summaryrefslogtreecommitdiffstats
path: root/meta
diff options
context:
space:
mode:
authorJulian Pidancet <julian.pidancet@gmail.com>2011-10-07 01:13:40 +0100
committerRichard Purdie <richard.purdie@linuxfoundation.org>2011-10-10 10:00:08 +0100
commit73abadd43e457e93b8919fc104dad986ff66448f (patch)
tree50842c3c4095e1fc23de79f918f279b78fa425e1 /meta
parentae6133572f317b4c7cb8046aa1b10bb83a2a58ba (diff)
downloadpoky-73abadd43e457e93b8919fc104dad986ff66448f.tar.gz
Fix the --root option in shadow-native programs
The add_root_cmd_options.patch that we apply to shadow-native allow the various programs from the shadow utility package to chroot() so they can be used to modify etc/passwd and etc/group if they are located in a sysroot. Some of the shadow programs (gpasswd, useradd and usermod) need to parse the command line in two passes. But we can't use getopt_long() twice because getopt_long() reorders the command line arguments, and consequently corrupts the option parsing during the second pass. This patch fixes this issue by replacing the first pass by a very simple manual walk of the command line to handle the --root argument. This change is a patch of another patch, I apologize if it is difficult to read. But IMHO it wouldn't make sense to put the patch for this issue in another separated file. The --root options in groupadd and useradd are needed to make the useradd class work, and this issue was preventing to use useradd and groupadd long options while using the class. (From OE-Core rev: 6e9e19b18597103d8fe09f258cfd9904bb5f1c27) Signed-off-by: Julian Pidancet <julian.pidancet@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta')
-rw-r--r--meta/recipes-extended/shadow/files/add_root_cmd_options.patch189
1 files changed, 98 insertions, 91 deletions
diff --git a/meta/recipes-extended/shadow/files/add_root_cmd_options.patch b/meta/recipes-extended/shadow/files/add_root_cmd_options.patch
index c5f2bec56b..5edd3b8744 100644
--- a/meta/recipes-extended/shadow/files/add_root_cmd_options.patch
+++ b/meta/recipes-extended/shadow/files/add_root_cmd_options.patch
@@ -25,9 +25,18 @@ Workaround is specific to our build system.
25 25
26Signed-off-by: Scott Garman <scott.a.garman@intel.com> 26Signed-off-by: Scott Garman <scott.a.garman@intel.com>
27 27
282011-09-29 Fix the parsing of the --root option in gpasswd, useradd, usermod:
29
30In programs which need to scan the command line in two passes to handle
31--root option separately from the rest of the arguments, replace the first
32calls to getopt_long with a simple iteration over the argument list since
33getopt_long has the bad habit of reordering arguments on the command line.
34
35Signed-off-by: Julian Pidancet <julian.pidancet@gmail.com>
36
28diff -urN shadow-4.1.4.3.orig//src/gpasswd.c shadow-4.1.4.3//src/gpasswd.c 37diff -urN shadow-4.1.4.3.orig//src/gpasswd.c shadow-4.1.4.3//src/gpasswd.c
29--- shadow-4.1.4.3.orig//src/gpasswd.c 2011-02-13 09:58:16.000000000 -0800 38--- shadow-4.1.4.3.orig//src/gpasswd.c 2011-09-29 12:00:45.211000091 +0100
30+++ shadow-4.1.4.3//src/gpasswd.c 2011-06-28 15:12:03.539504372 -0700 39+++ shadow-4.1.4.3//src/gpasswd.c 2011-09-29 12:09:54.590000090 +0100
31@@ -63,6 +63,7 @@ 40@@ -63,6 +63,7 @@
32 * (/etc/gshadow present) */ 41 * (/etc/gshadow present) */
33 static bool is_shadowgrp; 42 static bool is_shadowgrp;
@@ -52,7 +61,7 @@ diff -urN shadow-4.1.4.3.orig//src/gpasswd.c shadow-4.1.4.3//src/gpasswd.c
52 " -r, --remove-password remove the GROUP's password\n" 61 " -r, --remove-password remove the GROUP's password\n"
53 " -R, --restrict restrict access to GROUP to its members\n" 62 " -R, --restrict restrict access to GROUP to its members\n"
54 " -M, --members USER,... set the list of members of GROUP\n" 63 " -M, --members USER,... set the list of members of GROUP\n"
55@@ -226,6 +229,55 @@ 64@@ -226,6 +229,57 @@
56 } 65 }
57 66
58 /* 67 /*
@@ -68,23 +77,26 @@ diff -urN shadow-4.1.4.3.orig//src/gpasswd.c shadow-4.1.4.3//src/gpasswd.c
68+ /* 77+ /*
69+ * Parse the command line options. 78+ * Parse the command line options.
70+ */ 79+ */
71+ int flag; 80+ int i;
72+ int option_index = 0; 81+ char *root;
73+ static struct option long_options[] = {
74+ {"root", required_argument, NULL, 'Q'},
75+ {NULL, 0, NULL, '\0'}
76+ };
77+ 82+
78+ while ((flag = getopt_long (argc, argv, "a:A:d:gM:Q:rR", long_options, &option_index)) != -1) { 83+ for (i = 0; i < argc; i++) {
79+ switch (flag) { 84+ if (!strcmp (argv[i], "--root") || !strcmp (argv[i], "-Q")) {
80+ case 'Q': 85+ if (i + 1 == argc) {
81+ if ('/' != optarg[0]) { 86+ fprintf (stderr,
87+ _("%s: option '%s' requires an argument\n"),
88+ Prog, argv[i]);
89+ exit (E_BAD_ARG);
90+ }
91+ root = argv[i + 1];
92+
93+ if ('/' != root[0]) {
82+ fprintf (stderr, 94+ fprintf (stderr,
83+ _("%s: invalid chroot path '%s'\n"), 95+ _("%s: invalid chroot path '%s'\n"),
84+ Prog, optarg); 96+ Prog, root);
85+ exit (E_BAD_ARG); 97+ exit (E_BAD_ARG);
86+ } 98+ }
87+ newroot = optarg; 99+ newroot = root;
88+ 100+
89+ if (access (newroot, F_OK) != 0) { 101+ if (access (newroot, F_OK) != 0) {
90+ fprintf(stderr, 102+ fprintf(stderr,
@@ -99,7 +111,6 @@ diff -urN shadow-4.1.4.3.orig//src/gpasswd.c shadow-4.1.4.3//src/gpasswd.c
99+ exit (E_BAD_ARG); 111+ exit (E_BAD_ARG);
100+ } 112+ }
101+ break; 113+ break;
102+ /* no-op on everything else - they will be hanled by process_flags() */
103+ } 114+ }
104+ } 115+ }
105+} 116+}
@@ -108,7 +119,7 @@ diff -urN shadow-4.1.4.3.orig//src/gpasswd.c shadow-4.1.4.3//src/gpasswd.c
108 * process_flags - process the command line options and arguments 119 * process_flags - process the command line options and arguments
109 */ 120 */
110 static void process_flags (int argc, char **argv) 121 static void process_flags (int argc, char **argv)
111@@ -235,6 +287,7 @@ 122@@ -235,6 +289,7 @@
112 static struct option long_options[] = { 123 static struct option long_options[] = {
113 {"add", required_argument, NULL, 'a'}, 124 {"add", required_argument, NULL, 'a'},
114 {"delete", required_argument, NULL, 'd'}, 125 {"delete", required_argument, NULL, 'd'},
@@ -116,7 +127,7 @@ diff -urN shadow-4.1.4.3.orig//src/gpasswd.c shadow-4.1.4.3//src/gpasswd.c
116 {"remove-password", no_argument, NULL, 'r'}, 127 {"remove-password", no_argument, NULL, 'r'},
117 {"restrict", no_argument, NULL, 'R'}, 128 {"restrict", no_argument, NULL, 'R'},
118 {"administrators", required_argument, NULL, 'A'}, 129 {"administrators", required_argument, NULL, 'A'},
119@@ -242,7 +295,7 @@ 130@@ -242,7 +297,7 @@
120 {NULL, 0, NULL, '\0'} 131 {NULL, 0, NULL, '\0'}
121 }; 132 };
122 133
@@ -125,7 +136,7 @@ diff -urN shadow-4.1.4.3.orig//src/gpasswd.c shadow-4.1.4.3//src/gpasswd.c
125 switch (flag) { 136 switch (flag) {
126 case 'a': /* add a user */ 137 case 'a': /* add a user */
127 aflg = true; 138 aflg = true;
128@@ -283,6 +336,9 @@ 139@@ -283,6 +338,9 @@
129 } 140 }
130 Mflg = true; 141 Mflg = true;
131 break; 142 break;
@@ -135,7 +146,7 @@ diff -urN shadow-4.1.4.3.orig//src/gpasswd.c shadow-4.1.4.3//src/gpasswd.c
135 case 'r': /* remove group password */ 146 case 'r': /* remove group password */
136 rflg = true; 147 rflg = true;
137 break; 148 break;
138@@ -995,6 +1051,8 @@ 149@@ -995,6 +1053,8 @@
139 setbuf (stdout, NULL); 150 setbuf (stdout, NULL);
140 setbuf (stderr, NULL); 151 setbuf (stderr, NULL);
141 152
@@ -145,8 +156,8 @@ diff -urN shadow-4.1.4.3.orig//src/gpasswd.c shadow-4.1.4.3//src/gpasswd.c
145 is_shadowgrp = sgr_file_present (); 156 is_shadowgrp = sgr_file_present ();
146 #endif 157 #endif
147diff -urN shadow-4.1.4.3.orig//src/groupadd.c shadow-4.1.4.3//src/groupadd.c 158diff -urN shadow-4.1.4.3.orig//src/groupadd.c shadow-4.1.4.3//src/groupadd.c
148--- shadow-4.1.4.3.orig//src/groupadd.c 2011-02-13 09:58:16.000000000 -0800 159--- shadow-4.1.4.3.orig//src/groupadd.c 2011-09-29 12:00:45.212000091 +0100
149+++ shadow-4.1.4.3//src/groupadd.c 2011-06-28 15:12:03.539504372 -0700 160+++ shadow-4.1.4.3//src/groupadd.c 2011-09-29 11:59:28.386000092 +0100
150@@ -76,6 +76,7 @@ 161@@ -76,6 +76,7 @@
151 static gid_t group_id; 162 static gid_t group_id;
152 static /*@null@*/char *group_passwd; 163 static /*@null@*/char *group_passwd;
@@ -208,8 +219,8 @@ diff -urN shadow-4.1.4.3.orig//src/groupadd.c shadow-4.1.4.3//src/groupadd.c
208 rflg = true; 219 rflg = true;
209 break; 220 break;
210diff -urN shadow-4.1.4.3.orig//src/groupdel.c shadow-4.1.4.3//src/groupdel.c 221diff -urN shadow-4.1.4.3.orig//src/groupdel.c shadow-4.1.4.3//src/groupdel.c
211--- shadow-4.1.4.3.orig//src/groupdel.c 2011-02-13 09:58:16.000000000 -0800 222--- shadow-4.1.4.3.orig//src/groupdel.c 2011-09-29 12:00:45.212000091 +0100
212+++ shadow-4.1.4.3//src/groupdel.c 2011-06-28 15:12:03.539504372 -0700 223+++ shadow-4.1.4.3//src/groupdel.c 2011-09-29 11:59:28.386000092 +0100
213@@ -36,6 +36,7 @@ 224@@ -36,6 +36,7 @@
214 225
215 #include <ctype.h> 226 #include <ctype.h>
@@ -340,8 +351,8 @@ diff -urN shadow-4.1.4.3.orig//src/groupdel.c shadow-4.1.4.3//src/groupdel.c
340 #ifdef USE_PAM 351 #ifdef USE_PAM
341 { 352 {
342diff -urN shadow-4.1.4.3.orig//src/groupmod.c shadow-4.1.4.3//src/groupmod.c 353diff -urN shadow-4.1.4.3.orig//src/groupmod.c shadow-4.1.4.3//src/groupmod.c
343--- shadow-4.1.4.3.orig//src/groupmod.c 2011-02-13 09:58:16.000000000 -0800 354--- shadow-4.1.4.3.orig//src/groupmod.c 2011-09-29 12:00:45.212000091 +0100
344+++ shadow-4.1.4.3//src/groupmod.c 2011-06-28 15:12:03.539504372 -0700 355+++ shadow-4.1.4.3//src/groupmod.c 2011-09-29 11:59:28.387000092 +0100
345@@ -79,6 +79,7 @@ 356@@ -79,6 +79,7 @@
346 static char *group_passwd; 357 static char *group_passwd;
347 static gid_t group_id; 358 static gid_t group_id;
@@ -401,8 +412,8 @@ diff -urN shadow-4.1.4.3.orig//src/groupmod.c shadow-4.1.4.3//src/groupmod.c
401 usage (); 412 usage ();
402 } 413 }
403diff -urN shadow-4.1.4.3.orig//src/grpconv.c shadow-4.1.4.3//src/grpconv.c 414diff -urN shadow-4.1.4.3.orig//src/grpconv.c shadow-4.1.4.3//src/grpconv.c
404--- shadow-4.1.4.3.orig//src/grpconv.c 2011-02-13 09:58:16.000000000 -0800 415--- shadow-4.1.4.3.orig//src/grpconv.c 2011-09-29 12:00:45.213000091 +0100
405+++ shadow-4.1.4.3//src/grpconv.c 2011-06-28 15:12:03.539504372 -0700 416+++ shadow-4.1.4.3//src/grpconv.c 2011-09-29 11:59:28.387000092 +0100
406@@ -39,6 +39,7 @@ 417@@ -39,6 +39,7 @@
407 418
408 #include <errno.h> 419 #include <errno.h>
@@ -527,8 +538,8 @@ diff -urN shadow-4.1.4.3.orig//src/grpconv.c shadow-4.1.4.3//src/grpconv.c
527 fprintf (stderr, 538 fprintf (stderr,
528 _("%s: cannot lock %s; try again later.\n"), 539 _("%s: cannot lock %s; try again later.\n"),
529diff -urN shadow-4.1.4.3.orig//src/grpunconv.c shadow-4.1.4.3//src/grpunconv.c 540diff -urN shadow-4.1.4.3.orig//src/grpunconv.c shadow-4.1.4.3//src/grpunconv.c
530--- shadow-4.1.4.3.orig//src/grpunconv.c 2011-02-13 09:58:16.000000000 -0800 541--- shadow-4.1.4.3.orig//src/grpunconv.c 2011-09-29 12:00:45.213000091 +0100
531+++ shadow-4.1.4.3//src/grpunconv.c 2011-06-28 15:12:03.539504372 -0700 542+++ shadow-4.1.4.3//src/grpunconv.c 2011-09-29 11:59:28.387000092 +0100
532@@ -43,6 +43,7 @@ 543@@ -43,6 +43,7 @@
533 #include <stdlib.h> 544 #include <stdlib.h>
534 #include <string.h> 545 #include <string.h>
@@ -653,8 +664,8 @@ diff -urN shadow-4.1.4.3.orig//src/grpunconv.c shadow-4.1.4.3//src/grpunconv.c
653 exit (0); /* no /etc/gshadow, nothing to do */ 664 exit (0); /* no /etc/gshadow, nothing to do */
654 } 665 }
655diff -urN shadow-4.1.4.3.orig//src/passwd.c shadow-4.1.4.3//src/passwd.c 666diff -urN shadow-4.1.4.3.orig//src/passwd.c shadow-4.1.4.3//src/passwd.c
656--- shadow-4.1.4.3.orig//src/passwd.c 2011-02-13 09:58:16.000000000 -0800 667--- shadow-4.1.4.3.orig//src/passwd.c 2011-09-29 12:00:45.214000091 +0100
657+++ shadow-4.1.4.3//src/passwd.c 2011-06-28 15:12:03.539504372 -0700 668+++ shadow-4.1.4.3//src/passwd.c 2011-09-29 11:59:28.388000092 +0100
658@@ -75,6 +75,7 @@ 669@@ -75,6 +75,7 @@
659 static char *name; /* The name of user whose password is being changed */ 670 static char *name; /* The name of user whose password is being changed */
660 static char *myname; /* The current user's name */ 671 static char *myname; /* The current user's name */
@@ -718,8 +729,8 @@ diff -urN shadow-4.1.4.3.orig//src/passwd.c shadow-4.1.4.3//src/passwd.c
718 /* -r repository (files|nis|nisplus) */ 729 /* -r repository (files|nis|nisplus) */
719 /* only "files" supported for now */ 730 /* only "files" supported for now */
720diff -urN shadow-4.1.4.3.orig//src/pwconv.c shadow-4.1.4.3//src/pwconv.c 731diff -urN shadow-4.1.4.3.orig//src/pwconv.c shadow-4.1.4.3//src/pwconv.c
721--- shadow-4.1.4.3.orig//src/pwconv.c 2011-02-13 09:58:16.000000000 -0800 732--- shadow-4.1.4.3.orig//src/pwconv.c 2011-09-29 12:00:45.214000091 +0100
722+++ shadow-4.1.4.3//src/pwconv.c 2011-06-28 15:12:03.539504372 -0700 733+++ shadow-4.1.4.3//src/pwconv.c 2011-09-29 11:59:28.388000092 +0100
723@@ -59,6 +59,7 @@ 734@@ -59,6 +59,7 @@
724 735
725 #include <errno.h> 736 #include <errno.h>
@@ -847,8 +858,8 @@ diff -urN shadow-4.1.4.3.orig//src/pwconv.c shadow-4.1.4.3//src/pwconv.c
847 fprintf (stderr, 858 fprintf (stderr,
848 _("%s: cannot lock %s; try again later.\n"), 859 _("%s: cannot lock %s; try again later.\n"),
849diff -urN shadow-4.1.4.3.orig//src/pwunconv.c shadow-4.1.4.3//src/pwunconv.c 860diff -urN shadow-4.1.4.3.orig//src/pwunconv.c shadow-4.1.4.3//src/pwunconv.c
850--- shadow-4.1.4.3.orig//src/pwunconv.c 2011-02-13 09:58:16.000000000 -0800 861--- shadow-4.1.4.3.orig//src/pwunconv.c 2011-09-29 12:00:45.214000091 +0100
851+++ shadow-4.1.4.3//src/pwunconv.c 2011-06-28 15:12:03.539504372 -0700 862+++ shadow-4.1.4.3//src/pwunconv.c 2011-09-29 11:59:28.388000092 +0100
852@@ -35,6 +35,7 @@ 863@@ -35,6 +35,7 @@
853 #ident "$Id: pwunconv.c 2852 2009-04-30 21:44:35Z nekral-guest $" 864 #ident "$Id: pwunconv.c 2852 2009-04-30 21:44:35Z nekral-guest $"
854 865
@@ -969,8 +980,8 @@ diff -urN shadow-4.1.4.3.orig//src/pwunconv.c shadow-4.1.4.3//src/pwunconv.c
969 /* shadow not installed, do nothing */ 980 /* shadow not installed, do nothing */
970 exit (0); 981 exit (0);
971diff -urN shadow-4.1.4.3.orig//src/useradd.c shadow-4.1.4.3//src/useradd.c 982diff -urN shadow-4.1.4.3.orig//src/useradd.c shadow-4.1.4.3//src/useradd.c
972--- shadow-4.1.4.3.orig//src/useradd.c 2011-02-13 09:58:16.000000000 -0800 983--- shadow-4.1.4.3.orig//src/useradd.c 2011-09-29 12:00:45.215000091 +0100
973+++ shadow-4.1.4.3//src/useradd.c 2011-06-28 15:12:14.608787030 -0700 984+++ shadow-4.1.4.3//src/useradd.c 2011-09-29 11:59:28.520000092 +0100
974@@ -112,6 +112,7 @@ 985@@ -112,6 +112,7 @@
975 #ifdef WITH_SELINUX 986 #ifdef WITH_SELINUX
976 static const char *user_selinux = ""; 987 static const char *user_selinux = "";
@@ -995,7 +1006,7 @@ diff -urN shadow-4.1.4.3.orig//src/useradd.c shadow-4.1.4.3//src/useradd.c
995 (void) fputs (_(" -r, --system create a system account\n"), stderr); 1006 (void) fputs (_(" -r, --system create a system account\n"), stderr);
996 (void) fputs (_(" -s, --shell SHELL login shell of the new account\n"), stderr); 1007 (void) fputs (_(" -s, --shell SHELL login shell of the new account\n"), stderr);
997 (void) fputs (_(" -u, --uid UID user ID of the new account\n"), stderr); 1008 (void) fputs (_(" -u, --uid UID user ID of the new account\n"), stderr);
998@@ -943,6 +946,59 @@ 1009@@ -943,6 +946,57 @@
999 } 1010 }
1000 1011
1001 /* 1012 /*
@@ -1011,27 +1022,26 @@ diff -urN shadow-4.1.4.3.orig//src/useradd.c shadow-4.1.4.3//src/useradd.c
1011+ /* 1022+ /*
1012+ * Parse the command line options. 1023+ * Parse the command line options.
1013+ */ 1024+ */
1014+ int c; 1025+ int i;
1015+ static struct option long_options[] = { 1026+ char *root;
1016+ {"root", required_argument, NULL, 'R'}, 1027+
1017+ {NULL, 0, NULL, '\0'} 1028+ for (i = 0; i < argc; i++) {
1018+ }; 1029+ if (!strcmp (argv[i], "--root") || !strcmp (argv[i], "-R")) {
1019+ while ((c = getopt_long (argc, argv, 1030+ if (i + 1 == argc) {
1020+#ifdef WITH_SELINUX 1031+ fprintf (stderr,
1021+ "b:c:d:De:f:g:G:k:K:lmMNop:R:rs:u:UZ:", 1032+ _("%s: option '%s' requires an argument\n"),
1022+#else 1033+ Prog, argv[i]);
1023+ "b:c:d:De:f:g:G:k:K:lmMNop:R:rs:u:U", 1034+ exit (E_BAD_ARG);
1024+#endif 1035+ }
1025+ long_options, NULL)) != -1) { 1036+ root = argv[i + 1];
1026+ switch (c) { 1037+
1027+ case 'R': 1038+ if ('/' != root[0]) {
1028+ if ('/' != optarg[0]) {
1029+ fprintf (stderr, 1039+ fprintf (stderr,
1030+ _("%s: invalid chroot path '%s'\n"), 1040+ _("%s: invalid chroot path '%s'\n"),
1031+ Prog, optarg); 1041+ Prog, root);
1032+ exit (E_BAD_ARG); 1042+ exit (E_BAD_ARG);
1033+ } 1043+ }
1034+ newroot = optarg; 1044+ newroot = root;
1035+ 1045+
1036+ if (access (newroot, F_OK) != 0) { 1046+ if (access (newroot, F_OK) != 0) {
1037+ fprintf(stderr, 1047+ fprintf(stderr,
@@ -1046,7 +1056,6 @@ diff -urN shadow-4.1.4.3.orig//src/useradd.c shadow-4.1.4.3//src/useradd.c
1046+ exit (E_BAD_ARG); 1056+ exit (E_BAD_ARG);
1047+ } 1057+ }
1048+ break; 1058+ break;
1049+ /* no-op on everything else - they will be hanled by process_flags() */
1050+ } 1059+ }
1051+ } 1060+ }
1052+} 1061+}
@@ -1055,7 +1064,7 @@ diff -urN shadow-4.1.4.3.orig//src/useradd.c shadow-4.1.4.3//src/useradd.c
1055 * process_flags - perform command line argument setting 1064 * process_flags - perform command line argument setting
1056 * 1065 *
1057 * process_flags() interprets the command line arguments and sets 1066 * process_flags() interprets the command line arguments and sets
1058@@ -978,6 +1034,7 @@ 1067@@ -978,6 +1032,7 @@
1059 {"no-user-group", no_argument, NULL, 'N'}, 1068 {"no-user-group", no_argument, NULL, 'N'},
1060 {"non-unique", no_argument, NULL, 'o'}, 1069 {"non-unique", no_argument, NULL, 'o'},
1061 {"password", required_argument, NULL, 'p'}, 1070 {"password", required_argument, NULL, 'p'},
@@ -1063,7 +1072,7 @@ diff -urN shadow-4.1.4.3.orig//src/useradd.c shadow-4.1.4.3//src/useradd.c
1063 {"system", no_argument, NULL, 'r'}, 1072 {"system", no_argument, NULL, 'r'},
1064 {"shell", required_argument, NULL, 's'}, 1073 {"shell", required_argument, NULL, 's'},
1065 #ifdef WITH_SELINUX 1074 #ifdef WITH_SELINUX
1066@@ -989,9 +1046,9 @@ 1075@@ -989,9 +1044,9 @@
1067 }; 1076 };
1068 while ((c = getopt_long (argc, argv, 1077 while ((c = getopt_long (argc, argv,
1069 #ifdef WITH_SELINUX 1078 #ifdef WITH_SELINUX
@@ -1075,7 +1084,7 @@ diff -urN shadow-4.1.4.3.orig//src/useradd.c shadow-4.1.4.3//src/useradd.c
1075 #endif 1084 #endif
1076 long_options, NULL)) != -1) { 1085 long_options, NULL)) != -1) {
1077 switch (c) { 1086 switch (c) {
1078@@ -1156,6 +1213,9 @@ 1087@@ -1156,6 +1211,9 @@
1079 } 1088 }
1080 user_pass = optarg; 1089 user_pass = optarg;
1081 break; 1090 break;
@@ -1085,7 +1094,7 @@ diff -urN shadow-4.1.4.3.orig//src/useradd.c shadow-4.1.4.3//src/useradd.c
1085 case 'r': 1094 case 'r':
1086 rflg = true; 1095 rflg = true;
1087 break; 1096 break;
1088@@ -1735,6 +1795,36 @@ 1097@@ -1735,6 +1793,36 @@
1089 } 1098 }
1090 } 1099 }
1091 #endif 1100 #endif
@@ -1122,7 +1131,7 @@ diff -urN shadow-4.1.4.3.orig//src/useradd.c shadow-4.1.4.3//src/useradd.c
1122 /* 1131 /*
1123 * create_home - create the user's home directory 1132 * create_home - create the user's home directory
1124 * 1133 *
1125@@ -1748,34 +1838,31 @@ 1134@@ -1748,34 +1836,31 @@
1126 #ifdef WITH_SELINUX 1135 #ifdef WITH_SELINUX
1127 selinux_file_context (user_home); 1136 selinux_file_context (user_home);
1128 #endif 1137 #endif
@@ -1175,7 +1184,7 @@ diff -urN shadow-4.1.4.3.orig//src/useradd.c shadow-4.1.4.3//src/useradd.c
1175 } 1184 }
1176 1185
1177 /* 1186 /*
1178@@ -1861,6 +1948,7 @@ 1187@@ -1861,6 +1946,7 @@
1179 */ 1188 */
1180 user_groups[0] = (char *) 0; 1189 user_groups[0] = (char *) 0;
1181 1190
@@ -1184,8 +1193,8 @@ diff -urN shadow-4.1.4.3.orig//src/useradd.c shadow-4.1.4.3//src/useradd.c
1184 is_shadow_pwd = spw_file_present (); 1193 is_shadow_pwd = spw_file_present ();
1185 #ifdef SHADOWGRP 1194 #ifdef SHADOWGRP
1186diff -urN shadow-4.1.4.3.orig//src/userdel.c shadow-4.1.4.3//src/userdel.c 1195diff -urN shadow-4.1.4.3.orig//src/userdel.c shadow-4.1.4.3//src/userdel.c
1187--- shadow-4.1.4.3.orig//src/userdel.c 2011-02-13 09:58:16.000000000 -0800 1196--- shadow-4.1.4.3.orig//src/userdel.c 2011-09-29 12:00:45.216000091 +0100
1188+++ shadow-4.1.4.3//src/userdel.c 2011-06-28 15:12:03.549503721 -0700 1197+++ shadow-4.1.4.3//src/userdel.c 2011-09-29 11:59:28.389000092 +0100
1189@@ -79,6 +79,7 @@ 1198@@ -79,6 +79,7 @@
1190 static char *user_name; 1199 static char *user_name;
1191 static uid_t user_id; 1200 static uid_t user_id;
@@ -1239,8 +1248,8 @@ diff -urN shadow-4.1.4.3.orig//src/userdel.c shadow-4.1.4.3//src/userdel.c
1239 rflg = true; 1248 rflg = true;
1240 break; 1249 break;
1241diff -urN shadow-4.1.4.3.orig//src/usermod.c shadow-4.1.4.3//src/usermod.c 1250diff -urN shadow-4.1.4.3.orig//src/usermod.c shadow-4.1.4.3//src/usermod.c
1242--- shadow-4.1.4.3.orig//src/usermod.c 2011-02-13 09:58:16.000000000 -0800 1251--- shadow-4.1.4.3.orig//src/usermod.c 2011-09-29 12:00:45.216000091 +0100
1243+++ shadow-4.1.4.3//src/usermod.c 2011-06-28 15:12:03.549503721 -0700 1252+++ shadow-4.1.4.3//src/usermod.c 2011-09-29 11:59:28.390000092 +0100
1244@@ -110,6 +110,7 @@ 1253@@ -110,6 +110,7 @@
1245 static long user_newinactive; 1254 static long user_newinactive;
1246 static long sys_ngroups; 1255 static long sys_ngroups;
@@ -1265,7 +1274,7 @@ diff -urN shadow-4.1.4.3.orig//src/usermod.c shadow-4.1.4.3//src/usermod.c
1265 " -s, --shell SHELL new login shell for the user account\n" 1274 " -s, --shell SHELL new login shell for the user account\n"
1266 " -u, --uid UID new UID for the user account\n" 1275 " -u, --uid UID new UID for the user account\n"
1267 " -U, --unlock unlock the user account\n" 1276 " -U, --unlock unlock the user account\n"
1268@@ -802,6 +805,60 @@ 1277@@ -802,6 +805,58 @@
1269 } 1278 }
1270 1279
1271 /* 1280 /*
@@ -1281,28 +1290,27 @@ diff -urN shadow-4.1.4.3.orig//src/usermod.c shadow-4.1.4.3//src/usermod.c
1281+ /* 1290+ /*
1282+ * Parse the command line options. 1291+ * Parse the command line options.
1283+ */ 1292+ */
1284+ int c; 1293+ int i;
1285+ static struct option long_options[] = { 1294+ char *root;
1286+ {"root", required_argument, NULL, 'R'}, 1295+
1287+ {NULL, 0, NULL, '\0'} 1296+ for (i = 0; i < argc; i++) {
1288+ }; 1297+ if (!strcmp (argv[i], "--root") || !strcmp (argv[i], "-R")) {
1289+ while ((c = getopt_long (argc, argv, 1298+ if (i + 1 == argc) {
1290+#ifdef WITH_SELINUX 1299+ fprintf (stderr,
1291+ "ac:d:e:f:g:G:hl:Lmop:R:s:u:UZ:", 1300+ _("%s: option '%s' requires an argument\n"),
1292+#else 1301+ Prog, argv[i]);
1293+ "ac:d:e:f:g:G:hl:Lmop:R:s:u:U", 1302+ exit (E_BAD_ARG);
1294+#endif 1303+ }
1295+ long_options, NULL)) != -1) { 1304+ root = argv[i + 1];
1296+ switch (c) { 1305+
1297+ case 'R': 1306+ if ( (!VALID (root) )
1298+ if ( (!VALID (optarg) ) 1307+ || ( ('/' != root[0]) ) ) {
1299+ || ( ('/' != optarg[0]) ) ) {
1300+ fprintf (stderr, 1308+ fprintf (stderr,
1301+ _("%s: invalid chroot path '%s'\n"), 1309+ _("%s: invalid chroot path '%s'\n"),
1302+ Prog, optarg); 1310+ Prog, root);
1303+ exit (E_BAD_ARG); 1311+ exit (E_BAD_ARG);
1304+ } 1312+ }
1305+ newroot = optarg; 1313+ newroot = root;
1306+ 1314+
1307+ if (access (newroot, F_OK) != 0) { 1315+ if (access (newroot, F_OK) != 0) {
1308+ fprintf(stderr, 1316+ fprintf(stderr,
@@ -1317,7 +1325,6 @@ diff -urN shadow-4.1.4.3.orig//src/usermod.c shadow-4.1.4.3//src/usermod.c
1317+ exit (E_BAD_ARG); 1325+ exit (E_BAD_ARG);
1318+ } 1326+ }
1319+ break; 1327+ break;
1320+ /* no-op on everything else - they will be hanled by process_flags() */
1321+ } 1328+ }
1322+ } 1329+ }
1323+} 1330+}
@@ -1326,7 +1333,7 @@ diff -urN shadow-4.1.4.3.orig//src/usermod.c shadow-4.1.4.3//src/usermod.c
1326 * process_flags - perform command line argument setting 1333 * process_flags - perform command line argument setting
1327 * 1334 *
1328 * process_flags() interprets the command line arguments and sets the 1335 * process_flags() interprets the command line arguments and sets the
1329@@ -895,6 +952,7 @@ 1336@@ -895,6 +950,7 @@
1330 {"move-home", no_argument, NULL, 'm'}, 1337 {"move-home", no_argument, NULL, 'm'},
1331 {"non-unique", no_argument, NULL, 'o'}, 1338 {"non-unique", no_argument, NULL, 'o'},
1332 {"password", required_argument, NULL, 'p'}, 1339 {"password", required_argument, NULL, 'p'},
@@ -1334,7 +1341,7 @@ diff -urN shadow-4.1.4.3.orig//src/usermod.c shadow-4.1.4.3//src/usermod.c
1334 #ifdef WITH_SELINUX 1341 #ifdef WITH_SELINUX
1335 {"selinux-user", required_argument, NULL, 'Z'}, 1342 {"selinux-user", required_argument, NULL, 'Z'},
1336 #endif 1343 #endif
1337@@ -905,9 +963,9 @@ 1344@@ -905,9 +961,9 @@
1338 }; 1345 };
1339 while ((c = getopt_long (argc, argv, 1346 while ((c = getopt_long (argc, argv,
1340 #ifdef WITH_SELINUX 1347 #ifdef WITH_SELINUX
@@ -1346,7 +1353,7 @@ diff -urN shadow-4.1.4.3.orig//src/usermod.c shadow-4.1.4.3//src/usermod.c
1346 #endif 1353 #endif
1347 long_options, NULL)) != -1) { 1354 long_options, NULL)) != -1) {
1348 switch (c) { 1355 switch (c) {
1349@@ -999,6 +1057,9 @@ 1356@@ -999,6 +1055,9 @@
1350 user_pass = optarg; 1357 user_pass = optarg;
1351 pflg = true; 1358 pflg = true;
1352 break; 1359 break;
@@ -1356,7 +1363,7 @@ diff -urN shadow-4.1.4.3.orig//src/usermod.c shadow-4.1.4.3//src/usermod.c
1356 case 's': 1363 case 's':
1357 if (!VALID (optarg)) { 1364 if (!VALID (optarg)) {
1358 fprintf (stderr, 1365 fprintf (stderr,
1359@@ -1715,6 +1776,8 @@ 1366@@ -1715,6 +1774,8 @@
1360 1367
1361 OPENLOG ("usermod"); 1368 OPENLOG ("usermod");
1362 1369