diff options
author | Alexander Kanavin <alex.kanavin@gmail.com> | 2021-07-30 13:45:04 +0200 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2021-08-02 15:44:11 +0100 |
commit | 087070bf2156681bd6a5b3bac89f9712545a6768 (patch) | |
tree | 386640e18e2ea74d0d46967222d0a3cbb2f670f8 /meta/recipes-extended | |
parent | ebee9854d735bf6321020e791ca84389dc91834b (diff) | |
download | poky-087070bf2156681bd6a5b3bac89f9712545a6768.tar.gz |
shadow: update 4.8.1 -> 4.9
Add a couple backports to fix builds.
Drop 0002-Allow-for-setting-password-in-clear-text.patch;
what it adds is horribly insecure and AB testing didn't reveal any
regressions or use cases for it.
Drop /etc/default/ tweaks as files are no longer installed there.
Drop manpage alternatives as manpages are no longer installed.
(From OE-Core rev: 759df7395908f18b3b68f28d043ac9ebd42dd0c8)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended')
-rw-r--r-- | meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch | 29 | ||||
-rw-r--r-- | meta/recipes-extended/shadow/files/0001-Fix-out-of-tree-builds-with-respect-to-libsubid-incl.patch | 114 | ||||
-rw-r--r-- | meta/recipes-extended/shadow/files/0001-libsubid-link-to-PAM-libraries.patch | 31 | ||||
-rw-r--r-- | meta/recipes-extended/shadow/files/0002-Allow-for-setting-password-in-clear-text.patch | 301 | ||||
-rw-r--r-- | meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch | 6 | ||||
-rw-r--r-- | meta/recipes-extended/shadow/shadow.inc | 21 | ||||
-rw-r--r-- | meta/recipes-extended/shadow/shadow_4.9.bb (renamed from meta/recipes-extended/shadow/shadow_4.8.1.bb) | 0 |
7 files changed, 167 insertions, 335 deletions
diff --git a/meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch b/meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch index ab317b9aa0..95728bcd3f 100644 --- a/meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch +++ b/meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From fa2d9453656641002802d8165e80adb9e6a729d2 Mon Sep 17 00:00:00 2001 | 1 | From 30a3906a0a21120fa6bbc918b6258ab9303fbeaa Mon Sep 17 00:00:00 2001 |
2 | From: Scott Garman <scott.a.garman@intel.com> | 2 | From: Scott Garman <scott.a.garman@intel.com> |
3 | Date: Thu, 14 Apr 2016 12:28:57 +0200 | 3 | Date: Thu, 14 Apr 2016 12:28:57 +0200 |
4 | Subject: [PATCH] Disable use of syslog for sysroot | 4 | Subject: [PATCH] Disable use of syslog for sysroot |
@@ -19,12 +19,12 @@ Signed-off-by: Chen Qi <Qi.Chen@windriver.com> | |||
19 | src/groupmems.c | 3 +++ | 19 | src/groupmems.c | 3 +++ |
20 | src/groupmod.c | 3 +++ | 20 | src/groupmod.c | 3 +++ |
21 | src/useradd.c | 3 +++ | 21 | src/useradd.c | 3 +++ |
22 | src/userdel.c | 3 +++ | 22 | src/userdel.c | 4 ++++ |
23 | src/usermod.c | 3 +++ | 23 | src/usermod.c | 3 +++ |
24 | 7 files changed, 21 insertions(+) | 24 | 7 files changed, 22 insertions(+) |
25 | 25 | ||
26 | diff --git a/src/groupadd.c b/src/groupadd.c | 26 | diff --git a/src/groupadd.c b/src/groupadd.c |
27 | index 2dd8eec..e9c4bb7 100644 | 27 | index d7f68b1..5fe5f43 100644 |
28 | --- a/src/groupadd.c | 28 | --- a/src/groupadd.c |
29 | +++ b/src/groupadd.c | 29 | +++ b/src/groupadd.c |
30 | @@ -34,6 +34,9 @@ | 30 | @@ -34,6 +34,9 @@ |
@@ -38,7 +38,7 @@ index 2dd8eec..e9c4bb7 100644 | |||
38 | #include <fcntl.h> | 38 | #include <fcntl.h> |
39 | #include <getopt.h> | 39 | #include <getopt.h> |
40 | diff --git a/src/groupdel.c b/src/groupdel.c | 40 | diff --git a/src/groupdel.c b/src/groupdel.c |
41 | index f941a84..5a70056 100644 | 41 | index 5c89312..2aefc5a 100644 |
42 | --- a/src/groupdel.c | 42 | --- a/src/groupdel.c |
43 | +++ b/src/groupdel.c | 43 | +++ b/src/groupdel.c |
44 | @@ -34,6 +34,9 @@ | 44 | @@ -34,6 +34,9 @@ |
@@ -52,7 +52,7 @@ index f941a84..5a70056 100644 | |||
52 | #include <fcntl.h> | 52 | #include <fcntl.h> |
53 | #include <grp.h> | 53 | #include <grp.h> |
54 | diff --git a/src/groupmems.c b/src/groupmems.c | 54 | diff --git a/src/groupmems.c b/src/groupmems.c |
55 | index fc91c8b..2842514 100644 | 55 | index 654a8f3..6b2026b 100644 |
56 | --- a/src/groupmems.c | 56 | --- a/src/groupmems.c |
57 | +++ b/src/groupmems.c | 57 | +++ b/src/groupmems.c |
58 | @@ -32,6 +32,9 @@ | 58 | @@ -32,6 +32,9 @@ |
@@ -66,7 +66,7 @@ index fc91c8b..2842514 100644 | |||
66 | #include <getopt.h> | 66 | #include <getopt.h> |
67 | #include <grp.h> | 67 | #include <grp.h> |
68 | diff --git a/src/groupmod.c b/src/groupmod.c | 68 | diff --git a/src/groupmod.c b/src/groupmod.c |
69 | index 1dca5fc..bc14438 100644 | 69 | index acd6f35..a2c5247 100644 |
70 | --- a/src/groupmod.c | 70 | --- a/src/groupmod.c |
71 | +++ b/src/groupmod.c | 71 | +++ b/src/groupmod.c |
72 | @@ -34,6 +34,9 @@ | 72 | @@ -34,6 +34,9 @@ |
@@ -80,7 +80,7 @@ index 1dca5fc..bc14438 100644 | |||
80 | #include <fcntl.h> | 80 | #include <fcntl.h> |
81 | #include <getopt.h> | 81 | #include <getopt.h> |
82 | diff --git a/src/useradd.c b/src/useradd.c | 82 | diff --git a/src/useradd.c b/src/useradd.c |
83 | index 4af0f7c..1b7bf06 100644 | 83 | index 127177e..b80e505 100644 |
84 | --- a/src/useradd.c | 84 | --- a/src/useradd.c |
85 | +++ b/src/useradd.c | 85 | +++ b/src/useradd.c |
86 | @@ -34,6 +34,9 @@ | 86 | @@ -34,6 +34,9 @@ |
@@ -94,21 +94,22 @@ index 4af0f7c..1b7bf06 100644 | |||
94 | #include <ctype.h> | 94 | #include <ctype.h> |
95 | #include <errno.h> | 95 | #include <errno.h> |
96 | diff --git a/src/userdel.c b/src/userdel.c | 96 | diff --git a/src/userdel.c b/src/userdel.c |
97 | index cc951e5..153e0be 100644 | 97 | index 79a7c89..c1e010a 100644 |
98 | --- a/src/userdel.c | 98 | --- a/src/userdel.c |
99 | +++ b/src/userdel.c | 99 | +++ b/src/userdel.c |
100 | @@ -34,6 +34,9 @@ | 100 | @@ -31,6 +31,10 @@ |
101 | 101 | */ | |
102 | #ident "$Id$" | ||
103 | 102 | ||
103 | #include <config.h> | ||
104 | + | ||
104 | +/* Disable use of syslog since we're running this command against a sysroot */ | 105 | +/* Disable use of syslog since we're running this command against a sysroot */ |
105 | +#undef USE_SYSLOG | 106 | +#undef USE_SYSLOG |
106 | + | 107 | + |
107 | #include <assert.h> | 108 | #include <assert.h> |
109 | #include <dirent.h> | ||
108 | #include <errno.h> | 110 | #include <errno.h> |
109 | #include <fcntl.h> | ||
110 | diff --git a/src/usermod.c b/src/usermod.c | 111 | diff --git a/src/usermod.c b/src/usermod.c |
111 | index 05b9871..21c6da9 100644 | 112 | index 03bb9b9..e15fdd4 100644 |
112 | --- a/src/usermod.c | 113 | --- a/src/usermod.c |
113 | +++ b/src/usermod.c | 114 | +++ b/src/usermod.c |
114 | @@ -34,6 +34,9 @@ | 115 | @@ -34,6 +34,9 @@ |
diff --git a/meta/recipes-extended/shadow/files/0001-Fix-out-of-tree-builds-with-respect-to-libsubid-incl.patch b/meta/recipes-extended/shadow/files/0001-Fix-out-of-tree-builds-with-respect-to-libsubid-incl.patch new file mode 100644 index 0000000000..c577be6505 --- /dev/null +++ b/meta/recipes-extended/shadow/files/0001-Fix-out-of-tree-builds-with-respect-to-libsubid-incl.patch | |||
@@ -0,0 +1,114 @@ | |||
1 | From eced8077b57946fe0b723e7c6c510e8f344ce89b Mon Sep 17 00:00:00 2001 | ||
2 | From: Serge Hallyn <serge@hallyn.com> | ||
3 | Date: Fri, 23 Jul 2021 17:51:13 -0500 | ||
4 | Subject: [PATCH] Fix out of tree builds with respect to libsubid includes | ||
5 | |||
6 | There's a better way to do this, and I hope to clean that up, | ||
7 | but this fixes out of tree builds for me right now. | ||
8 | |||
9 | Closes #386 | ||
10 | |||
11 | Signed-off-by: Serge Hallyn <serge@hallyn.com> | ||
12 | Upstream-Status: Backport [https://github.com/shadow-maint/shadow/commit/537b8cd90be7b47b45c45cfd27765ef85eb0ebf1] | ||
13 | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> | ||
14 | --- | ||
15 | lib/Makefile.am | 2 ++ | ||
16 | libmisc/Makefile.am | 2 +- | ||
17 | libsubid/Makefile.am | 4 ++-- | ||
18 | src/Makefile.am | 6 ++++++ | ||
19 | 4 files changed, 11 insertions(+), 3 deletions(-) | ||
20 | |||
21 | diff --git a/lib/Makefile.am b/lib/Makefile.am | ||
22 | index ecf3ee25..5ac2e111 100644 | ||
23 | --- a/lib/Makefile.am | ||
24 | +++ b/lib/Makefile.am | ||
25 | @@ -10,6 +10,8 @@ if HAVE_VENDORDIR | ||
26 | libshadow_la_CPPFLAGS += -DVENDORDIR=\"$(VENDORDIR)\" | ||
27 | endif | ||
28 | |||
29 | +libshadow_la_CPPFLAGS += -I$(top_srcdir) | ||
30 | + | ||
31 | libshadow_la_SOURCES = \ | ||
32 | commonio.c \ | ||
33 | commonio.h \ | ||
34 | diff --git a/libmisc/Makefile.am b/libmisc/Makefile.am | ||
35 | index 9766a7ec..9f237e0d 100644 | ||
36 | --- a/libmisc/Makefile.am | ||
37 | +++ b/libmisc/Makefile.am | ||
38 | @@ -1,7 +1,7 @@ | ||
39 | |||
40 | EXTRA_DIST = .indent.pro xgetXXbyYY.c | ||
41 | |||
42 | -AM_CPPFLAGS = -I$(top_srcdir)/lib $(ECONF_CPPFLAGS) | ||
43 | +AM_CPPFLAGS = -I$(top_srcdir)/lib -I$(top_srcdir) $(ECONF_CPPFLAGS) | ||
44 | |||
45 | noinst_LTLIBRARIES = libmisc.la | ||
46 | |||
47 | diff --git a/libsubid/Makefile.am b/libsubid/Makefile.am | ||
48 | index 189165b0..cdc41fe6 100644 | ||
49 | --- a/libsubid/Makefile.am | ||
50 | +++ b/libsubid/Makefile.am | ||
51 | @@ -19,8 +19,8 @@ MISCLIBS = \ | ||
52 | $(LIBTCB) | ||
53 | |||
54 | libsubid_la_LIBADD = \ | ||
55 | - $(top_srcdir)/lib/libshadow.la \ | ||
56 | - $(top_srcdir)/libmisc/libmisc.la \ | ||
57 | + $(top_builddir)/lib/libshadow.la \ | ||
58 | + $(top_builddir)/libmisc/libmisc.la \ | ||
59 | $(MISCLIBS) -ldl | ||
60 | |||
61 | AM_CPPFLAGS = \ | ||
62 | diff --git a/src/Makefile.am b/src/Makefile.am | ||
63 | index 35027013..7c1a3491 100644 | ||
64 | --- a/src/Makefile.am | ||
65 | +++ b/src/Makefile.am | ||
66 | @@ -10,6 +10,7 @@ sgidperms = 2755 | ||
67 | AM_CPPFLAGS = \ | ||
68 | -I${top_srcdir}/lib \ | ||
69 | -I$(top_srcdir)/libmisc \ | ||
70 | + -I$(top_srcdir) \ | ||
71 | -DLOCALEDIR=\"$(datadir)/locale\" | ||
72 | |||
73 | # XXX why are login and su in /bin anyway (other than for | ||
74 | @@ -183,6 +184,7 @@ list_subid_ranges_LDADD = \ | ||
75 | list_subid_ranges_CPPFLAGS = \ | ||
76 | -I$(top_srcdir)/lib \ | ||
77 | -I$(top_srcdir)/libmisc \ | ||
78 | + -I$(top_srcdir) \ | ||
79 | -I$(top_srcdir)/libsubid | ||
80 | |||
81 | get_subid_owners_LDADD = \ | ||
82 | @@ -194,11 +196,13 @@ get_subid_owners_LDADD = \ | ||
83 | get_subid_owners_CPPFLAGS = \ | ||
84 | -I$(top_srcdir)/lib \ | ||
85 | -I$(top_srcdir)/libmisc \ | ||
86 | + -I$(top_srcdir) \ | ||
87 | -I$(top_srcdir)/libsubid | ||
88 | |||
89 | new_subid_range_CPPFLAGS = \ | ||
90 | -I$(top_srcdir)/lib \ | ||
91 | -I$(top_srcdir)/libmisc \ | ||
92 | + -I$(top_srcdir) \ | ||
93 | -I$(top_srcdir)/libsubid | ||
94 | |||
95 | new_subid_range_LDADD = \ | ||
96 | @@ -210,6 +214,7 @@ new_subid_range_LDADD = \ | ||
97 | free_subid_range_CPPFLAGS = \ | ||
98 | -I$(top_srcdir)/lib \ | ||
99 | -I$(top_srcdir)/libmisc \ | ||
100 | + -I$(top_srcdir) \ | ||
101 | -I$(top_srcdir)/libsubid | ||
102 | |||
103 | free_subid_range_LDADD = \ | ||
104 | @@ -220,6 +225,7 @@ free_subid_range_LDADD = \ | ||
105 | |||
106 | check_subid_range_CPPFLAGS = \ | ||
107 | -I$(top_srcdir)/lib \ | ||
108 | + -I$(top_srcdir) \ | ||
109 | -I$(top_srcdir)/libmisc | ||
110 | |||
111 | check_subid_range_LDADD = \ | ||
112 | -- | ||
113 | 2.31.1 | ||
114 | |||
diff --git a/meta/recipes-extended/shadow/files/0001-libsubid-link-to-PAM-libraries.patch b/meta/recipes-extended/shadow/files/0001-libsubid-link-to-PAM-libraries.patch new file mode 100644 index 0000000000..ea7a99dbf7 --- /dev/null +++ b/meta/recipes-extended/shadow/files/0001-libsubid-link-to-PAM-libraries.patch | |||
@@ -0,0 +1,31 @@ | |||
1 | From 4f44617af3a0c59be267ac5fcc33586e3783f5e6 Mon Sep 17 00:00:00 2001 | ||
2 | From: Xi Ruoyao <xry111@mengyan1223.wang> | ||
3 | Date: Fri, 23 Jul 2021 14:38:08 +0800 | ||
4 | Subject: [PATCH] libsubid: link to PAM libraries | ||
5 | |||
6 | libsubid.so links to libmisc.a, which contains several routines referring to | ||
7 | PAM functions. | ||
8 | |||
9 | Upstream-Status: Backport [https://github.com/shadow-maint/shadow/commit/f4a84efb468b8be21be124700ce35159c444e9d6] | ||
10 | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> | ||
11 | --- | ||
12 | libsubid/Makefile.am | 3 ++- | ||
13 | 1 file changed, 2 insertions(+), 1 deletion(-) | ||
14 | |||
15 | diff --git a/libsubid/Makefile.am b/libsubid/Makefile.am | ||
16 | index cdc41fe6..99308c1f 100644 | ||
17 | --- a/libsubid/Makefile.am | ||
18 | +++ b/libsubid/Makefile.am | ||
19 | @@ -16,7 +16,8 @@ MISCLIBS = \ | ||
20 | $(LIBCRYPT) \ | ||
21 | $(LIBACL) \ | ||
22 | $(LIBATTR) \ | ||
23 | - $(LIBTCB) | ||
24 | + $(LIBTCB) \ | ||
25 | + $(LIBPAM) | ||
26 | |||
27 | libsubid_la_LIBADD = \ | ||
28 | $(top_builddir)/lib/libshadow.la \ | ||
29 | -- | ||
30 | 2.31.1 | ||
31 | |||
diff --git a/meta/recipes-extended/shadow/files/0002-Allow-for-setting-password-in-clear-text.patch b/meta/recipes-extended/shadow/files/0002-Allow-for-setting-password-in-clear-text.patch deleted file mode 100644 index c6332e4f76..0000000000 --- a/meta/recipes-extended/shadow/files/0002-Allow-for-setting-password-in-clear-text.patch +++ /dev/null | |||
@@ -1,301 +0,0 @@ | |||
1 | From a7d995228491ad5255ad86c1f04ba071f6880897 Mon Sep 17 00:00:00 2001 | ||
2 | From: Chen Qi <Qi.Chen@windriver.com> | ||
3 | Date: Sat, 16 Nov 2013 15:27:47 +0800 | ||
4 | Subject: [PATCH] Allow for setting password in clear text | ||
5 | |||
6 | Upstream-Status: Inappropriate [OE specific] | ||
7 | |||
8 | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> | ||
9 | |||
10 | --- | ||
11 | src/Makefile.am | 8 ++++---- | ||
12 | src/groupadd.c | 20 +++++++++++++++----- | ||
13 | src/groupmod.c | 20 +++++++++++++++----- | ||
14 | src/useradd.c | 21 +++++++++++++++------ | ||
15 | src/usermod.c | 20 +++++++++++++++----- | ||
16 | 5 files changed, 64 insertions(+), 25 deletions(-) | ||
17 | |||
18 | diff --git a/src/Makefile.am b/src/Makefile.am | ||
19 | index f31fd7a..4a317a3 100644 | ||
20 | --- a/src/Makefile.am | ||
21 | +++ b/src/Makefile.am | ||
22 | @@ -103,10 +103,10 @@ chsh_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT_NOPAM) | ||
23 | chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) $(LIBECONF) | ||
24 | expiry_LDADD = $(LDADD) $(LIBECONF) | ||
25 | gpasswd_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) $(LIBECONF) | ||
26 | -groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) | ||
27 | +groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) $(LIBCRYPT) | ||
28 | groupdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) | ||
29 | groupmems_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) | ||
30 | -groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) | ||
31 | +groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) $(LIBCRYPT) | ||
32 | grpck_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) | ||
33 | grpconv_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) | ||
34 | grpunconv_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) | ||
35 | @@ -127,9 +127,9 @@ su_SOURCES = \ | ||
36 | suauth.c | ||
37 | su_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) $(LIBECONF) | ||
38 | sulogin_LDADD = $(LDADD) $(LIBCRYPT) $(LIBECONF) | ||
39 | -useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF) | ||
40 | +useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF) $(LIBCRYPT) | ||
41 | userdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBECONF) | ||
42 | -usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF) | ||
43 | +usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF) $(LIBCRYPT) | ||
44 | vipw_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) | ||
45 | |||
46 | install-am: all-am | ||
47 | diff --git a/src/groupadd.c b/src/groupadd.c | ||
48 | index e9c4bb7..d572c00 100644 | ||
49 | --- a/src/groupadd.c | ||
50 | +++ b/src/groupadd.c | ||
51 | @@ -127,9 +127,10 @@ static /*@noreturn@*/void usage (int status) | ||
52 | (void) fputs (_(" -o, --non-unique allow to create groups with duplicate\n" | ||
53 | " (non-unique) GID\n"), usageout); | ||
54 | (void) fputs (_(" -p, --password PASSWORD use this encrypted password for the new group\n"), usageout); | ||
55 | + (void) fputs (_(" -P, --clear-password PASSWORD use this clear password for the new group\n"), usageout); | ||
56 | (void) fputs (_(" -r, --system create a system account\n"), usageout); | ||
57 | (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); | ||
58 | - (void) fputs (_(" -P, --prefix PREFIX_DIR directory prefix\n"), usageout); | ||
59 | + (void) fputs (_(" -A, --prefix PREFIX_DIR directory prefix\n"), usageout); | ||
60 | (void) fputs ("\n", usageout); | ||
61 | exit (status); | ||
62 | } | ||
63 | @@ -391,13 +392,14 @@ static void process_flags (int argc, char **argv) | ||
64 | {"key", required_argument, NULL, 'K'}, | ||
65 | {"non-unique", no_argument, NULL, 'o'}, | ||
66 | {"password", required_argument, NULL, 'p'}, | ||
67 | + {"clear-password", required_argument, NULL, 'P'}, | ||
68 | {"system", no_argument, NULL, 'r'}, | ||
69 | {"root", required_argument, NULL, 'R'}, | ||
70 | - {"prefix", required_argument, NULL, 'P'}, | ||
71 | + {"prefix", required_argument, NULL, 'A'}, | ||
72 | {NULL, 0, NULL, '\0'} | ||
73 | }; | ||
74 | |||
75 | - while ((c = getopt_long (argc, argv, "fg:hK:op:rR:P:", | ||
76 | + while ((c = getopt_long (argc, argv, "fg:hK:op:P:rR:A:", | ||
77 | long_options, NULL)) != -1) { | ||
78 | switch (c) { | ||
79 | case 'f': | ||
80 | @@ -449,12 +451,20 @@ static void process_flags (int argc, char **argv) | ||
81 | pflg = true; | ||
82 | group_passwd = optarg; | ||
83 | break; | ||
84 | + case 'P': | ||
85 | + pflg = true; | ||
86 | + group_passwd = pw_encrypt (optarg, crypt_make_salt (NULL, NULL)); | ||
87 | + break; | ||
88 | case 'r': | ||
89 | rflg = true; | ||
90 | break; | ||
91 | case 'R': /* no-op, handled in process_root_flag () */ | ||
92 | break; | ||
93 | - case 'P': /* no-op, handled in process_prefix_flag () */ | ||
94 | + case 'A': /* no-op, handled in process_prefix_flag () */ | ||
95 | + fprintf (stderr, | ||
96 | + _("%s: -A is deliberately not supported \n"), | ||
97 | + Prog); | ||
98 | + exit (E_BAD_ARG); | ||
99 | break; | ||
100 | default: | ||
101 | usage (E_USAGE); | ||
102 | @@ -588,7 +598,7 @@ int main (int argc, char **argv) | ||
103 | (void) textdomain (PACKAGE); | ||
104 | |||
105 | process_root_flag ("-R", argc, argv); | ||
106 | - prefix = process_prefix_flag ("-P", argc, argv); | ||
107 | + prefix = process_prefix_flag ("-A", argc, argv); | ||
108 | |||
109 | OPENLOG ("groupadd"); | ||
110 | #ifdef WITH_AUDIT | ||
111 | diff --git a/src/groupmod.c b/src/groupmod.c | ||
112 | index bc14438..25ccb44 100644 | ||
113 | --- a/src/groupmod.c | ||
114 | +++ b/src/groupmod.c | ||
115 | @@ -138,8 +138,9 @@ static void usage (int status) | ||
116 | (void) fputs (_(" -o, --non-unique allow to use a duplicate (non-unique) GID\n"), usageout); | ||
117 | (void) fputs (_(" -p, --password PASSWORD change the password to this (encrypted)\n" | ||
118 | " PASSWORD\n"), usageout); | ||
119 | + (void) fputs (_(" -P, --clear-password PASSWORD change the password to this clear PASSWORD\n"), usageout); | ||
120 | (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); | ||
121 | - (void) fputs (_(" -P, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); | ||
122 | + (void) fputs (_(" -A, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); | ||
123 | (void) fputs ("\n", usageout); | ||
124 | exit (status); | ||
125 | } | ||
126 | @@ -387,11 +388,12 @@ static void process_flags (int argc, char **argv) | ||
127 | {"new-name", required_argument, NULL, 'n'}, | ||
128 | {"non-unique", no_argument, NULL, 'o'}, | ||
129 | {"password", required_argument, NULL, 'p'}, | ||
130 | + {"clear-password", required_argument, NULL, 'P'}, | ||
131 | {"root", required_argument, NULL, 'R'}, | ||
132 | - {"prefix", required_argument, NULL, 'P'}, | ||
133 | + {"prefix", required_argument, NULL, 'A'}, | ||
134 | {NULL, 0, NULL, '\0'} | ||
135 | }; | ||
136 | - while ((c = getopt_long (argc, argv, "g:hn:op:R:P:", | ||
137 | + while ((c = getopt_long (argc, argv, "g:hn:op:P:R:A:", | ||
138 | long_options, NULL)) != -1) { | ||
139 | switch (c) { | ||
140 | case 'g': | ||
141 | @@ -418,9 +420,17 @@ static void process_flags (int argc, char **argv) | ||
142 | group_passwd = optarg; | ||
143 | pflg = true; | ||
144 | break; | ||
145 | + case 'P': | ||
146 | + group_passwd = pw_encrypt (optarg, crypt_make_salt (NULL, NULL)); | ||
147 | + pflg = true; | ||
148 | + break; | ||
149 | case 'R': /* no-op, handled in process_root_flag () */ | ||
150 | break; | ||
151 | - case 'P': /* no-op, handled in process_prefix_flag () */ | ||
152 | + case 'A': /* no-op, handled in process_prefix_flag () */ | ||
153 | + fprintf (stderr, | ||
154 | + _("%s: -A is deliberately not supported \n"), | ||
155 | + Prog); | ||
156 | + exit (E_BAD_ARG); | ||
157 | break; | ||
158 | default: | ||
159 | usage (E_USAGE); | ||
160 | @@ -761,7 +771,7 @@ int main (int argc, char **argv) | ||
161 | (void) textdomain (PACKAGE); | ||
162 | |||
163 | process_root_flag ("-R", argc, argv); | ||
164 | - prefix = process_prefix_flag ("-P", argc, argv); | ||
165 | + prefix = process_prefix_flag ("-A", argc, argv); | ||
166 | |||
167 | OPENLOG ("groupmod"); | ||
168 | #ifdef WITH_AUDIT | ||
169 | diff --git a/src/useradd.c b/src/useradd.c | ||
170 | index 1b7bf06..44f09e2 100644 | ||
171 | --- a/src/useradd.c | ||
172 | +++ b/src/useradd.c | ||
173 | @@ -853,9 +853,10 @@ static void usage (int status) | ||
174 | (void) fputs (_(" -o, --non-unique allow to create users with duplicate\n" | ||
175 | " (non-unique) UID\n"), usageout); | ||
176 | (void) fputs (_(" -p, --password PASSWORD encrypted password of the new account\n"), usageout); | ||
177 | + (void) fputs (_(" -P, --clear-password PASSWORD clear password of the new account\n"), usageout); | ||
178 | (void) fputs (_(" -r, --system create a system account\n"), usageout); | ||
179 | (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); | ||
180 | - (void) fputs (_(" -P, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); | ||
181 | + (void) fputs (_(" -A, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); | ||
182 | (void) fputs (_(" -s, --shell SHELL login shell of the new account\n"), usageout); | ||
183 | (void) fputs (_(" -u, --uid UID user ID of the new account\n"), usageout); | ||
184 | (void) fputs (_(" -U, --user-group create a group with the same name as the user\n"), usageout); | ||
185 | @@ -1133,9 +1134,10 @@ static void process_flags (int argc, char **argv) | ||
186 | {"no-user-group", no_argument, NULL, 'N'}, | ||
187 | {"non-unique", no_argument, NULL, 'o'}, | ||
188 | {"password", required_argument, NULL, 'p'}, | ||
189 | + {"clear-password", required_argument, NULL, 'P'}, | ||
190 | {"system", no_argument, NULL, 'r'}, | ||
191 | {"root", required_argument, NULL, 'R'}, | ||
192 | - {"prefix", required_argument, NULL, 'P'}, | ||
193 | + {"prefix", required_argument, NULL, 'A'}, | ||
194 | {"shell", required_argument, NULL, 's'}, | ||
195 | {"uid", required_argument, NULL, 'u'}, | ||
196 | {"user-group", no_argument, NULL, 'U'}, | ||
197 | @@ -1146,9 +1148,9 @@ static void process_flags (int argc, char **argv) | ||
198 | }; | ||
199 | while ((c = getopt_long (argc, argv, | ||
200 | #ifdef WITH_SELINUX | ||
201 | - "b:c:d:De:f:g:G:hk:K:lmMNop:rR:P:s:u:UZ:", | ||
202 | + "b:c:d:De:f:g:G:hk:K:lmMNop:P:rR:A:s:u:UZ:", | ||
203 | #else /* !WITH_SELINUX */ | ||
204 | - "b:c:d:De:f:g:G:hk:K:lmMNop:rR:P:s:u:U", | ||
205 | + "b:c:d:De:f:g:G:hk:K:lmMNop:P:rR:A:s:u:U", | ||
206 | #endif /* !WITH_SELINUX */ | ||
207 | long_options, NULL)) != -1) { | ||
208 | switch (c) { | ||
209 | @@ -1320,12 +1322,19 @@ static void process_flags (int argc, char **argv) | ||
210 | } | ||
211 | user_pass = optarg; | ||
212 | break; | ||
213 | + case 'P': /* set clear text password */ | ||
214 | + user_pass = pw_encrypt (optarg, crypt_make_salt (NULL, NULL)); | ||
215 | + break; | ||
216 | case 'r': | ||
217 | rflg = true; | ||
218 | break; | ||
219 | case 'R': /* no-op, handled in process_root_flag () */ | ||
220 | break; | ||
221 | - case 'P': /* no-op, handled in process_prefix_flag () */ | ||
222 | + case 'A': /* no-op, handled in process_prefix_flag () */ | ||
223 | + fprintf (stderr, | ||
224 | + _("%s: -A is deliberately not supported \n"), | ||
225 | + Prog); | ||
226 | + exit (E_BAD_ARG); | ||
227 | break; | ||
228 | case 's': | ||
229 | if ( ( !VALID (optarg) ) | ||
230 | @@ -2257,7 +2266,7 @@ int main (int argc, char **argv) | ||
231 | |||
232 | process_root_flag ("-R", argc, argv); | ||
233 | |||
234 | - prefix = process_prefix_flag("-P", argc, argv); | ||
235 | + prefix = process_prefix_flag("-A", argc, argv); | ||
236 | |||
237 | OPENLOG ("useradd"); | ||
238 | #ifdef WITH_AUDIT | ||
239 | diff --git a/src/usermod.c b/src/usermod.c | ||
240 | index 21c6da9..cffdb3e 100644 | ||
241 | --- a/src/usermod.c | ||
242 | +++ b/src/usermod.c | ||
243 | @@ -431,8 +431,9 @@ static /*@noreturn@*/void usage (int status) | ||
244 | " new location (use only with -d)\n"), usageout); | ||
245 | (void) fputs (_(" -o, --non-unique allow using duplicate (non-unique) UID\n"), usageout); | ||
246 | (void) fputs (_(" -p, --password PASSWORD use encrypted password for the new password\n"), usageout); | ||
247 | + (void) fputs (_(" -P, --clear-password PASSWORD use clear password for the new password\n"), usageout); | ||
248 | (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); | ||
249 | - (void) fputs (_(" -P, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); | ||
250 | + (void) fputs (_(" -A, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); | ||
251 | (void) fputs (_(" -s, --shell SHELL new login shell for the user account\n"), usageout); | ||
252 | (void) fputs (_(" -u, --uid UID new UID for the user account\n"), usageout); | ||
253 | (void) fputs (_(" -U, --unlock unlock the user account\n"), usageout); | ||
254 | @@ -1010,8 +1011,9 @@ static void process_flags (int argc, char **argv) | ||
255 | {"move-home", no_argument, NULL, 'm'}, | ||
256 | {"non-unique", no_argument, NULL, 'o'}, | ||
257 | {"password", required_argument, NULL, 'p'}, | ||
258 | + {"clear-password", required_argument, NULL, 'P'}, | ||
259 | {"root", required_argument, NULL, 'R'}, | ||
260 | - {"prefix", required_argument, NULL, 'P'}, | ||
261 | + {"prefix", required_argument, NULL, 'A'}, | ||
262 | {"shell", required_argument, NULL, 's'}, | ||
263 | {"uid", required_argument, NULL, 'u'}, | ||
264 | {"unlock", no_argument, NULL, 'U'}, | ||
265 | @@ -1027,7 +1029,7 @@ static void process_flags (int argc, char **argv) | ||
266 | {NULL, 0, NULL, '\0'} | ||
267 | }; | ||
268 | while ((c = getopt_long (argc, argv, | ||
269 | - "abc:d:e:f:g:G:hl:Lmop:R:s:u:UP:" | ||
270 | + "abc:d:e:f:g:G:hl:Lmop:P:R:s:u:UA:" | ||
271 | #ifdef ENABLE_SUBIDS | ||
272 | "v:w:V:W:" | ||
273 | #endif /* ENABLE_SUBIDS */ | ||
274 | @@ -1130,9 +1132,17 @@ static void process_flags (int argc, char **argv) | ||
275 | user_pass = optarg; | ||
276 | pflg = true; | ||
277 | break; | ||
278 | + case 'P': | ||
279 | + user_pass = pw_encrypt (optarg, crypt_make_salt (NULL, NULL)); | ||
280 | + pflg = true; | ||
281 | + break; | ||
282 | case 'R': /* no-op, handled in process_root_flag () */ | ||
283 | break; | ||
284 | - case 'P': /* no-op, handled in process_prefix_flag () */ | ||
285 | + case 'A': /* no-op, handled in process_prefix_flag () */ | ||
286 | + fprintf (stderr, | ||
287 | + _("%s: -A is deliberately not supported \n"), | ||
288 | + Prog); | ||
289 | + exit (E_BAD_ARG); | ||
290 | break; | ||
291 | case 's': | ||
292 | if (!VALID (optarg)) { | ||
293 | @@ -2127,7 +2137,7 @@ int main (int argc, char **argv) | ||
294 | (void) textdomain (PACKAGE); | ||
295 | |||
296 | process_root_flag ("-R", argc, argv); | ||
297 | - prefix = process_prefix_flag ("-P", argc, argv); | ||
298 | + prefix = process_prefix_flag ("-A", argc, argv); | ||
299 | |||
300 | OPENLOG ("usermod"); | ||
301 | #ifdef WITH_AUDIT | ||
diff --git a/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch b/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch index 9825216369..bd24626a26 100644 --- a/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch +++ b/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 66533c7c6f347d257020675a1ed6e0c59cbbc3f0 Mon Sep 17 00:00:00 2001 | 1 | From 1422c24f7266b553c82100e3d18a10c55cd91063 Mon Sep 17 00:00:00 2001 |
2 | From: Chen Qi <Qi.Chen@windriver.com> | 2 | From: Chen Qi <Qi.Chen@windriver.com> |
3 | Date: Thu, 17 Jul 2014 15:53:34 +0800 | 3 | Date: Thu, 17 Jul 2014 15:53:34 +0800 |
4 | Subject: [PATCH] commonio.c-fix-unexpected-open-failure-in-chroot-env | 4 | Subject: [PATCH] commonio.c-fix-unexpected-open-failure-in-chroot-env |
@@ -21,10 +21,10 @@ Signed-off-by: Chen Qi <Qi.Chen@windriver.com> | |||
21 | 1 file changed, 12 insertions(+), 4 deletions(-) | 21 | 1 file changed, 12 insertions(+), 4 deletions(-) |
22 | 22 | ||
23 | diff --git a/lib/commonio.c b/lib/commonio.c | 23 | diff --git a/lib/commonio.c b/lib/commonio.c |
24 | index 16fa7e7..d6bc297 100644 | 24 | index cef404b..66908fb 100644 |
25 | --- a/lib/commonio.c | 25 | --- a/lib/commonio.c |
26 | +++ b/lib/commonio.c | 26 | +++ b/lib/commonio.c |
27 | @@ -632,10 +632,18 @@ int commonio_open (struct commonio_db *db, int mode) | 27 | @@ -646,10 +646,18 @@ int commonio_open (struct commonio_db *db, int mode) |
28 | db->cursor = NULL; | 28 | db->cursor = NULL; |
29 | db->changed = false; | 29 | db->changed = false; |
30 | 30 | ||
diff --git a/meta/recipes-extended/shadow/shadow.inc b/meta/recipes-extended/shadow/shadow.inc index a5d77ebfe2..2834509649 100644 --- a/meta/recipes-extended/shadow/shadow.inc +++ b/meta/recipes-extended/shadow/shadow.inc | |||
@@ -10,10 +10,12 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=ed80ff1c2b40843cf5768e5229cf16e5 \ | |||
10 | DEPENDS = "virtual/crypt" | 10 | DEPENDS = "virtual/crypt" |
11 | 11 | ||
12 | UPSTREAM_CHECK_URI = "https://github.com/shadow-maint/shadow/releases" | 12 | UPSTREAM_CHECK_URI = "https://github.com/shadow-maint/shadow/releases" |
13 | SRC_URI = "https://github.com/shadow-maint/shadow/releases/download/${PV}/${BP}.tar.gz \ | 13 | SRC_URI = "https://github.com/shadow-maint/shadow/releases/download/v${PV}/${BP}.tar.gz \ |
14 | file://shadow-4.1.3-dots-in-usernames.patch \ | 14 | file://shadow-4.1.3-dots-in-usernames.patch \ |
15 | ${@bb.utils.contains('PACKAGECONFIG', 'pam', '${PAM_SRC_URI}', '', d)} \ | 15 | ${@bb.utils.contains('PACKAGECONFIG', 'pam', '${PAM_SRC_URI}', '', d)} \ |
16 | file://shadow-relaxed-usernames.patch \ | 16 | file://shadow-relaxed-usernames.patch \ |
17 | file://0001-Fix-out-of-tree-builds-with-respect-to-libsubid-incl.patch \ | ||
18 | file://0001-libsubid-link-to-PAM-libraries.patch \ | ||
17 | " | 19 | " |
18 | 20 | ||
19 | SRC_URI:append:class-target = " \ | 21 | SRC_URI:append:class-target = " \ |
@@ -23,15 +25,13 @@ SRC_URI:append:class-target = " \ | |||
23 | 25 | ||
24 | SRC_URI:append:class-native = " \ | 26 | SRC_URI:append:class-native = " \ |
25 | file://0001-Disable-use-of-syslog-for-sysroot.patch \ | 27 | file://0001-Disable-use-of-syslog-for-sysroot.patch \ |
26 | file://0002-Allow-for-setting-password-in-clear-text.patch \ | ||
27 | file://commonio.c-fix-unexpected-open-failure-in-chroot-env.patch \ | 28 | file://commonio.c-fix-unexpected-open-failure-in-chroot-env.patch \ |
28 | " | 29 | " |
29 | SRC_URI:append:class-nativesdk = " \ | 30 | SRC_URI:append:class-nativesdk = " \ |
30 | file://0001-Disable-use-of-syslog-for-sysroot.patch \ | 31 | file://0001-Disable-use-of-syslog-for-sysroot.patch \ |
31 | " | 32 | " |
32 | 33 | ||
33 | SRC_URI[md5sum] = "3d97f11e66bfb0b14702b115fa8be480" | 34 | SRC_URI[sha256sum] = "6c4627ff9c9422b96664517ae753c944f2902e92809d0698b65f5fef11985212" |
34 | SRC_URI[sha256sum] = "3ee3081fbbcbcfea5c8916419e46bc724807bab271072104f23e7a29e9668f3a" | ||
35 | 35 | ||
36 | # Additional Policy files for PAM | 36 | # Additional Policy files for PAM |
37 | PAM_SRC_URI = "file://pam.d/chfn \ | 37 | PAM_SRC_URI = "file://pam.d/chfn \ |
@@ -115,12 +115,6 @@ do_install() { | |||
115 | # Use proper encryption for passwords | 115 | # Use proper encryption for passwords |
116 | sed -i 's/^#ENCRYPT_METHOD.*$/ENCRYPT_METHOD SHA512/' ${D}${sysconfdir}/login.defs | 116 | sed -i 's/^#ENCRYPT_METHOD.*$/ENCRYPT_METHOD SHA512/' ${D}${sysconfdir}/login.defs |
117 | 117 | ||
118 | # Now we don't have a mail system. Disable mail creation for now. | ||
119 | sed -i 's:/bin/bash:/bin/sh:g' ${D}${sysconfdir}/default/useradd | ||
120 | sed -i '/^CREATE_MAIL_SPOOL/ s:^:#:' ${D}${sysconfdir}/default/useradd | ||
121 | |||
122 | # Use users group by default | ||
123 | sed -i 's,^GROUP=1000,GROUP=100,g' ${D}${sysconfdir}/default/useradd | ||
124 | } | 118 | } |
125 | 119 | ||
126 | do_install:append() { | 120 | do_install:append() { |
@@ -184,13 +178,6 @@ ALTERNATIVE:${PN}-base = "newgrp groups login su" | |||
184 | ALTERNATIVE_LINK_NAME[login] = "${base_bindir}/login" | 178 | ALTERNATIVE_LINK_NAME[login] = "${base_bindir}/login" |
185 | ALTERNATIVE_LINK_NAME[su] = "${base_bindir}/su" | 179 | ALTERNATIVE_LINK_NAME[su] = "${base_bindir}/su" |
186 | 180 | ||
187 | ALTERNATIVE:${PN}-doc = "passwd.5 getspnam.3 groups.1 su.1 nologin.8" | ||
188 | ALTERNATIVE_LINK_NAME[passwd.5] = "${mandir}/man5/passwd.5" | ||
189 | ALTERNATIVE_LINK_NAME[getspnam.3] = "${mandir}/man3/getspnam.3" | ||
190 | ALTERNATIVE_LINK_NAME[groups.1] = "${mandir}/man1/groups.1" | ||
191 | ALTERNATIVE_LINK_NAME[su.1] = "${mandir}/man1/su.1" | ||
192 | ALTERNATIVE_LINK_NAME[nologin.8] = "${mandir}/man8/nologin.8" | ||
193 | |||
194 | PACKAGE_WRITE_DEPS += "shadow-native" | 181 | PACKAGE_WRITE_DEPS += "shadow-native" |
195 | pkg_postinst:${PN}:class-target () { | 182 | pkg_postinst:${PN}:class-target () { |
196 | if [ "x$D" != "x" ]; then | 183 | if [ "x$D" != "x" ]; then |
diff --git a/meta/recipes-extended/shadow/shadow_4.8.1.bb b/meta/recipes-extended/shadow/shadow_4.9.bb index 2fbd81bf72..2fbd81bf72 100644 --- a/meta/recipes-extended/shadow/shadow_4.8.1.bb +++ b/meta/recipes-extended/shadow/shadow_4.9.bb | |||