diff options
author | Chen Qi <Qi.Chen@windriver.com> | 2018-07-27 16:04:34 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-07-30 12:44:35 +0100 |
commit | ffb63803eac6ba97d1b9e1f3d648bc4d81bf0276 (patch) | |
tree | d29c106cf81ae93e47b30aaaf87e10bbcdfc10eb /meta/recipes-extended/shadow/shadow-securetty_4.6.bb | |
parent | 96f011e628fe360644bfdd7650145b996d61740c (diff) | |
download | poky-ffb63803eac6ba97d1b9e1f3d648bc4d81bf0276.tar.gz |
shadow: upgrade 4.2.1 -> 4.6
The following patches are removed because problems have been fixed in this version.
0001-shadow-CVE-2017-12424
fix-installation-failure-with-subids-disabled.patch
usermod-fix-compilation-failure-with-subids-disabled.patch
CVE-2017-2616.patch
check_size_of_uid_t_and_gid_t_using_AC_CHECK_SIZEOF.patch
0001-Do-not-read-login.defs-before-doing-chroot.patch
The following patches are rebased.
0001-Disable-use-of-syslog-for-sysroot.patch
0001-useradd-copy-extended-attributes-of-home.patch
0001-useradd.c-create-parent-directories-when-necessary.patch
allow-for-setting-password-in-clear-text.patch
(From OE-Core rev: 79dd22729d5b8a2f2cf4294ff6b261c9d6ecd977)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/shadow/shadow-securetty_4.6.bb')
-rw-r--r-- | meta/recipes-extended/shadow/shadow-securetty_4.6.bb | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/meta/recipes-extended/shadow/shadow-securetty_4.6.bb b/meta/recipes-extended/shadow/shadow-securetty_4.6.bb new file mode 100644 index 0000000000..c78f888cf4 --- /dev/null +++ b/meta/recipes-extended/shadow/shadow-securetty_4.6.bb | |||
@@ -0,0 +1,38 @@ | |||
1 | SUMMARY = "Provider of the machine specific securetty file" | ||
2 | SECTION = "base utils" | ||
3 | LICENSE = "MIT" | ||
4 | LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" | ||
5 | |||
6 | INHIBIT_DEFAULT_DEPS = "1" | ||
7 | |||
8 | PR = "r3" | ||
9 | |||
10 | SRC_URI = "file://securetty" | ||
11 | |||
12 | S = "${WORKDIR}" | ||
13 | |||
14 | # Since SERIAL_CONSOLES is likely to be set from the machine configuration | ||
15 | PACKAGE_ARCH = "${MACHINE_ARCH}" | ||
16 | |||
17 | do_install () { | ||
18 | # Ensure we add a suitable securetty file to the package that has | ||
19 | # most common embedded TTYs defined. | ||
20 | install -d ${D}${sysconfdir} | ||
21 | install -m 0400 ${WORKDIR}/securetty ${D}${sysconfdir}/securetty | ||
22 | if [ ! -z "${SERIAL_CONSOLES}" ]; then | ||
23 | # Our SERIAL_CONSOLES contains a baud rate and sometimes extra | ||
24 | # options as well. The following pearl :) takes that and converts | ||
25 | # it into newline-separated tty's and appends them into | ||
26 | # securetty. So if a machine has a weird looking console device | ||
27 | # node (e.g. ttyAMA0) that securetty does not know, it will get | ||
28 | # appended to securetty and root logins will be allowed on that | ||
29 | # console. | ||
30 | tmp="${SERIAL_CONSOLES}" | ||
31 | for entry in $tmp ; do | ||
32 | ttydev=`echo "$entry" | sed -e 's/^[0-9]*\;//' -e 's/\;.*//'` | ||
33 | if ! grep -q $ttydev ${D}${sysconfdir}/securetty; then | ||
34 | echo $ttydev >> ${D}${sysconfdir}/securetty | ||
35 | fi | ||
36 | done | ||
37 | fi | ||
38 | } | ||