diff options
| author | José Bollo <jose.bollo@iot.bzh> | 2017-03-13 10:57:23 +0100 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-03-17 16:53:05 +0000 |
| commit | 39858da23037b377604c2770c659505a12f90e30 (patch) | |
| tree | 0ba7dc44bebb3705669fa7590bcbe893c929b753 /meta/recipes-extended/shadow/shadow.inc | |
| parent | 36f3c889709c492c6a451cc0326e1f760903aa8c (diff) | |
| download | poky-39858da23037b377604c2770c659505a12f90e30.tar.gz | |
shadow: 'useradd' copies root's extended attributes
The copy of extended attributes is interesting for
Smack systems because it allows to set the security
template of the user's home directories without
modifying the tools (useradd here). But the version
of useradd that copies the extended attributes doesn't
copy the extended attributes of the root. This can make
use of homes impossible! This patch corrects the issue
by copying the extended attributes of the root directory:
/home/user will get the extended attributes of /etc/skel.
The patch is submitted upstream (see
http://lists.alioth.debian.org/pipermail/pkg-shadow-commits/2017-March/003804.html)
The existing patch specific to open-embedded is updated:
0001-useradd.c-create-parent-directories-when-necessary.patch
Also, attr are activated for native tools.
This is needed when users are created during image creation.
(From OE-Core rev: eed66e85af5ca6bbdd80cc3d5cf8453e8d8880bc)
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/shadow/shadow.inc')
| -rw-r--r-- | meta/recipes-extended/shadow/shadow.inc | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/meta/recipes-extended/shadow/shadow.inc b/meta/recipes-extended/shadow/shadow.inc index e59ff640e3..25283a9741 100644 --- a/meta/recipes-extended/shadow/shadow.inc +++ b/meta/recipes-extended/shadow/shadow.inc | |||
| @@ -15,6 +15,7 @@ SRC_URI = "http://pkg-shadow.alioth.debian.org/releases/${BPN}-${PV}.tar.xz \ | |||
| 15 | file://fix-installation-failure-with-subids-disabled.patch \ | 15 | file://fix-installation-failure-with-subids-disabled.patch \ |
| 16 | file://0001-Do-not-read-login.defs-before-doing-chroot.patch \ | 16 | file://0001-Do-not-read-login.defs-before-doing-chroot.patch \ |
| 17 | file://check_size_of_uid_t_and_gid_t_using_AC_CHECK_SIZEOF.patch \ | 17 | file://check_size_of_uid_t_and_gid_t_using_AC_CHECK_SIZEOF.patch \ |
| 18 | file://0001-useradd-copy-extended-attributes-of-home.patch \ | ||
| 18 | ${@bb.utils.contains('PACKAGECONFIG', 'pam', '${PAM_SRC_URI}', '', d)} \ | 19 | ${@bb.utils.contains('PACKAGECONFIG', 'pam', '${PAM_SRC_URI}', '', d)} \ |
| 19 | " | 20 | " |
| 20 | 21 | ||
| @@ -76,7 +77,7 @@ PAM_PLUGINS = "libpam-runtime \ | |||
| 76 | 77 | ||
| 77 | PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \ | 78 | PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \ |
| 78 | ${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'attr', '', d)}" | 79 | ${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'attr', '', d)}" |
| 79 | PACKAGECONFIG_class-native = "" | 80 | PACKAGECONFIG_class-native ??= "${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'attr', '', d)}" |
| 80 | PACKAGECONFIG_class-nativesdk = "" | 81 | PACKAGECONFIG_class-nativesdk = "" |
| 81 | PACKAGECONFIG[pam] = "--with-libpam,--without-libpam,libpam,${PAM_PLUGINS}" | 82 | PACKAGECONFIG[pam] = "--with-libpam,--without-libpam,libpam,${PAM_PLUGINS}" |
| 82 | PACKAGECONFIG[attr] = "--with-attr,--without-attr,attr" | 83 | PACKAGECONFIG[attr] = "--with-attr,--without-attr,attr" |