions(+), 4 deletions(-) | ||
39 | |||
40 | diff --git a/libmisc/pwd2spwd.c b/libmisc/pwd2spwd.c | ||
41 | index c1b9b29ac873..6799dd50d490 100644 | ||
42 | --- a/libmisc/pwd2spwd.c | ||
43 | +++ b/libmisc/pwd2spwd.c | ||
44 | @@ -40,7 +40,6 @@ | ||
45 | #include "prototypes.h" | ||
46 | #include "defines.h" | ||
47 | #include <pwd.h> | ||
48 | -extern time_t time (time_t *); | ||
49 | |||
50 | /* | ||
51 | * pwd_to_spwd - create entries for new spwd structure | ||
52 | @@ -66,7 +65,7 @@ struct spwd *pwd_to_spwd (const struct passwd *pw) | ||
53 | */ | ||
54 | sp.sp_min = 0; | ||
55 | sp.sp_max = (10000L * DAY) / SCALE; | ||
56 | - sp.sp_lstchg = (long) time ((time_t *) 0) / SCALE; | ||
57 | + sp.sp_lstchg = (long) gettime () / SCALE; | ||
58 | if (0 == sp.sp_lstchg) { | ||
59 | /* Better disable aging than requiring a password | ||
60 | * change */ | ||
61 | diff --git a/src/pwck.c b/src/pwck.c | ||
62 | index 0ffb711efb13..f70071b12500 100644 | ||
63 | --- a/src/pwck.c | ||
64 | +++ b/src/pwck.c | ||
65 | @@ -609,7 +609,7 @@ static void check_pw_file (int *errors, bool *changed) | ||
66 | sp.sp_inact = -1; | ||
67 | sp.sp_expire = -1; | ||
68 | sp.sp_flag = SHADOW_SP_FLAG_UNSET; | ||
69 | - sp.sp_lstchg = (long) time ((time_t *) 0) / SCALE; | ||
70 | + sp.sp_lstchg = (long) gettime () / SCALE; | ||
71 | if (0 == sp.sp_lstchg) { | ||
72 | /* Better disable aging than | ||
73 | * requiring a password change | ||
74 | diff --git a/src/pwconv.c b/src/pwconv.c | ||
75 | index 9c69fa131d8e..f932f266c59c 100644 | ||
76 | --- a/src/pwconv.c | ||
77 | +++ b/src/pwconv.c | ||
78 | @@ -267,7 +267,7 @@ int main (int argc, char **argv) | ||
79 | spent.sp_flag = SHADOW_SP_FLAG_UNSET; | ||
80 | } | ||
81 | spent.sp_pwdp = pw->pw_passwd; | ||
82 | - spent.sp_lstchg = (long) time ((time_t *) 0) / SCALE; | ||
83 | + spent.sp_lstchg = (long) gettime () / SCALE; | ||
84 | if (0 == spent.sp_lstchg) { | ||
85 | /* Better disable aging than requiring a password | ||
86 | * change */ | ||
87 | -- | ||
88 | 2.17.1 | ||
89 | |||
diff --git a/meta/recipes-extended/shadow/files/0001-configure.ac-fix-configure-error-with-dash.patch b/meta/recipes-extended/shadow/files/0001-configure.ac-fix-configure-error-with-dash.patch deleted file mode 100644 index a74cbb0c0e..0000000000 --- a/meta/recipes-extended/shadow/files/0001-configure.ac-fix-configure-error-with-dash.patch +++ /dev/null | |||
@@ -1,36 +0,0 @@ | |||
1 | From 3c52a84ff8775590e7e9da9c0d4408c23494305e Mon Sep 17 00:00:00 2001 | ||
2 | From: Yi Zhao <yi.zhao@windriver.com> | ||
3 | Date: Mon, 17 Jun 2019 15:36:34 +0800 | ||
4 | Subject: [PATCH] configure.ac: fix configure error with dash | ||
5 | |||
6 | A configure error occurs when /bin/sh -> dash: | ||
7 | checking for is_selinux_enabled in -lselinux... yes | ||
8 | checking for semanage_connect in -lsemanage... yes | ||
9 | configure: 16322: test: yesyes: unexpected operator | ||
10 | |||
11 | Use "=" instead of "==" since dash doesn't support this operator. | ||
12 | |||
13 | Upstream-Status: Backport | ||
14 | [https://github.com/shadow-maint/shadow/commit/3c52a84ff8775590e7e9da9c0d4408c23494305e] | ||
15 | |||
16 | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> | ||
17 | --- | ||
18 | configure.ac | 2 +- | ||
19 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
20 | |||
21 | diff --git a/configure.ac b/configure.ac | ||
22 | index 6762556..1907afb 100644 | ||
23 | --- a/configure.ac | ||
24 | +++ b/configure.ac | ||
25 | @@ -500,7 +500,7 @@ if test "$with_selinux" != "no"; then | ||
26 | AC_MSG_ERROR([libsemanage not found]) | ||
27 | fi | ||
28 | |||
29 | - if test "$selinux_lib$semanage_lib" == "yesyes" ; then | ||
30 | + if test "$selinux_lib$semanage_lib" = "yesyes" ; then | ||
31 | AC_DEFINE(WITH_SELINUX, 1, | ||
32 | [Build shadow with SELinux support]) | ||
33 | LIBSELINUX="-lselinux" | ||
34 | -- | ||
35 | 2.7.4 | ||
36 | |||
diff --git a/meta/recipes-extended/shadow/files/0001-useradd.c-create-parent-directories-when-necessary.patch b/meta/recipes-extended/shadow/files/0001-useradd.c-create-parent-directories-when-necessary.patch deleted file mode 100644 index faa6f68ebe..0000000000 --- a/meta/recipes-extended/shadow/files/0001-useradd.c-create-parent-directories-when-necessary.patch +++ /dev/null | |||
@@ -1,116 +0,0 @@ | |||
1 | Subject: [PATCH] useradd.c: create parent directories when necessary | ||
2 | |||
3 | Upstream-Status: Inappropriate [OE specific] | ||
4 | |||
5 | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> | ||
6 | --- | ||
7 | src/useradd.c | 80 +++++++++++++++++++++++++++++++++++++++-------------------- | ||
8 | 1 file changed, 53 insertions(+), 27 deletions(-) | ||
9 | |||
10 | diff --git a/src/useradd.c b/src/useradd.c | ||
11 | index 00a3c30..9ecbb58 100644 | ||
12 | --- a/src/useradd.c | ||
13 | +++ b/src/useradd.c | ||
14 | @@ -2021,6 +2021,35 @@ static void usr_update (void) | ||
15 | } | ||
16 | |||
17 | /* | ||
18 | + * mkdir_p - create directories, including parent directories when needed | ||
19 | + * | ||
20 | + * similar to `mkdir -p' | ||
21 | + */ | ||
22 | +void mkdir_p(const char *path) { | ||
23 | + int len = strlen(path); | ||
24 | + char newdir[len + 1]; | ||
25 | + mode_t mode = 0755; | ||
26 | + int i = 0; | ||
27 | + | ||
28 | + if (path[i] == '\0') { | ||
29 | + return; | ||
30 | + } | ||
31 | + | ||
32 | + /* skip the leading '/' */ | ||
33 | + i++; | ||
34 | + | ||
35 | + while(path[i] != '\0') { | ||
36 | + if (path[i] == '/') { | ||
37 | + strncpy(newdir, path, i); | ||
38 | + newdir[i] = '\0'; | ||
39 | + mkdir(newdir, mode); | ||
40 | + } | ||
41 | + i++; | ||
42 | + } | ||
43 | + mkdir(path, mode); | ||
44 | +} | ||
45 | + | ||
46 | +/* | ||
47 | * create_home - create the user's home directory | ||
48 | * | ||
49 | * create_home() creates the user's home directory if it does not | ||
50 | @@ -2038,39 +2067,36 @@ static void create_home (void) | ||
51 | fail_exit (E_HOMEDIR); | ||
52 | } | ||
53 | #endif | ||
54 | - /* XXX - create missing parent directories. --marekm */ | ||
55 | - if (mkdir (prefix_user_home, 0) != 0) { | ||
56 | - fprintf (stderr, | ||
57 | - _("%s: cannot create directory %s\n"), | ||
58 | - Prog, prefix_user_home); | ||
59 | + mkdir_p(user_home); | ||
60 | + } | ||
61 | + if (access (prefix_user_home, F_OK) != 0) { | ||
62 | #ifdef WITH_AUDIT | ||
63 | - audit_logger (AUDIT_ADD_USER, Prog, | ||
64 | - "adding home directory", | ||
65 | - user_name, (unsigned int) user_id, | ||
66 | - SHADOW_AUDIT_FAILURE); | ||
67 | + audit_logger (AUDIT_ADD_USER, Prog, | ||
68 | + "adding home directory", | ||
69 | + user_name, (unsigned int) user_id, | ||
70 | + SHADOW_AUDIT_FAILURE); | ||
71 | #endif | ||
72 | - fail_exit (E_HOMEDIR); | ||
73 | - } | ||
74 | - (void) chown (prefix_user_home, user_id, user_gid); | ||
75 | - chmod (prefix_user_home, | ||
76 | - 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK)); | ||
77 | - home_added = true; | ||
78 | + fail_exit (E_HOMEDIR); | ||
79 | + } | ||
80 | + (void) chown (prefix_user_home, user_id, user_gid); | ||
81 | + chmod (prefix_user_home, | ||
82 | + 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK)); | ||
83 | + home_added = true; | ||
84 | #ifdef WITH_AUDIT | ||
85 | - audit_logger (AUDIT_ADD_USER, Prog, | ||
86 | - "adding home directory", | ||
87 | - user_name, (unsigned int) user_id, | ||
88 | - SHADOW_AUDIT_SUCCESS); | ||
89 | + audit_logger (AUDIT_ADD_USER, Prog, | ||
90 | + "adding home directory", | ||
91 | + user_name, (unsigned int) user_id, | ||
92 | + SHADOW_AUDIT_SUCCESS); | ||
93 | #endif | ||
94 | #ifdef WITH_SELINUX | ||
95 | - /* Reset SELinux to create files with default contexts */ | ||
96 | - if (reset_selinux_file_context () != 0) { | ||
97 | - fprintf (stderr, | ||
98 | - _("%s: cannot reset SELinux file creation context\n"), | ||
99 | - Prog); | ||
100 | - fail_exit (E_HOMEDIR); | ||
101 | - } | ||
102 | -#endif | ||
103 | + /* Reset SELinux to create files with default contexts */ | ||
104 | + if (reset_selinux_file_context () != 0) { | ||
105 | + fprintf (stderr, | ||
106 | + _("%s: cannot reset SELinux file creation context\n"), | ||
107 | + Prog); | ||
108 | + fail_exit (E_HOMEDIR); | ||
109 | } | ||
110 | +#endif | ||
111 | } | ||
112 | |||
113 | /* | ||
114 | -- | ||
115 | 2.11.0 | ||
116 | |||
diff --git a/meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch b/meta/recipes-extended/shadow/files/0002-Allow-for-setting-password-in-clear-text.patch index fa7eb07aa5..c6332e4f76 100644 --- a/meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch +++ b/meta/recipes-extended/shadow/files/0002-Allow-for-setting-password-in-clear-text.patch | |||
@@ -1,8 +1,12 @@ | |||
1 | From a7d995228491ad5255ad86c1f04ba071f6880897 Mon Sep 17 00:00:00 2001 | ||
2 | From: Chen Qi <Qi.Chen@windriver.com> | ||
3 | Date: Sat, 16 Nov 2013 15:27:47 +0800 | ||
1 | Subject: [PATCH] Allow for setting password in clear text | 4 | Subject: [PATCH] Allow for setting password in clear text |
2 | 5 | ||
3 | Upstream-Status: Inappropriate [OE specific] | 6 | Upstream-Status: Inappropriate [OE specific] |
4 | 7 | ||
5 | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> | 8 | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> |
9 | |||
6 | --- | 10 | --- |
7 | src/Makefile.am | 8 ++++---- | 11 | src/Makefile.am | 8 ++++---- |
8 | src/groupadd.c | 20 +++++++++++++++----- | 12 | src/groupadd.c | 20 +++++++++++++++----- |
@@ -12,39 +16,39 @@ Signed-off-by: Chen Qi <Qi.Chen@windriver.com> | |||
12 | 5 files changed, 64 insertions(+), 25 deletions(-) | 16 | 5 files changed, 64 insertions(+), 25 deletions(-) |
13 | 17 | ||
14 | diff --git a/src/Makefile.am b/src/Makefile.am | 18 | diff --git a/src/Makefile.am b/src/Makefile.am |
15 | index 3c98a8d..b8093d5 100644 | 19 | index f31fd7a..4a317a3 100644 |
16 | --- a/src/Makefile.am | 20 | --- a/src/Makefile.am |
17 | +++ b/src/Makefile.am | 21 | +++ b/src/Makefile.am |
18 | @@ -93,10 +93,10 @@ chgpasswd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBSELINUX) $(LIBCRYPT) | 22 | @@ -103,10 +103,10 @@ chsh_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT_NOPAM) |
19 | chsh_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) | 23 | chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) $(LIBECONF) |
20 | chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT) | 24 | expiry_LDADD = $(LDADD) $(LIBECONF) |
21 | gpasswd_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) | 25 | gpasswd_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) $(LIBECONF) |
22 | -groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) | 26 | -groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) |
23 | +groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) | 27 | +groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) $(LIBCRYPT) |
24 | groupdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) | 28 | groupdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) |
25 | groupmems_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) | 29 | groupmems_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) |
26 | -groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) | 30 | -groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) |
27 | +groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) | 31 | +groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) $(LIBCRYPT) |
28 | grpck_LDADD = $(LDADD) $(LIBSELINUX) | 32 | grpck_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) |
29 | grpconv_LDADD = $(LDADD) $(LIBSELINUX) | 33 | grpconv_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) |
30 | grpunconv_LDADD = $(LDADD) $(LIBSELINUX) | 34 | grpunconv_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) |
31 | @@ -117,9 +117,9 @@ su_SOURCES = \ | 35 | @@ -127,9 +127,9 @@ su_SOURCES = \ |
32 | suauth.c | 36 | suauth.c |
33 | su_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) | 37 | su_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) $(LIBECONF) |
34 | sulogin_LDADD = $(LDADD) $(LIBCRYPT) | 38 | sulogin_LDADD = $(LDADD) $(LIBCRYPT) $(LIBECONF) |
35 | -useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) | 39 | -useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF) |
36 | +useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBCRYPT) | 40 | +useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF) $(LIBCRYPT) |
37 | userdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) | 41 | userdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBECONF) |
38 | -usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) | 42 | -usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF) |
39 | +usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBCRYPT) | 43 | +usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF) $(LIBCRYPT) |
40 | vipw_LDADD = $(LDADD) $(LIBSELINUX) | 44 | vipw_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) |
41 | 45 | ||
42 | install-am: all-am | 46 | install-am: all-am |
43 | diff --git a/src/groupadd.c b/src/groupadd.c | 47 | diff --git a/src/groupadd.c b/src/groupadd.c |
44 | index b57006c..63e1c48 100644 | 48 | index e9c4bb7..d572c00 100644 |
45 | --- a/src/groupadd.c | 49 | --- a/src/groupadd.c |
46 | +++ b/src/groupadd.c | 50 | +++ b/src/groupadd.c |
47 | @@ -123,9 +123,10 @@ static /*@noreturn@*/void usage (int status) | 51 | @@ -127,9 +127,10 @@ static /*@noreturn@*/void usage (int status) |
48 | (void) fputs (_(" -o, --non-unique allow to create groups with duplicate\n" | 52 | (void) fputs (_(" -o, --non-unique allow to create groups with duplicate\n" |
49 | " (non-unique) GID\n"), usageout); | 53 | " (non-unique) GID\n"), usageout); |
50 | (void) fputs (_(" -p, --password PASSWORD use this encrypted password for the new group\n"), usageout); | 54 | (void) fputs (_(" -p, --password PASSWORD use this encrypted password for the new group\n"), usageout); |
@@ -56,7 +60,7 @@ index b57006c..63e1c48 100644 | |||
56 | (void) fputs ("\n", usageout); | 60 | (void) fputs ("\n", usageout); |
57 | exit (status); | 61 | exit (status); |
58 | } | 62 | } |
59 | @@ -387,13 +388,14 @@ static void process_flags (int argc, char **argv) | 63 | @@ -391,13 +392,14 @@ static void process_flags (int argc, char **argv) |
60 | {"key", required_argument, NULL, 'K'}, | 64 | {"key", required_argument, NULL, 'K'}, |
61 | {"non-unique", no_argument, NULL, 'o'}, | 65 | {"non-unique", no_argument, NULL, 'o'}, |
62 | {"password", required_argument, NULL, 'p'}, | 66 | {"password", required_argument, NULL, 'p'}, |
@@ -73,7 +77,7 @@ index b57006c..63e1c48 100644 | |||
73 | long_options, NULL)) != -1) { | 77 | long_options, NULL)) != -1) { |
74 | switch (c) { | 78 | switch (c) { |
75 | case 'f': | 79 | case 'f': |
76 | @@ -445,12 +447,20 @@ static void process_flags (int argc, char **argv) | 80 | @@ -449,12 +451,20 @@ static void process_flags (int argc, char **argv) |
77 | pflg = true; | 81 | pflg = true; |
78 | group_passwd = optarg; | 82 | group_passwd = optarg; |
79 | break; | 83 | break; |
@@ -95,7 +99,7 @@ index b57006c..63e1c48 100644 | |||
95 | break; | 99 | break; |
96 | default: | 100 | default: |
97 | usage (E_USAGE); | 101 | usage (E_USAGE); |
98 | @@ -584,7 +594,7 @@ int main (int argc, char **argv) | 102 | @@ -588,7 +598,7 @@ int main (int argc, char **argv) |
99 | (void) textdomain (PACKAGE); | 103 | (void) textdomain (PACKAGE); |
100 | 104 | ||
101 | process_root_flag ("-R", argc, argv); | 105 | process_root_flag ("-R", argc, argv); |
@@ -105,10 +109,10 @@ index b57006c..63e1c48 100644 | |||
105 | OPENLOG ("groupadd"); | 109 | OPENLOG ("groupadd"); |
106 | #ifdef WITH_AUDIT | 110 | #ifdef WITH_AUDIT |
107 | diff --git a/src/groupmod.c b/src/groupmod.c | 111 | diff --git a/src/groupmod.c b/src/groupmod.c |
108 | index b293b98..72daf2c 100644 | 112 | index bc14438..25ccb44 100644 |
109 | --- a/src/groupmod.c | 113 | --- a/src/groupmod.c |
110 | +++ b/src/groupmod.c | 114 | +++ b/src/groupmod.c |
111 | @@ -134,8 +134,9 @@ static void usage (int status) | 115 | @@ -138,8 +138,9 @@ static void usage (int status) |
112 | (void) fputs (_(" -o, --non-unique allow to use a duplicate (non-unique) GID\n"), usageout); | 116 | (void) fputs (_(" -o, --non-unique allow to use a duplicate (non-unique) GID\n"), usageout); |
113 | (void) fputs (_(" -p, --password PASSWORD change the password to this (encrypted)\n" | 117 | (void) fputs (_(" -p, --password PASSWORD change the password to this (encrypted)\n" |
114 | " PASSWORD\n"), usageout); | 118 | " PASSWORD\n"), usageout); |
@@ -119,7 +123,7 @@ index b293b98..72daf2c 100644 | |||
119 | (void) fputs ("\n", usageout); | 123 | (void) fputs ("\n", usageout); |
120 | exit (status); | 124 | exit (status); |
121 | } | 125 | } |
122 | @@ -383,11 +384,12 @@ static void process_flags (int argc, char **argv) | 126 | @@ -387,11 +388,12 @@ static void process_flags (int argc, char **argv) |
123 | {"new-name", required_argument, NULL, 'n'}, | 127 | {"new-name", required_argument, NULL, 'n'}, |
124 | {"non-unique", no_argument, NULL, 'o'}, | 128 | {"non-unique", no_argument, NULL, 'o'}, |
125 | {"password", required_argument, NULL, 'p'}, | 129 | {"password", required_argument, NULL, 'p'}, |
@@ -134,7 +138,7 @@ index b293b98..72daf2c 100644 | |||
134 | long_options, NULL)) != -1) { | 138 | long_options, NULL)) != -1) { |
135 | switch (c) { | 139 | switch (c) { |
136 | case 'g': | 140 | case 'g': |
137 | @@ -414,9 +416,17 @@ static void process_flags (int argc, char **argv) | 141 | @@ -418,9 +420,17 @@ static void process_flags (int argc, char **argv) |
138 | group_passwd = optarg; | 142 | group_passwd = optarg; |
139 | pflg = true; | 143 | pflg = true; |
140 | break; | 144 | break; |
@@ -153,7 +157,7 @@ index b293b98..72daf2c 100644 | |||
153 | break; | 157 | break; |
154 | default: | 158 | default: |
155 | usage (E_USAGE); | 159 | usage (E_USAGE); |
156 | @@ -757,7 +767,7 @@ int main (int argc, char **argv) | 160 | @@ -761,7 +771,7 @@ int main (int argc, char **argv) |
157 | (void) textdomain (PACKAGE); | 161 | (void) textdomain (PACKAGE); |
158 | 162 | ||
159 | process_root_flag ("-R", argc, argv); | 163 | process_root_flag ("-R", argc, argv); |
@@ -163,10 +167,10 @@ index b293b98..72daf2c 100644 | |||
163 | OPENLOG ("groupmod"); | 167 | OPENLOG ("groupmod"); |
164 | #ifdef WITH_AUDIT | 168 | #ifdef WITH_AUDIT |
165 | diff --git a/src/useradd.c b/src/useradd.c | 169 | diff --git a/src/useradd.c b/src/useradd.c |
166 | index c74e491..7214e72 100644 | 170 | index 1b7bf06..44f09e2 100644 |
167 | --- a/src/useradd.c | 171 | --- a/src/useradd.c |
168 | +++ b/src/useradd.c | 172 | +++ b/src/useradd.c |
169 | @@ -829,9 +829,10 @@ static void usage (int status) | 173 | @@ -853,9 +853,10 @@ static void usage (int status) |
170 | (void) fputs (_(" -o, --non-unique allow to create users with duplicate\n" | 174 | (void) fputs (_(" -o, --non-unique allow to create users with duplicate\n" |
171 | " (non-unique) UID\n"), usageout); | 175 | " (non-unique) UID\n"), usageout); |
172 | (void) fputs (_(" -p, --password PASSWORD encrypted password of the new account\n"), usageout); | 176 | (void) fputs (_(" -p, --password PASSWORD encrypted password of the new account\n"), usageout); |
@@ -178,7 +182,7 @@ index c74e491..7214e72 100644 | |||
178 | (void) fputs (_(" -s, --shell SHELL login shell of the new account\n"), usageout); | 182 | (void) fputs (_(" -s, --shell SHELL login shell of the new account\n"), usageout); |
179 | (void) fputs (_(" -u, --uid UID user ID of the new account\n"), usageout); | 183 | (void) fputs (_(" -u, --uid UID user ID of the new account\n"), usageout); |
180 | (void) fputs (_(" -U, --user-group create a group with the same name as the user\n"), usageout); | 184 | (void) fputs (_(" -U, --user-group create a group with the same name as the user\n"), usageout); |
181 | @@ -1104,9 +1105,10 @@ static void process_flags (int argc, char **argv) | 185 | @@ -1133,9 +1134,10 @@ static void process_flags (int argc, char **argv) |
182 | {"no-user-group", no_argument, NULL, 'N'}, | 186 | {"no-user-group", no_argument, NULL, 'N'}, |
183 | {"non-unique", no_argument, NULL, 'o'}, | 187 | {"non-unique", no_argument, NULL, 'o'}, |
184 | {"password", required_argument, NULL, 'p'}, | 188 | {"password", required_argument, NULL, 'p'}, |
@@ -190,7 +194,7 @@ index c74e491..7214e72 100644 | |||
190 | {"shell", required_argument, NULL, 's'}, | 194 | {"shell", required_argument, NULL, 's'}, |
191 | {"uid", required_argument, NULL, 'u'}, | 195 | {"uid", required_argument, NULL, 'u'}, |
192 | {"user-group", no_argument, NULL, 'U'}, | 196 | {"user-group", no_argument, NULL, 'U'}, |
193 | @@ -1117,9 +1119,9 @@ static void process_flags (int argc, char **argv) | 197 | @@ -1146,9 +1148,9 @@ static void process_flags (int argc, char **argv) |
194 | }; | 198 | }; |
195 | while ((c = getopt_long (argc, argv, | 199 | while ((c = getopt_long (argc, argv, |
196 | #ifdef WITH_SELINUX | 200 | #ifdef WITH_SELINUX |
@@ -202,7 +206,7 @@ index c74e491..7214e72 100644 | |||
202 | #endif /* !WITH_SELINUX */ | 206 | #endif /* !WITH_SELINUX */ |
203 | long_options, NULL)) != -1) { | 207 | long_options, NULL)) != -1) { |
204 | switch (c) { | 208 | switch (c) { |
205 | @@ -1285,12 +1287,19 @@ static void process_flags (int argc, char **argv) | 209 | @@ -1320,12 +1322,19 @@ static void process_flags (int argc, char **argv) |
206 | } | 210 | } |
207 | user_pass = optarg; | 211 | user_pass = optarg; |
208 | break; | 212 | break; |
@@ -223,7 +227,7 @@ index c74e491..7214e72 100644 | |||
223 | break; | 227 | break; |
224 | case 's': | 228 | case 's': |
225 | if ( ( !VALID (optarg) ) | 229 | if ( ( !VALID (optarg) ) |
226 | @@ -2148,7 +2157,7 @@ int main (int argc, char **argv) | 230 | @@ -2257,7 +2266,7 @@ int main (int argc, char **argv) |
227 | 231 | ||
228 | process_root_flag ("-R", argc, argv); | 232 | process_root_flag ("-R", argc, argv); |
229 | 233 | ||
@@ -233,10 +237,10 @@ index c74e491..7214e72 100644 | |||
233 | OPENLOG ("useradd"); | 237 | OPENLOG ("useradd"); |
234 | #ifdef WITH_AUDIT | 238 | #ifdef WITH_AUDIT |
235 | diff --git a/src/usermod.c b/src/usermod.c | 239 | diff --git a/src/usermod.c b/src/usermod.c |
236 | index e571426..ccfbb99 100644 | 240 | index 21c6da9..cffdb3e 100644 |
237 | --- a/src/usermod.c | 241 | --- a/src/usermod.c |
238 | +++ b/src/usermod.c | 242 | +++ b/src/usermod.c |
239 | @@ -424,8 +424,9 @@ static /*@noreturn@*/void usage (int status) | 243 | @@ -431,8 +431,9 @@ static /*@noreturn@*/void usage (int status) |
240 | " new location (use only with -d)\n"), usageout); | 244 | " new location (use only with -d)\n"), usageout); |
241 | (void) fputs (_(" -o, --non-unique allow using duplicate (non-unique) UID\n"), usageout); | 245 | (void) fputs (_(" -o, --non-unique allow using duplicate (non-unique) UID\n"), usageout); |
242 | (void) fputs (_(" -p, --password PASSWORD use encrypted password for the new password\n"), usageout); | 246 | (void) fputs (_(" -p, --password PASSWORD use encrypted password for the new password\n"), usageout); |
@@ -247,7 +251,7 @@ index e571426..ccfbb99 100644 | |||
247 | (void) fputs (_(" -s, --shell SHELL new login shell for the user account\n"), usageout); | 251 | (void) fputs (_(" -s, --shell SHELL new login shell for the user account\n"), usageout); |
248 | (void) fputs (_(" -u, --uid UID new UID for the user account\n"), usageout); | 252 | (void) fputs (_(" -u, --uid UID new UID for the user account\n"), usageout); |
249 | (void) fputs (_(" -U, --unlock unlock the user account\n"), usageout); | 253 | (void) fputs (_(" -U, --unlock unlock the user account\n"), usageout); |
250 | @@ -1002,8 +1003,9 @@ static void process_flags (int argc, char **argv) | 254 | @@ -1010,8 +1011,9 @@ static void process_flags (int argc, char **argv) |
251 | {"move-home", no_argument, NULL, 'm'}, | 255 | {"move-home", no_argument, NULL, 'm'}, |
252 | {"non-unique", no_argument, NULL, 'o'}, | 256 | {"non-unique", no_argument, NULL, 'o'}, |
253 | {"password", required_argument, NULL, 'p'}, | 257 | {"password", required_argument, NULL, 'p'}, |
@@ -258,16 +262,16 @@ index e571426..ccfbb99 100644 | |||
258 | {"shell", required_argument, NULL, 's'}, | 262 | {"shell", required_argument, NULL, 's'}, |
259 | {"uid", required_argument, NULL, 'u'}, | 263 | {"uid", required_argument, NULL, 'u'}, |
260 | {"unlock", no_argument, NULL, 'U'}, | 264 | {"unlock", no_argument, NULL, 'U'}, |
261 | @@ -1019,7 +1021,7 @@ static void process_flags (int argc, char **argv) | 265 | @@ -1027,7 +1029,7 @@ static void process_flags (int argc, char **argv) |
262 | {NULL, 0, NULL, '\0'} | 266 | {NULL, 0, NULL, '\0'} |
263 | }; | 267 | }; |
264 | while ((c = getopt_long (argc, argv, | 268 | while ((c = getopt_long (argc, argv, |
265 | - "ac:d:e:f:g:G:hl:Lmop:R:s:u:UP:" | 269 | - "abc:d:e:f:g:G:hl:Lmop:R:s:u:UP:" |
266 | + "ac:d:e:f:g:G:hl:Lmop:P:R:s:u:UA:" | 270 | + "abc:d:e:f:g:G:hl:Lmop:P:R:s:u:UA:" |
267 | #ifdef ENABLE_SUBIDS | 271 | #ifdef ENABLE_SUBIDS |
268 | "v:w:V:W:" | 272 | "v:w:V:W:" |
269 | #endif /* ENABLE_SUBIDS */ | 273 | #endif /* ENABLE_SUBIDS */ |
270 | @@ -1119,9 +1121,17 @@ static void process_flags (int argc, char **argv) | 274 | @@ -1130,9 +1132,17 @@ static void process_flags (int argc, char **argv) |
271 | user_pass = optarg; | 275 | user_pass = optarg; |
272 | pflg = true; | 276 | pflg = true; |
273 | break; | 277 | break; |
@@ -286,7 +290,7 @@ index e571426..ccfbb99 100644 | |||
286 | break; | 290 | break; |
287 | case 's': | 291 | case 's': |
288 | if (!VALID (optarg)) { | 292 | if (!VALID (optarg)) { |
289 | @@ -2098,7 +2108,7 @@ int main (int argc, char **argv) | 293 | @@ -2127,7 +2137,7 @@ int main (int argc, char **argv) |
290 | (void) textdomain (PACKAGE); | 294 | (void) textdomain (PACKAGE); |
291 | 295 | ||
292 | process_root_flag ("-R", argc, argv); | 296 | process_root_flag ("-R", argc, argv); |
@@ -295,6 +299,3 @@ index e571426..ccfbb99 100644 | |||
295 | 299 | ||
296 | OPENLOG ("usermod"); | 300 | OPENLOG ("usermod"); |
297 | #ifdef WITH_AUDIT | 301 | #ifdef WITH_AUDIT |
298 | -- | ||
299 | 2.11.0 | ||
300 | |||
diff --git a/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch b/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch index 4fa3d184ed..9825216369 100644 --- a/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch +++ b/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch | |||
@@ -1,3 +1,8 @@ | |||
1 | From 66533c7c6f347d257020675a1ed6e0c59cbbc3f0 Mon Sep 17 00:00:00 2001 | ||
2 | From: Chen Qi <Qi.Chen@windriver.com> | ||
3 | Date: Thu, 17 Jul 2014 15:53:34 +0800 | ||
4 | Subject: [PATCH] commonio.c-fix-unexpected-open-failure-in-chroot-env | ||
5 | |||
1 | Upstream-Status: Inappropriate [OE specific] | 6 | Upstream-Status: Inappropriate [OE specific] |
2 | 7 | ||
3 | commonio.c: fix unexpected open failure in chroot environment | 8 | commonio.c: fix unexpected open failure in chroot environment |
@@ -10,15 +15,16 @@ Note that this patch doesn't change the logic in the code, it just expands | |||
10 | the codes. | 15 | the codes. |
11 | 16 | ||
12 | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> | 17 | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> |
18 | |||
13 | --- | 19 | --- |
14 | lib/commonio.c | 16 ++++++++++++---- | 20 | lib/commonio.c | 16 ++++++++++++---- |
15 | 1 file changed, 12 insertions(+), 4 deletions(-) | 21 | 1 file changed, 12 insertions(+), 4 deletions(-) |
16 | 22 | ||
17 | diff --git a/lib/commonio.c b/lib/commonio.c | 23 | diff --git a/lib/commonio.c b/lib/commonio.c |
18 | index cc536bf..51cafd9 100644 | 24 | index 16fa7e7..d6bc297 100644 |
19 | --- a/lib/commonio.c | 25 | --- a/lib/commonio.c |
20 | +++ b/lib/commonio.c | 26 | +++ b/lib/commonio.c |
21 | @@ -613,10 +613,18 @@ int commonio_open (struct commonio_db *db, int mode) | 27 | @@ -632,10 +632,18 @@ int commonio_open (struct commonio_db *db, int mode) |
22 | db->cursor = NULL; | 28 | db->cursor = NULL; |
23 | db->changed = false; | 29 | db->changed = false; |
24 | 30 | ||
@@ -41,6 +47,3 @@ index cc536bf..51cafd9 100644 | |||
41 | db->fp = NULL; | 47 | db->fp = NULL; |
42 | if (fd >= 0) { | 48 | if (fd >= 0) { |
43 | #ifdef WITH_TCB | 49 | #ifdef WITH_TCB |
44 | -- | ||
45 | 1.7.9.5 | ||
46 | |||
diff --git a/meta/recipes-extended/shadow/files/shadow-relaxed-usernames.patch b/meta/recipes-extended/shadow/files/shadow-relaxed-usernames.patch index 1af04d5fe8..cc833362e9 100644 --- a/meta/recipes-extended/shadow/files/shadow-relaxed-usernames.patch +++ b/meta/recipes-extended/shadow/files/shadow-relaxed-usernames.patch | |||
@@ -1,26 +1,37 @@ | |||
1 | From ca472d6866e545aaa70a70020e3226f236a8aafc Mon Sep 17 00:00:00 2001 | ||
2 | From: Shan Hai <shan.hai@windriver.com> | ||
3 | Date: Tue, 13 Sep 2016 13:45:46 +0800 | ||
4 | Subject: [PATCH] shadow: use relaxed usernames | ||
1 | 5 | ||
2 | The groupadd from shadow does not allow upper case group names, the | 6 | The groupadd from shadow does not allow upper case group names, the |
3 | same is true for the upstream shadow. But distributions like | 7 | same is true for the upstream shadow. But distributions like |
4 | Debian/Ubuntu/CentOS has their own way to cope with this problem, | 8 | Debian/Ubuntu/CentOS has their own way to cope with this problem, |
5 | this patch is picked up from CentOS release 7.0 to relax the usernames | 9 | this patch is picked up from CentOS release 7.0 to relax the usernames |
6 | restrictions to allow the upper case group names, and the relaxation is | 10 | restrictions to allow the upper case group names, and the relaxation is |
7 | POSIX compliant because POSIX indicate that usernames are composed of | 11 | POSIX compliant because POSIX indicate that usernames are composed of |
8 | characters from the portable filename character set [A-Za-z0-9._-]. | 12 | characters from the portable filename character set [A-Za-z0-9._-]. |
9 | 13 | ||
10 | Upstream-Status: Pending | 14 | Upstream-Status: Pending |
11 | 15 | ||
12 | Signed-off-by: Shan Hai <shan.hai@windriver.com> | 16 | Signed-off-by: Shan Hai <shan.hai@windriver.com> |
13 | 17 | ||
14 | diff -urpN a/libmisc/chkname.c b/libmisc/chkname.c | 18 | --- |
15 | index 5089112..f40a0da 100644 | 19 | libmisc/chkname.c | 30 ++++++++++++++++++------------ |
20 | man/groupadd.8.xml | 6 ------ | ||
21 | man/useradd.8.xml | 8 +------- | ||
22 | 3 files changed, 19 insertions(+), 25 deletions(-) | ||
23 | |||
24 | diff --git a/libmisc/chkname.c b/libmisc/chkname.c | ||
25 | index 90f185c..65762b4 100644 | ||
16 | --- a/libmisc/chkname.c | 26 | --- a/libmisc/chkname.c |
17 | +++ b/libmisc/chkname.c | 27 | +++ b/libmisc/chkname.c |
18 | @@ -49,21 +49,28 @@ | 28 | @@ -55,22 +55,28 @@ static bool is_valid_name (const char *name) |
19 | static bool is_valid_name (const char *name) | 29 | } |
20 | { | 30 | |
21 | /* | 31 | /* |
22 | - * User/group names must match [a-z_][a-z0-9_-]*[$] | 32 | - * User/group names must match [a-z_][a-z0-9_-]*[$] |
23 | - */ | 33 | - */ |
34 | - | ||
24 | - if (('\0' == *name) || | 35 | - if (('\0' == *name) || |
25 | - !((('a' <= *name) && ('z' >= *name)) || ('_' == *name))) { | 36 | - !((('a' <= *name) && ('z' >= *name)) || ('_' == *name))) { |
26 | + * User/group names must match gnu e-regex: | 37 | + * User/group names must match gnu e-regex: |
@@ -55,28 +66,28 @@ index 5089112..f40a0da 100644 | |||
55 | return false; | 66 | return false; |
56 | } | 67 | } |
57 | } | 68 | } |
58 | diff -urpN a/man/groupadd.8.xml b/man/groupadd.8.xml | 69 | diff --git a/man/groupadd.8.xml b/man/groupadd.8.xml |
59 | index 230fd0c..94f7807 100644 | 70 | index 1e58f09..d804b61 100644 |
60 | --- a/man/groupadd.8.xml | 71 | --- a/man/groupadd.8.xml |
61 | +++ b/man/groupadd.8.xml | 72 | +++ b/man/groupadd.8.xml |
62 | @@ -222,12 +222,6 @@ | 73 | @@ -272,12 +272,6 @@ |
74 | |||
63 | <refsect1 id='caveats'> | 75 | <refsect1 id='caveats'> |
64 | <title>CAVEATS</title> | 76 | <title>CAVEATS</title> |
65 | <para> | 77 | - <para> |
66 | - Groupnames must start with a lower case letter or an underscore, | 78 | - Groupnames must start with a lower case letter or an underscore, |
67 | - followed by lower case letters, digits, underscores, or dashes. | 79 | - followed by lower case letters, digits, underscores, or dashes. |
68 | - They can end with a dollar sign. | 80 | - They can end with a dollar sign. |
69 | - In regular expression terms: [a-z_][a-z0-9_-]*[$]? | 81 | - In regular expression terms: [a-z_][a-z0-9_-]*[$]? |
70 | - </para> | 82 | - </para> |
71 | - <para> | 83 | <para> |
72 | Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long. | 84 | Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long. |
73 | </para> | 85 | </para> |
74 | <para> | 86 | diff --git a/man/useradd.8.xml b/man/useradd.8.xml |
75 | diff -urpN a/man/useradd.8.xml b/man/useradd.8.xml | 87 | index a16d730..c0bd777 100644 |
76 | index 5dec989..fe623b9 100644 | ||
77 | --- a/man/useradd.8.xml | 88 | --- a/man/useradd.8.xml |
78 | +++ b/man/useradd.8.xml | 89 | +++ b/man/useradd.8.xml |
79 | @@ -336,7 +336,7 @@ | 90 | @@ -366,7 +366,7 @@ |
80 | </term> | 91 | </term> |
81 | <listitem> | 92 | <listitem> |
82 | <para> | 93 | <para> |
@@ -85,16 +96,16 @@ index 5dec989..fe623b9 100644 | |||
85 | wide setting from <filename>/etc/login.defs</filename> | 96 | wide setting from <filename>/etc/login.defs</filename> |
86 | (<option>CREATE_HOME</option>) is set to | 97 | (<option>CREATE_HOME</option>) is set to |
87 | <replaceable>yes</replaceable>. | 98 | <replaceable>yes</replaceable>. |
88 | @@ -607,12 +607,6 @@ | 99 | @@ -660,12 +660,6 @@ |
100 | the user account creation request. | ||
89 | </para> | 101 | </para> |
90 | 102 | ||
91 | <para> | 103 | - <para> |
92 | - Usernames must start with a lower case letter or an underscore, | 104 | - Usernames must start with a lower case letter or an underscore, |
93 | - followed by lower case letters, digits, underscores, or dashes. | 105 | - followed by lower case letters, digits, underscores, or dashes. |
94 | - They can end with a dollar sign. | 106 | - They can end with a dollar sign. |
95 | - In regular expression terms: [a-z_][a-z0-9_-]*[$]? | 107 | - In regular expression terms: [a-z_][a-z0-9_-]*[$]? |
96 | - </para> | 108 | - </para> |
97 | - <para> | 109 | <para> |
98 | Usernames may only be up to 32 characters long. | 110 | Usernames may only be up to 32 characters long. |
99 | </para> | 111 | </para> |
100 | </refsect1> | ||