diff options
19 files changed, 333 insertions, 1936 deletions
diff --git a/meta/recipes-extended/shadow/files/0001-useradd.c-create-parent-directories-when-necessary.patch b/meta/recipes-extended/shadow/files/0001-useradd.c-create-parent-directories-when-necessary.patch new file mode 100644 index 0000000000..85dde8e1bb --- /dev/null +++ b/meta/recipes-extended/shadow/files/0001-useradd.c-create-parent-directories-when-necessary.patch | |||
@@ -0,0 +1,109 @@ | |||
1 | Upstream-Status: Inappropriate [OE specific] | ||
2 | |||
3 | Subject: useradd.c: create parent directories when necessary | ||
4 | |||
5 | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> | ||
6 | --- | ||
7 | src/useradd.c | 72 +++++++++++++++++++++++++++++++++++++++------------------ | ||
8 | 1 file changed, 49 insertions(+), 23 deletions(-) | ||
9 | |||
10 | diff --git a/src/useradd.c b/src/useradd.c | ||
11 | index 4bd969d..cb5dd6c 100644 | ||
12 | --- a/src/useradd.c | ||
13 | +++ b/src/useradd.c | ||
14 | @@ -1893,6 +1893,35 @@ static void usr_update (void) | ||
15 | } | ||
16 | |||
17 | /* | ||
18 | + * mkdir_p - create directories, including parent directories when needed | ||
19 | + * | ||
20 | + * similar to `mkdir -p' | ||
21 | + */ | ||
22 | +void mkdir_p(const char *path) { | ||
23 | + int len = strlen(path); | ||
24 | + char newdir[len + 1]; | ||
25 | + mode_t mode = 0755; | ||
26 | + int i = 0; | ||
27 | + | ||
28 | + if (path[i] == '\0') { | ||
29 | + return; | ||
30 | + } | ||
31 | + | ||
32 | + /* skip the leading '/' */ | ||
33 | + i++; | ||
34 | + | ||
35 | + while(path[i] != '\0') { | ||
36 | + if (path[i] == '/') { | ||
37 | + strncpy(newdir, path, i); | ||
38 | + newdir[i] = '\0'; | ||
39 | + mkdir(newdir, mode); | ||
40 | + } | ||
41 | + i++; | ||
42 | + } | ||
43 | + mkdir(path, mode); | ||
44 | +} | ||
45 | + | ||
46 | +/* | ||
47 | * create_home - create the user's home directory | ||
48 | * | ||
49 | * create_home() creates the user's home directory if it does not | ||
50 | @@ -1907,36 +1936,33 @@ static void create_home (void) | ||
51 | fail_exit (E_HOMEDIR); | ||
52 | } | ||
53 | #endif | ||
54 | - /* XXX - create missing parent directories. --marekm */ | ||
55 | - if (mkdir (user_home, 0) != 0) { | ||
56 | - fprintf (stderr, | ||
57 | - _("%s: cannot create directory %s\n"), | ||
58 | - Prog, user_home); | ||
59 | -#ifdef WITH_AUDIT | ||
60 | - audit_logger (AUDIT_ADD_USER, Prog, | ||
61 | - "adding home directory", | ||
62 | - user_name, (unsigned int) user_id, | ||
63 | - SHADOW_AUDIT_FAILURE); | ||
64 | -#endif | ||
65 | - fail_exit (E_HOMEDIR); | ||
66 | - } | ||
67 | - chown (user_home, user_id, user_gid); | ||
68 | - chmod (user_home, | ||
69 | - 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK)); | ||
70 | - home_added = true; | ||
71 | + mkdir_p(user_home); | ||
72 | + } | ||
73 | + if (access (user_home, F_OK) != 0) { | ||
74 | #ifdef WITH_AUDIT | ||
75 | audit_logger (AUDIT_ADD_USER, Prog, | ||
76 | "adding home directory", | ||
77 | user_name, (unsigned int) user_id, | ||
78 | - SHADOW_AUDIT_SUCCESS); | ||
79 | + SHADOW_AUDIT_FAILURE); | ||
80 | #endif | ||
81 | -#ifdef WITH_SELINUX | ||
82 | - /* Reset SELinux to create files with default contexts */ | ||
83 | - if (reset_selinux_file_context () != 0) { | ||
84 | - fail_exit (E_HOMEDIR); | ||
85 | - } | ||
86 | + fail_exit (E_HOMEDIR); | ||
87 | + } | ||
88 | + chown (user_home, user_id, user_gid); | ||
89 | + chmod (user_home, | ||
90 | + 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK)); | ||
91 | + home_added = true; | ||
92 | +#ifdef WITH_AUDIT | ||
93 | + audit_logger (AUDIT_ADD_USER, Prog, | ||
94 | + "adding home directory", | ||
95 | + user_name, (unsigned int) user_id, | ||
96 | + SHADOW_AUDIT_SUCCESS); | ||
97 | #endif | ||
98 | +#ifdef WITH_SELINUX | ||
99 | + /* Reset SELinux to create files with default contexts */ | ||
100 | + if (reset_selinux_file_context () != 0) { | ||
101 | + fail_exit (E_HOMEDIR); | ||
102 | } | ||
103 | +#endif | ||
104 | } | ||
105 | |||
106 | /* | ||
107 | -- | ||
108 | 1.7.9.5 | ||
109 | |||
diff --git a/meta/recipes-extended/shadow/files/add_root_cmd_groupmems.patch b/meta/recipes-extended/shadow/files/add_root_cmd_groupmems.patch deleted file mode 100644 index 40444967ab..0000000000 --- a/meta/recipes-extended/shadow/files/add_root_cmd_groupmems.patch +++ /dev/null | |||
@@ -1,75 +0,0 @@ | |||
1 | Add a --root command option to groupmems utility. | ||
2 | |||
3 | This option allows the utility to be chrooted when run under pseudo. | ||
4 | |||
5 | Signed-off-by: Mikhail Durnev <mikhail_durnev@mentor.com> | ||
6 | |||
7 | diff -Naur old/src/groupmems.c new/src/groupmems.c | ||
8 | --- old/src/groupmems.c 2011-02-13 11:58:16.000000000 -0600 | ||
9 | +++ new/src/groupmems.c 2013-05-30 04:45:38.000000000 -0500 | ||
10 | @@ -60,6 +60,7 @@ | ||
11 | #define EXIT_MEMBER_EXISTS 7 /* member of group already exists */ | ||
12 | #define EXIT_INVALID_USER 8 /* specified user does not exist */ | ||
13 | #define EXIT_INVALID_GROUP 9 /* specified group does not exist */ | ||
14 | +#define EXIT_BAD_ARG 10 /* invalid argument to option */ | ||
15 | |||
16 | /* | ||
17 | * Global variables | ||
18 | @@ -79,6 +80,7 @@ | ||
19 | static bool is_shadowgrp; | ||
20 | static bool sgr_locked = false; | ||
21 | #endif | ||
22 | +static const char *newroot = ""; | ||
23 | |||
24 | /* local function prototypes */ | ||
25 | static char *whoami (void); | ||
26 | @@ -368,6 +370,7 @@ | ||
27 | "Options:\n" | ||
28 | " -g, --group groupname change groupname instead of the user's group\n" | ||
29 | " (root only)\n" | ||
30 | + " -R, --root CHROOT_DIR directory to chroot into\n" | ||
31 | "\n" | ||
32 | "Actions:\n" | ||
33 | " -a, --add username add username to the members of the group\n" | ||
34 | @@ -391,10 +394,11 @@ | ||
35 | {"group", required_argument, NULL, 'g'}, | ||
36 | {"list", no_argument, NULL, 'l'}, | ||
37 | {"purge", no_argument, NULL, 'p'}, | ||
38 | + {"root", required_argument, NULL, 'R'}, | ||
39 | {NULL, 0, NULL, '\0'} | ||
40 | }; | ||
41 | |||
42 | - while ((arg = getopt_long (argc, argv, "a:d:g:lp", long_options, | ||
43 | + while ((arg = getopt_long (argc, argv, "a:d:g:lpR:", long_options, | ||
44 | &option_index)) != EOF) { | ||
45 | switch (arg) { | ||
46 | case 'a': | ||
47 | @@ -416,6 +420,28 @@ | ||
48 | purge = true; | ||
49 | ++exclusive; | ||
50 | break; | ||
51 | + case 'R': | ||
52 | + if ('/' != optarg[0]) { | ||
53 | + fprintf (stderr, | ||
54 | + _("%s: invalid chroot path '%s'\n"), | ||
55 | + Prog, optarg); | ||
56 | + exit (EXIT_BAD_ARG); | ||
57 | + } | ||
58 | + newroot = optarg; | ||
59 | + | ||
60 | + if (access (newroot, F_OK) != 0) { | ||
61 | + fprintf(stderr, | ||
62 | + _("%s: chroot directory %s does not exist\n"), | ||
63 | + Prog, newroot); | ||
64 | + exit (EXIT_BAD_ARG); | ||
65 | + } | ||
66 | + if ( chroot(newroot) != 0 ) { | ||
67 | + fprintf(stderr, | ||
68 | + _("%s: unable to chroot to directory %s\n"), | ||
69 | + Prog, newroot); | ||
70 | + exit (EXIT_BAD_ARG); | ||
71 | + } | ||
72 | + break; | ||
73 | default: | ||
74 | usage (); | ||
75 | } | ||
diff --git a/meta/recipes-extended/shadow/files/add_root_cmd_options.patch b/meta/recipes-extended/shadow/files/add_root_cmd_options.patch deleted file mode 100644 index ab87e35535..0000000000 --- a/meta/recipes-extended/shadow/files/add_root_cmd_options.patch +++ /dev/null | |||
@@ -1,1384 +0,0 @@ | |||
1 | Add a --root command option to the following utilties: | ||
2 | |||
3 | * useradd | ||
4 | * groupadd | ||
5 | * usermod | ||
6 | * groupmod | ||
7 | * userdel | ||
8 | * groupdel | ||
9 | * passwd | ||
10 | * gpasswd | ||
11 | * pwconv | ||
12 | * pwunconv | ||
13 | * grpconv | ||
14 | * grpunconv | ||
15 | |||
16 | This option allows the utilities to be chrooted when run under pseudo. | ||
17 | They can then be used to manipulate user and group account information | ||
18 | in target sysroots. | ||
19 | |||
20 | The useradd utility was also modified to create home directories | ||
21 | recursively when necessary. | ||
22 | |||
23 | Upstream-Status: Inappropriate [Other] | ||
24 | Workaround is specific to our build system. | ||
25 | |||
26 | Signed-off-by: Scott Garman <scott.a.garman@intel.com> | ||
27 | |||
28 | 2011-09-29 Fix the parsing of the --root option in gpasswd, useradd, usermod: | ||
29 | |||
30 | In programs which need to scan the command line in two passes to handle | ||
31 | --root option separately from the rest of the arguments, replace the first | ||
32 | calls to getopt_long with a simple iteration over the argument list since | ||
33 | getopt_long has the bad habit of reordering arguments on the command line. | ||
34 | |||
35 | Signed-off-by: Julian Pidancet <julian.pidancet@gmail.com> | ||
36 | |||
37 | diff -urN shadow-4.1.4.3.orig//src/gpasswd.c shadow-4.1.4.3//src/gpasswd.c | ||
38 | --- shadow-4.1.4.3.orig//src/gpasswd.c 2011-09-29 12:00:45.211000091 +0100 | ||
39 | +++ shadow-4.1.4.3//src/gpasswd.c 2011-09-29 12:09:54.590000090 +0100 | ||
40 | @@ -63,6 +63,7 @@ | ||
41 | * (/etc/gshadow present) */ | ||
42 | static bool is_shadowgrp; | ||
43 | #endif | ||
44 | +static const char *newroot = ""; | ||
45 | |||
46 | /* Flags set by options */ | ||
47 | static bool aflg = false; | ||
48 | @@ -97,6 +98,7 @@ | ||
49 | static void usage (void); | ||
50 | static RETSIGTYPE catch_signals (int killed); | ||
51 | static bool is_valid_user_list (const char *users); | ||
52 | +static void process_root_flag (int argc, char **argv); | ||
53 | static void process_flags (int argc, char **argv); | ||
54 | static void check_flags (int argc, int opt_index); | ||
55 | static void open_files (void); | ||
56 | @@ -136,6 +138,7 @@ | ||
57 | "Options:\n" | ||
58 | " -a, --add USER add USER to GROUP\n" | ||
59 | " -d, --delete USER remove USER from GROUP\n" | ||
60 | + " -Q --root CHROOT_DIR directory to chroot into\n" | ||
61 | " -r, --remove-password remove the GROUP's password\n" | ||
62 | " -R, --restrict restrict access to GROUP to its members\n" | ||
63 | " -M, --members USER,... set the list of members of GROUP\n" | ||
64 | @@ -226,6 +229,57 @@ | ||
65 | } | ||
66 | |||
67 | /* | ||
68 | + * process_root_flag - chroot if given the --root option | ||
69 | + * | ||
70 | + * We do this outside of process_flags() because | ||
71 | + * the is_shadow_pwd boolean needs to be set before | ||
72 | + * process_flags(), and if we do need to chroot() we | ||
73 | + * must do so before is_shadow_pwd gets set. | ||
74 | + */ | ||
75 | +static void process_root_flag (int argc, char **argv) | ||
76 | +{ | ||
77 | + /* | ||
78 | + * Parse the command line options. | ||
79 | + */ | ||
80 | + int i; | ||
81 | + char *root; | ||
82 | + | ||
83 | + for (i = 0; i < argc; i++) { | ||
84 | + if (!strcmp (argv[i], "--root") || !strcmp (argv[i], "-Q")) { | ||
85 | + if (i + 1 == argc) { | ||
86 | + fprintf (stderr, | ||
87 | + _("%s: option '%s' requires an argument\n"), | ||
88 | + Prog, argv[i]); | ||
89 | + exit (E_BAD_ARG); | ||
90 | + } | ||
91 | + root = argv[i + 1]; | ||
92 | + | ||
93 | + if ('/' != root[0]) { | ||
94 | + fprintf (stderr, | ||
95 | + _("%s: invalid chroot path '%s'\n"), | ||
96 | + Prog, root); | ||
97 | + exit (E_BAD_ARG); | ||
98 | + } | ||
99 | + newroot = root; | ||
100 | + | ||
101 | + if (access (newroot, F_OK) != 0) { | ||
102 | + fprintf(stderr, | ||
103 | + _("%s: chroot directory %s does not exist\n"), | ||
104 | + Prog, newroot); | ||
105 | + exit (E_BAD_ARG); | ||
106 | + } | ||
107 | + if ( chroot(newroot) != 0 ) { | ||
108 | + fprintf(stderr, | ||
109 | + _("%s: unable to chroot to directory %s\n"), | ||
110 | + Prog, newroot); | ||
111 | + exit (E_BAD_ARG); | ||
112 | + } | ||
113 | + break; | ||
114 | + } | ||
115 | + } | ||
116 | +} | ||
117 | + | ||
118 | +/* | ||
119 | * process_flags - process the command line options and arguments | ||
120 | */ | ||
121 | static void process_flags (int argc, char **argv) | ||
122 | @@ -235,6 +289,7 @@ | ||
123 | static struct option long_options[] = { | ||
124 | {"add", required_argument, NULL, 'a'}, | ||
125 | {"delete", required_argument, NULL, 'd'}, | ||
126 | + {"root", required_argument, NULL, 'Q'}, | ||
127 | {"remove-password", no_argument, NULL, 'r'}, | ||
128 | {"restrict", no_argument, NULL, 'R'}, | ||
129 | {"administrators", required_argument, NULL, 'A'}, | ||
130 | @@ -242,7 +297,7 @@ | ||
131 | {NULL, 0, NULL, '\0'} | ||
132 | }; | ||
133 | |||
134 | - while ((flag = getopt_long (argc, argv, "a:A:d:gM:rR", long_options, &option_index)) != -1) { | ||
135 | + while ((flag = getopt_long (argc, argv, "a:A:d:gM:Q:rR", long_options, &option_index)) != -1) { | ||
136 | switch (flag) { | ||
137 | case 'a': /* add a user */ | ||
138 | aflg = true; | ||
139 | @@ -283,6 +338,9 @@ | ||
140 | } | ||
141 | Mflg = true; | ||
142 | break; | ||
143 | + case 'Q': | ||
144 | + /* no-op since we handled this in process_root_flag() earlier */ | ||
145 | + break; | ||
146 | case 'r': /* remove group password */ | ||
147 | rflg = true; | ||
148 | break; | ||
149 | @@ -995,6 +1053,8 @@ | ||
150 | setbuf (stdout, NULL); | ||
151 | setbuf (stderr, NULL); | ||
152 | |||
153 | + process_root_flag (argc, argv); | ||
154 | + | ||
155 | #ifdef SHADOWGRP | ||
156 | is_shadowgrp = sgr_file_present (); | ||
157 | #endif | ||
158 | diff -urN shadow-4.1.4.3.orig//src/groupadd.c shadow-4.1.4.3//src/groupadd.c | ||
159 | --- shadow-4.1.4.3.orig//src/groupadd.c 2011-09-29 12:00:45.212000091 +0100 | ||
160 | +++ shadow-4.1.4.3//src/groupadd.c 2011-09-29 11:59:28.386000092 +0100 | ||
161 | @@ -76,6 +76,7 @@ | ||
162 | static gid_t group_id; | ||
163 | static /*@null@*/char *group_passwd; | ||
164 | static /*@null@*/char *empty_list = NULL; | ||
165 | +static const char *newroot = ""; | ||
166 | |||
167 | static bool oflg = false; /* permit non-unique group ID to be specified with -g */ | ||
168 | static bool gflg = false; /* ID value for the new group */ | ||
169 | @@ -120,6 +121,7 @@ | ||
170 | (void) fputs (_(" -o, --non-unique allow to create groups with duplicate\n" | ||
171 | " (non-unique) GID\n"), stderr); | ||
172 | (void) fputs (_(" -p, --password PASSWORD use this encrypted password for the new group\n"), stderr); | ||
173 | + (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), stderr); | ||
174 | (void) fputs (_(" -r, --system create a system account\n"), stderr); | ||
175 | (void) fputs ("\n", stderr); | ||
176 | exit (E_USAGE); | ||
177 | @@ -383,12 +385,13 @@ | ||
178 | {"key", required_argument, NULL, 'K'}, | ||
179 | {"non-unique", no_argument, NULL, 'o'}, | ||
180 | {"password", required_argument, NULL, 'p'}, | ||
181 | + {"root", required_argument, NULL, 'R'}, | ||
182 | {"system", no_argument, NULL, 'r'}, | ||
183 | {NULL, 0, NULL, '\0'} | ||
184 | }; | ||
185 | |||
186 | while ((c = | ||
187 | - getopt_long (argc, argv, "fg:hK:op:r", long_options, | ||
188 | + getopt_long (argc, argv, "fg:hK:op:R:r", long_options, | ||
189 | &option_index)) != -1) { | ||
190 | switch (c) { | ||
191 | case 'f': | ||
192 | @@ -440,6 +443,28 @@ | ||
193 | pflg = true; | ||
194 | group_passwd = optarg; | ||
195 | break; | ||
196 | + case 'R': | ||
197 | + if ('/' != optarg[0]) { | ||
198 | + fprintf (stderr, | ||
199 | + _("%s: invalid chroot path '%s'\n"), | ||
200 | + Prog, optarg); | ||
201 | + exit (E_BAD_ARG); | ||
202 | + } | ||
203 | + newroot = optarg; | ||
204 | + | ||
205 | + if (access (newroot, F_OK) != 0) { | ||
206 | + fprintf(stderr, | ||
207 | + _("%s: chroot directory %s does not exist\n"), | ||
208 | + Prog, newroot); | ||
209 | + exit (E_BAD_ARG); | ||
210 | + } | ||
211 | + if ( chroot(newroot) != 0 ) { | ||
212 | + fprintf(stderr, | ||
213 | + _("%s: unable to chroot to directory %s\n"), | ||
214 | + Prog, newroot); | ||
215 | + exit (E_BAD_ARG); | ||
216 | + } | ||
217 | + break; | ||
218 | case 'r': | ||
219 | rflg = true; | ||
220 | break; | ||
221 | diff -urN shadow-4.1.4.3.orig//src/groupdel.c shadow-4.1.4.3//src/groupdel.c | ||
222 | --- shadow-4.1.4.3.orig//src/groupdel.c 2011-09-29 12:00:45.212000091 +0100 | ||
223 | +++ shadow-4.1.4.3//src/groupdel.c 2011-09-29 11:59:28.386000092 +0100 | ||
224 | @@ -36,6 +36,7 @@ | ||
225 | |||
226 | #include <ctype.h> | ||
227 | #include <fcntl.h> | ||
228 | +#include <getopt.h> | ||
229 | #include <grp.h> | ||
230 | #include <pwd.h> | ||
231 | #ifdef ACCT_TOOLS_SETUID | ||
232 | @@ -59,6 +60,7 @@ | ||
233 | |||
234 | static char *group_name; | ||
235 | static gid_t group_id = -1; | ||
236 | +static const char *newroot = ""; | ||
237 | |||
238 | #ifdef SHADOWGRP | ||
239 | static bool is_shadow_grp; | ||
240 | @@ -70,12 +72,14 @@ | ||
241 | /*@-exitarg@*/ | ||
242 | #define E_SUCCESS 0 /* success */ | ||
243 | #define E_USAGE 2 /* invalid command syntax */ | ||
244 | +#define E_BAD_ARG 3 /* invalid argument to option */ | ||
245 | #define E_NOTFOUND 6 /* specified group doesn't exist */ | ||
246 | #define E_GROUP_BUSY 8 /* can't remove user's primary group */ | ||
247 | #define E_GRP_UPDATE 10 /* can't update group file */ | ||
248 | |||
249 | /* local function prototypes */ | ||
250 | static void usage (void); | ||
251 | +static void process_flags (int argc, char **argv); | ||
252 | static void grp_update (void); | ||
253 | static void close_files (void); | ||
254 | static void open_files (void); | ||
255 | @@ -86,11 +90,78 @@ | ||
256 | */ | ||
257 | static void usage (void) | ||
258 | { | ||
259 | - fputs (_("Usage: groupdel group\n"), stderr); | ||
260 | + (void) fprintf (stderr, | ||
261 | + _("Usage: groupdel [options]\n" | ||
262 | + "\n" | ||
263 | + "Options:\n"), | ||
264 | + Prog); | ||
265 | + (void) fputs (_(" -g, --group GROUP group name to delete\n"), stderr); | ||
266 | + (void) fputs (_(" -h, --help display this help message and exit\n"), stderr); | ||
267 | + (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), stderr); | ||
268 | + (void) fputs ("\n", stderr); | ||
269 | exit (E_USAGE); | ||
270 | } | ||
271 | |||
272 | /* | ||
273 | + * process_flags - perform command line argument setting | ||
274 | + * | ||
275 | + * process_flags() interprets the command line arguments and sets | ||
276 | + * the values that the user will be created with accordingly. The | ||
277 | + * values are checked for sanity. | ||
278 | + */ | ||
279 | +static void process_flags (int argc, char **argv) | ||
280 | +{ | ||
281 | + { | ||
282 | + /* | ||
283 | + * Parse the command line options. | ||
284 | + */ | ||
285 | + int c; | ||
286 | + static struct option long_options[] = { | ||
287 | + {"group", required_argument, NULL, 'g'}, | ||
288 | + {"help", no_argument, NULL, 'h'}, | ||
289 | + {"root", required_argument, NULL, 'R'}, | ||
290 | + {NULL, 0, NULL, '\0'} | ||
291 | + }; | ||
292 | + while ((c = getopt_long (argc, argv, | ||
293 | + "g:R:", | ||
294 | + long_options, NULL)) != -1) { | ||
295 | + switch (c) { | ||
296 | + case 'g': | ||
297 | + group_name = optarg; | ||
298 | + break; | ||
299 | + case 'h': | ||
300 | + usage (); | ||
301 | + break; | ||
302 | + case 'R': | ||
303 | + if ('/' != optarg[0]) { | ||
304 | + fprintf (stderr, | ||
305 | + _("%s: invalid chroot path '%s'\n"), | ||
306 | + Prog, optarg); | ||
307 | + exit (E_BAD_ARG); | ||
308 | + } | ||
309 | + newroot = optarg; | ||
310 | + | ||
311 | + if (access (newroot, F_OK) != 0) { | ||
312 | + fprintf(stderr, | ||
313 | + _("%s: chroot directory %s does not exist\n"), | ||
314 | + Prog, newroot); | ||
315 | + exit (E_BAD_ARG); | ||
316 | + } | ||
317 | + if ( chroot(newroot) != 0 ) { | ||
318 | + fprintf(stderr, | ||
319 | + _("%s: unable to chroot to directory %s\n"), | ||
320 | + Prog, newroot); | ||
321 | + exit (E_BAD_ARG); | ||
322 | + } | ||
323 | + break; | ||
324 | + default: | ||
325 | + usage (); | ||
326 | + } | ||
327 | + } | ||
328 | + } | ||
329 | +} | ||
330 | + | ||
331 | +/* | ||
332 | * grp_update - update group file entries | ||
333 | * | ||
334 | * grp_update() writes the new records to the group files. | ||
335 | @@ -328,14 +399,14 @@ | ||
336 | (void) bindtextdomain (PACKAGE, LOCALEDIR); | ||
337 | (void) textdomain (PACKAGE); | ||
338 | |||
339 | - if (argc != 2) { | ||
340 | + if (argc == 1) { | ||
341 | usage (); | ||
342 | } | ||
343 | |||
344 | - group_name = argv[1]; | ||
345 | - | ||
346 | OPENLOG ("groupdel"); | ||
347 | |||
348 | + process_flags (argc, argv); | ||
349 | + | ||
350 | #ifdef ACCT_TOOLS_SETUID | ||
351 | #ifdef USE_PAM | ||
352 | { | ||
353 | diff -urN shadow-4.1.4.3.orig//src/groupmod.c shadow-4.1.4.3//src/groupmod.c | ||
354 | --- shadow-4.1.4.3.orig//src/groupmod.c 2011-09-29 12:00:45.212000091 +0100 | ||
355 | +++ shadow-4.1.4.3//src/groupmod.c 2011-09-29 11:59:28.387000092 +0100 | ||
356 | @@ -79,6 +79,7 @@ | ||
357 | static char *group_passwd; | ||
358 | static gid_t group_id; | ||
359 | static gid_t group_newid; | ||
360 | +static char *newroot = ""; | ||
361 | |||
362 | struct cleanup_info_mod info_passwd; | ||
363 | struct cleanup_info_mod info_group; | ||
364 | @@ -126,6 +127,7 @@ | ||
365 | (void) fputs (_(" -o, --non-unique allow to use a duplicate (non-unique) GID\n"), stderr); | ||
366 | (void) fputs (_(" -p, --password PASSWORD change the password to this (encrypted)\n" | ||
367 | " PASSWORD\n"), stderr); | ||
368 | + (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), stderr); | ||
369 | (void) fputs ("\n", stderr); | ||
370 | exit (E_USAGE); | ||
371 | } | ||
372 | @@ -346,10 +348,11 @@ | ||
373 | {"new-name", required_argument, NULL, 'n'}, | ||
374 | {"non-unique", no_argument, NULL, 'o'}, | ||
375 | {"password", required_argument, NULL, 'p'}, | ||
376 | + {"root", required_argument, NULL, 'R'}, | ||
377 | {NULL, 0, NULL, '\0'} | ||
378 | }; | ||
379 | while ((c = | ||
380 | - getopt_long (argc, argv, "g:hn:op:", | ||
381 | + getopt_long (argc, argv, "g:hn:op:R:", | ||
382 | long_options, &option_index)) != -1) { | ||
383 | switch (c) { | ||
384 | case 'g': | ||
385 | @@ -373,6 +376,28 @@ | ||
386 | group_passwd = optarg; | ||
387 | pflg = true; | ||
388 | break; | ||
389 | + case 'R': | ||
390 | + if ('/' != optarg[0]) { | ||
391 | + fprintf (stderr, | ||
392 | + _("%s: invalid chroot path '%s'\n"), | ||
393 | + Prog, optarg); | ||
394 | + exit (E_BAD_ARG); | ||
395 | + } | ||
396 | + newroot = optarg; | ||
397 | + | ||
398 | + if (access (newroot, F_OK) != 0) { | ||
399 | + fprintf(stderr, | ||
400 | + _("%s: chroot directory %s does not exist\n"), | ||
401 | + Prog, newroot); | ||
402 | + exit (E_BAD_ARG); | ||
403 | + } | ||
404 | + if ( chroot(newroot) != 0 ) { | ||
405 | + fprintf(stderr, | ||
406 | + _("%s: unable to chroot to directory %s\n"), | ||
407 | + Prog, newroot); | ||
408 | + exit (E_BAD_ARG); | ||
409 | + } | ||
410 | + break; | ||
411 | default: | ||
412 | usage (); | ||
413 | } | ||
414 | diff -urN shadow-4.1.4.3.orig//src/grpconv.c shadow-4.1.4.3//src/grpconv.c | ||
415 | --- shadow-4.1.4.3.orig//src/grpconv.c 2011-09-29 12:00:45.213000091 +0100 | ||
416 | +++ shadow-4.1.4.3//src/grpconv.c 2011-09-29 11:59:28.387000092 +0100 | ||
417 | @@ -39,6 +39,7 @@ | ||
418 | |||
419 | #include <errno.h> | ||
420 | #include <fcntl.h> | ||
421 | +#include <getopt.h> | ||
422 | #include <grp.h> | ||
423 | #include <stdio.h> | ||
424 | #include <stdlib.h> | ||
425 | @@ -50,6 +51,14 @@ | ||
426 | #ifdef SHADOWGRP | ||
427 | #include "groupio.h" | ||
428 | #include "sgroupio.h" | ||
429 | + | ||
430 | +/* | ||
431 | + * exit status values | ||
432 | + */ | ||
433 | +/*@-exitarg@*/ | ||
434 | +#define E_USAGE 2 /* invalid command syntax */ | ||
435 | +#define E_BAD_ARG 3 /* invalid argument to option */ | ||
436 | + | ||
437 | /* | ||
438 | * Global variables | ||
439 | */ | ||
440 | @@ -57,9 +66,12 @@ | ||
441 | |||
442 | static bool gr_locked = false; | ||
443 | static bool sgr_locked = false; | ||
444 | +static const char *newroot = ""; | ||
445 | |||
446 | /* local function prototypes */ | ||
447 | static void fail_exit (int status); | ||
448 | +static void usage (void); | ||
449 | +static void process_flags (int argc, char **argv); | ||
450 | |||
451 | static void fail_exit (int status) | ||
452 | { | ||
453 | @@ -82,6 +94,77 @@ | ||
454 | exit (status); | ||
455 | } | ||
456 | |||
457 | +/* | ||
458 | + * usage - display usage message and exit | ||
459 | + */ | ||
460 | +static void usage (void) | ||
461 | +{ | ||
462 | + (void) fprintf (stderr, | ||
463 | + _("Usage: grpconv [options]\n" | ||
464 | + "\n" | ||
465 | + "Options:\n"), | ||
466 | + Prog); | ||
467 | + (void) fputs (_(" -h, --help display this help message and exit\n"), stderr); | ||
468 | + (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), stderr); | ||
469 | + (void) fputs ("\n", stderr); | ||
470 | + exit (E_USAGE); | ||
471 | +} | ||
472 | + | ||
473 | +/* | ||
474 | + * process_flags - perform command line argument setting | ||
475 | + * | ||
476 | + * process_flags() interprets the command line arguments and sets | ||
477 | + * the values that the user will be created with accordingly. The | ||
478 | + * values are checked for sanity. | ||
479 | + */ | ||
480 | +static void process_flags (int argc, char **argv) | ||
481 | +{ | ||
482 | + { | ||
483 | + /* | ||
484 | + * Parse the command line options. | ||
485 | + */ | ||
486 | + int c; | ||
487 | + static struct option long_options[] = { | ||
488 | + {"help", no_argument, NULL, 'h'}, | ||
489 | + {"root", required_argument, NULL, 'R'}, | ||
490 | + {NULL, 0, NULL, '\0'} | ||
491 | + }; | ||
492 | + while ((c = getopt_long (argc, argv, | ||
493 | + "R:", | ||
494 | + long_options, NULL)) != -1) { | ||
495 | + switch (c) { | ||
496 | + case 'h': | ||
497 | + usage (); | ||
498 | + break; | ||
499 | + case 'R': | ||
500 | + if ('/' != optarg[0]) { | ||
501 | + fprintf (stderr, | ||
502 | + _("%s: invalid chroot path '%s'\n"), | ||
503 | + Prog, optarg); | ||
504 | + exit (E_BAD_ARG); | ||
505 | + } | ||
506 | + newroot = optarg; | ||
507 | + | ||
508 | + if (access (newroot, F_OK) != 0) { | ||
509 | + fprintf(stderr, | ||
510 | + _("%s: chroot directory %s does not exist\n"), | ||
511 | + Prog, newroot); | ||
512 | + exit (E_BAD_ARG); | ||
513 | + } | ||
514 | + if ( chroot(newroot) != 0 ) { | ||
515 | + fprintf(stderr, | ||
516 | + _("%s: unable to chroot to directory %s\n"), | ||
517 | + Prog, newroot); | ||
518 | + exit (E_BAD_ARG); | ||
519 | + } | ||
520 | + break; | ||
521 | + default: | ||
522 | + usage (); | ||
523 | + } | ||
524 | + } | ||
525 | + } | ||
526 | +} | ||
527 | + | ||
528 | int main (int argc, char **argv) | ||
529 | { | ||
530 | const struct group *gr; | ||
531 | @@ -89,9 +172,6 @@ | ||
532 | const struct sgrp *sg; | ||
533 | struct sgrp sgent; | ||
534 | |||
535 | - if (1 != argc) { | ||
536 | - (void) fputs (_("Usage: grpconv\n"), stderr); | ||
537 | - } | ||
538 | Prog = Basename (argv[0]); | ||
539 | |||
540 | (void) setlocale (LC_ALL, ""); | ||
541 | @@ -100,6 +180,8 @@ | ||
542 | |||
543 | OPENLOG ("grpconv"); | ||
544 | |||
545 | + process_flags (argc, argv); | ||
546 | + | ||
547 | if (gr_lock () == 0) { | ||
548 | fprintf (stderr, | ||
549 | _("%s: cannot lock %s; try again later.\n"), | ||
550 | diff -urN shadow-4.1.4.3.orig//src/grpunconv.c shadow-4.1.4.3//src/grpunconv.c | ||
551 | --- shadow-4.1.4.3.orig//src/grpunconv.c 2011-09-29 12:00:45.213000091 +0100 | ||
552 | +++ shadow-4.1.4.3//src/grpunconv.c 2011-09-29 11:59:28.387000092 +0100 | ||
553 | @@ -43,6 +43,7 @@ | ||
554 | #include <stdlib.h> | ||
555 | #include <string.h> | ||
556 | #include <fcntl.h> | ||
557 | +#include <getopt.h> | ||
558 | #include <time.h> | ||
559 | #include <unistd.h> | ||
560 | #include <grp.h> | ||
561 | @@ -51,6 +52,14 @@ | ||
562 | #ifdef SHADOWGRP | ||
563 | #include "groupio.h" | ||
564 | #include "sgroupio.h" | ||
565 | + | ||
566 | +/* | ||
567 | + * exit status values | ||
568 | + */ | ||
569 | +/*@-exitarg@*/ | ||
570 | +#define E_USAGE 2 /* invalid command syntax */ | ||
571 | +#define E_BAD_ARG 3 /* invalid argument to option */ | ||
572 | + | ||
573 | /* | ||
574 | * Global variables | ||
575 | */ | ||
576 | @@ -58,9 +67,12 @@ | ||
577 | |||
578 | static bool gr_locked = false; | ||
579 | static bool sgr_locked = false; | ||
580 | +static const char *newroot = ""; | ||
581 | |||
582 | /* local function prototypes */ | ||
583 | static void fail_exit (int status); | ||
584 | +static void usage (void); | ||
585 | +static void process_flags (int argc, char **argv); | ||
586 | |||
587 | static void fail_exit (int status) | ||
588 | { | ||
589 | @@ -83,6 +95,77 @@ | ||
590 | exit (status); | ||
591 | } | ||
592 | |||
593 | +/* | ||
594 | + * usage - display usage message and exit | ||
595 | + */ | ||
596 | +static void usage (void) | ||
597 | +{ | ||
598 | + (void) fprintf (stderr, | ||
599 | + _("Usage: grpunconv [options]\n" | ||
600 | + "\n" | ||
601 | + "Options:\n"), | ||
602 | + Prog); | ||
603 | + (void) fputs (_(" -h, --help display this help message and exit\n"), stderr); | ||
604 | + (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), stderr); | ||
605 | + (void) fputs ("\n", stderr); | ||
606 | + exit (E_USAGE); | ||
607 | +} | ||
608 | + | ||
609 | +/* | ||
610 | + * process_flags - perform command line argument setting | ||
611 | + * | ||
612 | + * process_flags() interprets the command line arguments and sets | ||
613 | + * the values that the user will be created with accordingly. The | ||
614 | + * values are checked for sanity. | ||
615 | + */ | ||
616 | +static void process_flags (int argc, char **argv) | ||
617 | +{ | ||
618 | + { | ||
619 | + /* | ||
620 | + * Parse the command line options. | ||
621 | + */ | ||
622 | + int c; | ||
623 | + static struct option long_options[] = { | ||
624 | + {"help", no_argument, NULL, 'h'}, | ||
625 | + {"root", required_argument, NULL, 'R'}, | ||
626 | + {NULL, 0, NULL, '\0'} | ||
627 | + }; | ||
628 | + while ((c = getopt_long (argc, argv, | ||
629 | + "R:", | ||
630 | + long_options, NULL)) != -1) { | ||
631 | + switch (c) { | ||
632 | + case 'h': | ||
633 | + usage (); | ||
634 | + break; | ||
635 | + case 'R': | ||
636 | + if ('/' != optarg[0]) { | ||
637 | + fprintf (stderr, | ||
638 | + _("%s: invalid chroot path '%s'\n"), | ||
639 | + Prog, optarg); | ||
640 | + exit (E_BAD_ARG); | ||
641 | + } | ||
642 | + newroot = optarg; | ||
643 | + | ||
644 | + if (access (newroot, F_OK) != 0) { | ||
645 | + fprintf(stderr, | ||
646 | + _("%s: chroot directory %s does not exist\n"), | ||
647 | + Prog, newroot); | ||
648 | + exit (E_BAD_ARG); | ||
649 | + } | ||
650 | + if ( chroot(newroot) != 0 ) { | ||
651 | + fprintf(stderr, | ||
652 | + _("%s: unable to chroot to directory %s\n"), | ||
653 | + Prog, newroot); | ||
654 | + exit (E_BAD_ARG); | ||
655 | + } | ||
656 | + break; | ||
657 | + default: | ||
658 | + usage (); | ||
659 | + } | ||
660 | + } | ||
661 | + } | ||
662 | +} | ||
663 | + | ||
664 | int main (int argc, char **argv) | ||
665 | { | ||
666 | const struct group *gr; | ||
667 | @@ -100,6 +183,8 @@ | ||
668 | |||
669 | OPENLOG ("grpunconv"); | ||
670 | |||
671 | + process_flags (argc, argv); | ||
672 | + | ||
673 | if (sgr_file_present () == 0) { | ||
674 | exit (0); /* no /etc/gshadow, nothing to do */ | ||
675 | } | ||
676 | diff -urN shadow-4.1.4.3.orig//src/passwd.c shadow-4.1.4.3//src/passwd.c | ||
677 | --- shadow-4.1.4.3.orig//src/passwd.c 2011-09-29 12:00:45.214000091 +0100 | ||
678 | +++ shadow-4.1.4.3//src/passwd.c 2011-09-29 11:59:28.388000092 +0100 | ||
679 | @@ -75,6 +75,7 @@ | ||
680 | static char *name; /* The name of user whose password is being changed */ | ||
681 | static char *myname; /* The current user's name */ | ||
682 | static bool amroot; /* The caller's real UID was 0 */ | ||
683 | +static const char *newroot = ""; | ||
684 | |||
685 | static bool | ||
686 | aflg = false, /* -a - show status for all users */ | ||
687 | @@ -174,6 +175,7 @@ | ||
688 | " -n, --mindays MIN_DAYS set minimum number of days before password\n" | ||
689 | " change to MIN_DAYS\n" | ||
690 | " -q, --quiet quiet mode\n" | ||
691 | + " -R, --root CHROOT_DIR directory to chroot into\n" | ||
692 | " -r, --repository REPOSITORY change password in REPOSITORY repository\n" | ||
693 | " -S, --status report password status on the named account\n" | ||
694 | " -u, --unlock unlock the password of the named account\n" | ||
695 | @@ -803,6 +805,7 @@ | ||
696 | {"lock", no_argument, NULL, 'l'}, | ||
697 | {"mindays", required_argument, NULL, 'n'}, | ||
698 | {"quiet", no_argument, NULL, 'q'}, | ||
699 | + {"root", required_argument, NULL, 'R'}, | ||
700 | {"repository", required_argument, NULL, 'r'}, | ||
701 | {"status", no_argument, NULL, 'S'}, | ||
702 | {"unlock", no_argument, NULL, 'u'}, | ||
703 | @@ -811,7 +814,7 @@ | ||
704 | {NULL, 0, NULL, '\0'} | ||
705 | }; | ||
706 | |||
707 | - while ((c = getopt_long (argc, argv, "adei:kln:qr:Suw:x:", | ||
708 | + while ((c = getopt_long (argc, argv, "adei:kln:qR:r:Suw:x:", | ||
709 | long_options, &option_index)) != -1) { | ||
710 | switch (c) { | ||
711 | case 'a': | ||
712 | @@ -858,6 +861,28 @@ | ||
713 | case 'q': | ||
714 | qflg = true; /* ok for users */ | ||
715 | break; | ||
716 | + case 'R': | ||
717 | + if ('/' != optarg[0]) { | ||
718 | + fprintf (stderr, | ||
719 | + _("%s: invalid chroot path '%s'\n"), | ||
720 | + Prog, optarg); | ||
721 | + exit (E_BAD_ARG); | ||
722 | + } | ||
723 | + newroot = optarg; | ||
724 | + | ||
725 | + if (access (newroot, F_OK) != 0) { | ||
726 | + fprintf(stderr, | ||
727 | + _("%s: chroot directory %s does not exist\n"), | ||
728 | + Prog, newroot); | ||
729 | + exit (E_BAD_ARG); | ||
730 | + } | ||
731 | + if ( chroot(newroot) != 0 ) { | ||
732 | + fprintf(stderr, | ||
733 | + _("%s: unable to chroot to directory %s\n"), | ||
734 | + Prog, newroot); | ||
735 | + exit (E_BAD_ARG); | ||
736 | + } | ||
737 | + break; | ||
738 | case 'r': | ||
739 | /* -r repository (files|nis|nisplus) */ | ||
740 | /* only "files" supported for now */ | ||
741 | diff -urN shadow-4.1.4.3.orig//src/pwconv.c shadow-4.1.4.3//src/pwconv.c | ||
742 | --- shadow-4.1.4.3.orig//src/pwconv.c 2011-09-29 12:00:45.214000091 +0100 | ||
743 | +++ shadow-4.1.4.3//src/pwconv.c 2011-09-29 11:59:28.388000092 +0100 | ||
744 | @@ -59,6 +59,7 @@ | ||
745 | |||
746 | #include <errno.h> | ||
747 | #include <fcntl.h> | ||
748 | +#include <getopt.h> | ||
749 | #include <pwd.h> | ||
750 | #include <stdio.h> | ||
751 | #include <stdlib.h> | ||
752 | @@ -79,6 +80,7 @@ | ||
753 | #define E_SUCCESS 0 /* success */ | ||
754 | #define E_NOPERM 1 /* permission denied */ | ||
755 | #define E_USAGE 2 /* invalid command syntax */ | ||
756 | +#define E_BAD_ARG 3 /* invalid argument to option */ | ||
757 | #define E_FAILURE 3 /* unexpected failure, nothing done */ | ||
758 | #define E_MISSING 4 /* unexpected failure, passwd file missing */ | ||
759 | #define E_PWDBUSY 5 /* passwd file(s) busy */ | ||
760 | @@ -90,9 +92,12 @@ | ||
761 | |||
762 | static bool spw_locked = false; | ||
763 | static bool pw_locked = false; | ||
764 | +static const char *newroot = ""; | ||
765 | |||
766 | /* local function prototypes */ | ||
767 | static void fail_exit (int status); | ||
768 | +static void usage (void); | ||
769 | +static void process_flags (int argc, char **argv); | ||
770 | |||
771 | static void fail_exit (int status) | ||
772 | { | ||
773 | @@ -115,6 +120,77 @@ | ||
774 | exit (status); | ||
775 | } | ||
776 | |||
777 | +/* | ||
778 | + * usage - display usage message and exit | ||
779 | + */ | ||
780 | +static void usage (void) | ||
781 | +{ | ||
782 | + (void) fprintf (stderr, | ||
783 | + _("Usage: pwconv [options]\n" | ||
784 | + "\n" | ||
785 | + "Options:\n"), | ||
786 | + Prog); | ||
787 | + (void) fputs (_(" -h, --help display this help message and exit\n"), stderr); | ||
788 | + (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), stderr); | ||
789 | + (void) fputs ("\n", stderr); | ||
790 | + exit (E_USAGE); | ||
791 | +} | ||
792 | + | ||
793 | +/* | ||
794 | + * process_flags - perform command line argument setting | ||
795 | + * | ||
796 | + * process_flags() interprets the command line arguments and sets | ||
797 | + * the values that the user will be created with accordingly. The | ||
798 | + * values are checked for sanity. | ||
799 | + */ | ||
800 | +static void process_flags (int argc, char **argv) | ||
801 | +{ | ||
802 | + { | ||
803 | + /* | ||
804 | + * Parse the command line options. | ||
805 | + */ | ||
806 | + int c; | ||
807 | + static struct option long_options[] = { | ||
808 | + {"help", no_argument, NULL, 'h'}, | ||
809 | + {"root", required_argument, NULL, 'R'}, | ||
810 | + {NULL, 0, NULL, '\0'} | ||
811 | + }; | ||
812 | + while ((c = getopt_long (argc, argv, | ||
813 | + "R:", | ||
814 | + long_options, NULL)) != -1) { | ||
815 | + switch (c) { | ||
816 | + case 'h': | ||
817 | + usage (); | ||
818 | + break; | ||
819 | + case 'R': | ||
820 | + if ('/' != optarg[0]) { | ||
821 | + fprintf (stderr, | ||
822 | + _("%s: invalid chroot path '%s'\n"), | ||
823 | + Prog, optarg); | ||
824 | + exit (E_BAD_ARG); | ||
825 | + } | ||
826 | + newroot = optarg; | ||
827 | + | ||
828 | + if (access (newroot, F_OK) != 0) { | ||
829 | + fprintf(stderr, | ||
830 | + _("%s: chroot directory %s does not exist\n"), | ||
831 | + Prog, newroot); | ||
832 | + exit (E_BAD_ARG); | ||
833 | + } | ||
834 | + if ( chroot(newroot) != 0 ) { | ||
835 | + fprintf(stderr, | ||
836 | + _("%s: unable to chroot to directory %s\n"), | ||
837 | + Prog, newroot); | ||
838 | + exit (E_BAD_ARG); | ||
839 | + } | ||
840 | + break; | ||
841 | + default: | ||
842 | + usage (); | ||
843 | + } | ||
844 | + } | ||
845 | + } | ||
846 | +} | ||
847 | + | ||
848 | int main (int argc, char **argv) | ||
849 | { | ||
850 | const struct passwd *pw; | ||
851 | @@ -122,9 +198,6 @@ | ||
852 | const struct spwd *sp; | ||
853 | struct spwd spent; | ||
854 | |||
855 | - if (1 != argc) { | ||
856 | - (void) fputs (_("Usage: pwconv\n"), stderr); | ||
857 | - } | ||
858 | Prog = Basename (argv[0]); | ||
859 | |||
860 | (void) setlocale (LC_ALL, ""); | ||
861 | @@ -133,6 +206,8 @@ | ||
862 | |||
863 | OPENLOG ("pwconv"); | ||
864 | |||
865 | + process_flags (argc, argv); | ||
866 | + | ||
867 | if (pw_lock () == 0) { | ||
868 | fprintf (stderr, | ||
869 | _("%s: cannot lock %s; try again later.\n"), | ||
870 | diff -urN shadow-4.1.4.3.orig//src/pwunconv.c shadow-4.1.4.3//src/pwunconv.c | ||
871 | --- shadow-4.1.4.3.orig//src/pwunconv.c 2011-09-29 12:00:45.214000091 +0100 | ||
872 | +++ shadow-4.1.4.3//src/pwunconv.c 2011-09-29 11:59:28.388000092 +0100 | ||
873 | @@ -35,6 +35,7 @@ | ||
874 | #ident "$Id: pwunconv.c 2852 2009-04-30 21:44:35Z nekral-guest $" | ||
875 | |||
876 | #include <fcntl.h> | ||
877 | +#include <getopt.h> | ||
878 | #include <pwd.h> | ||
879 | #include <stdio.h> | ||
880 | #include <sys/types.h> | ||
881 | @@ -46,15 +47,24 @@ | ||
882 | #include "shadowio.h" | ||
883 | |||
884 | /* | ||
885 | + * exit status values | ||
886 | + */ | ||
887 | +/*@-exitarg@*/ | ||
888 | +#define E_USAGE 2 /* invalid command syntax */ | ||
889 | +#define E_BAD_ARG 3 /* invalid argument to option */ | ||
890 | +/* | ||
891 | * Global variables | ||
892 | */ | ||
893 | char *Prog; | ||
894 | |||
895 | static bool spw_locked = false; | ||
896 | static bool pw_locked = false; | ||
897 | +static const char *newroot = ""; | ||
898 | |||
899 | /* local function prototypes */ | ||
900 | static void fail_exit (int status); | ||
901 | +static void usage (void); | ||
902 | +static void process_flags (int argc, char **argv); | ||
903 | |||
904 | static void fail_exit (int status) | ||
905 | { | ||
906 | @@ -75,6 +85,76 @@ | ||
907 | exit (status); | ||
908 | } | ||
909 | |||
910 | +/* | ||
911 | + * usage - display usage message and exit | ||
912 | + */ | ||
913 | +static void usage (void) | ||
914 | +{ | ||
915 | + (void) fprintf (stderr, | ||
916 | + _("Usage: pwunconv [options]\n" | ||
917 | + "\n" | ||
918 | + "Options:\n"), | ||
919 | + Prog); | ||
920 | + (void) fputs (_(" -h, --help display this help message and exit\n"), stderr); | ||
921 | + (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), stderr); | ||
922 | + (void) fputs ("\n", stderr); | ||
923 | + exit (E_USAGE); | ||
924 | +} | ||
925 | + | ||
926 | +/* | ||
927 | + * process_flags - perform command line argument setting | ||
928 | + * | ||
929 | + * process_flags() interprets the command line arguments and sets | ||
930 | + * the values that the user will be created with accordingly. The | ||
931 | + * values are checked for sanity. | ||
932 | + */ | ||
933 | +static void process_flags (int argc, char **argv) | ||
934 | +{ | ||
935 | + { | ||
936 | + /* | ||
937 | + * Parse the command line options. | ||
938 | + */ | ||
939 | + int c; | ||
940 | + static struct option long_options[] = { | ||
941 | + {"help", no_argument, NULL, 'h'}, | ||
942 | + {"root", required_argument, NULL, 'R'}, | ||
943 | + {NULL, 0, NULL, '\0'} | ||
944 | + }; | ||
945 | + while ((c = getopt_long (argc, argv, | ||
946 | + "R:", | ||
947 | + long_options, NULL)) != -1) { | ||
948 | + switch (c) { | ||
949 | + case 'h': | ||
950 | + usage (); | ||
951 | + break; | ||
952 | + case 'R': | ||
953 | + if ('/' != optarg[0]) { | ||
954 | + fprintf (stderr, | ||
955 | + _("%s: invalid chroot path '%s'\n"), | ||
956 | + Prog, optarg); | ||
957 | + exit (E_BAD_ARG); | ||
958 | + } | ||
959 | + newroot = optarg; | ||
960 | + | ||
961 | + if (access (newroot, F_OK) != 0) { | ||
962 | + fprintf(stderr, | ||
963 | + _("%s: chroot directory %s does not exist\n"), | ||
964 | + Prog, newroot); | ||
965 | + exit (E_BAD_ARG); | ||
966 | + } | ||
967 | + if ( chroot(newroot) != 0 ) { | ||
968 | + fprintf(stderr, | ||
969 | + _("%s: unable to chroot to directory %s\n"), | ||
970 | + Prog, newroot); | ||
971 | + exit (E_BAD_ARG); | ||
972 | + } | ||
973 | + break; | ||
974 | + default: | ||
975 | + usage (); | ||
976 | + } | ||
977 | + } | ||
978 | + } | ||
979 | +} | ||
980 | |||
981 | int main (int argc, char **argv) | ||
982 | { | ||
983 | @@ -93,6 +173,8 @@ | ||
984 | |||
985 | OPENLOG ("pwunconv"); | ||
986 | |||
987 | + process_flags (argc, argv); | ||
988 | + | ||
989 | if (!spw_file_present ()) { | ||
990 | /* shadow not installed, do nothing */ | ||
991 | exit (0); | ||
992 | diff -urN shadow-4.1.4.3.orig//src/useradd.c shadow-4.1.4.3//src/useradd.c | ||
993 | --- shadow-4.1.4.3.orig//src/useradd.c 2011-09-29 12:00:45.215000091 +0100 | ||
994 | +++ shadow-4.1.4.3//src/useradd.c 2011-09-29 11:59:28.520000092 +0100 | ||
995 | @@ -112,6 +112,7 @@ | ||
996 | #ifdef WITH_SELINUX | ||
997 | static const char *user_selinux = ""; | ||
998 | #endif | ||
999 | +static const char *newroot = ""; | ||
1000 | |||
1001 | static long user_expire = -1; | ||
1002 | static bool is_shadow_pwd; | ||
1003 | @@ -189,6 +190,7 @@ | ||
1004 | static void new_spent (struct spwd *); | ||
1005 | static void grp_update (void); | ||
1006 | |||
1007 | +static void process_root_flag (int argc, char **argv); | ||
1008 | static void process_flags (int argc, char **argv); | ||
1009 | static void close_files (void); | ||
1010 | static void open_files (void); | ||
1011 | @@ -711,6 +713,7 @@ | ||
1012 | (void) fputs (_(" -o, --non-unique allow to create users with duplicate\n" | ||
1013 | " (non-unique) UID\n"), stderr); | ||
1014 | (void) fputs (_(" -p, --password PASSWORD encrypted password of the new account\n"), stderr); | ||
1015 | + (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), stderr); | ||
1016 | (void) fputs (_(" -r, --system create a system account\n"), stderr); | ||
1017 | (void) fputs (_(" -s, --shell SHELL login shell of the new account\n"), stderr); | ||
1018 | (void) fputs (_(" -u, --uid UID user ID of the new account\n"), stderr); | ||
1019 | @@ -943,6 +946,57 @@ | ||
1020 | } | ||
1021 | |||
1022 | /* | ||
1023 | + * process_root_flag - chroot if given the --root option | ||
1024 | + * | ||
1025 | + * We do this outside of process_flags() because | ||
1026 | + * the is_shadow_pwd boolean needs to be set before | ||
1027 | + * process_flags(), and if we do need to chroot() we | ||
1028 | + * must do so before is_shadow_pwd gets set. | ||
1029 | + */ | ||
1030 | +static void process_root_flag (int argc, char **argv) | ||
1031 | +{ | ||
1032 | + /* | ||
1033 | + * Parse the command line options. | ||
1034 | + */ | ||
1035 | + int i; | ||
1036 | + char *root; | ||
1037 | + | ||
1038 | + for (i = 0; i < argc; i++) { | ||
1039 | + if (!strcmp (argv[i], "--root") || !strcmp (argv[i], "-R")) { | ||
1040 | + if (i + 1 == argc) { | ||
1041 | + fprintf (stderr, | ||
1042 | + _("%s: option '%s' requires an argument\n"), | ||
1043 | + Prog, argv[i]); | ||
1044 | + exit (E_BAD_ARG); | ||
1045 | + } | ||
1046 | + root = argv[i + 1]; | ||
1047 | + | ||
1048 | + if ('/' != root[0]) { | ||
1049 | + fprintf (stderr, | ||
1050 | + _("%s: invalid chroot path '%s'\n"), | ||
1051 | + Prog, root); | ||
1052 | + exit (E_BAD_ARG); | ||
1053 | + } | ||
1054 | + newroot = root; | ||
1055 | + | ||
1056 | + if (access (newroot, F_OK) != 0) { | ||
1057 | + fprintf(stderr, | ||
1058 | + _("%s: chroot directory %s does not exist\n"), | ||
1059 | + Prog, newroot); | ||
1060 | + exit (E_BAD_ARG); | ||
1061 | + } | ||
1062 | + if ( chroot(newroot) != 0 ) { | ||
1063 | + fprintf(stderr, | ||
1064 | + _("%s: unable to chroot to directory %s\n"), | ||
1065 | + Prog, newroot); | ||
1066 | + exit (E_BAD_ARG); | ||
1067 | + } | ||
1068 | + break; | ||
1069 | + } | ||
1070 | + } | ||
1071 | +} | ||
1072 | + | ||
1073 | +/* | ||
1074 | * process_flags - perform command line argument setting | ||
1075 | * | ||
1076 | * process_flags() interprets the command line arguments and sets | ||
1077 | @@ -978,6 +1032,7 @@ | ||
1078 | {"no-user-group", no_argument, NULL, 'N'}, | ||
1079 | {"non-unique", no_argument, NULL, 'o'}, | ||
1080 | {"password", required_argument, NULL, 'p'}, | ||
1081 | + {"root", required_argument, NULL, 'R'}, | ||
1082 | {"system", no_argument, NULL, 'r'}, | ||
1083 | {"shell", required_argument, NULL, 's'}, | ||
1084 | #ifdef WITH_SELINUX | ||
1085 | @@ -989,9 +1044,9 @@ | ||
1086 | }; | ||
1087 | while ((c = getopt_long (argc, argv, | ||
1088 | #ifdef WITH_SELINUX | ||
1089 | - "b:c:d:De:f:g:G:k:K:lmMNop:rs:u:UZ:", | ||
1090 | + "b:c:d:De:f:g:G:k:K:lmMNop:R:rs:u:UZ:", | ||
1091 | #else | ||
1092 | - "b:c:d:De:f:g:G:k:K:lmMNop:rs:u:U", | ||
1093 | + "b:c:d:De:f:g:G:k:K:lmMNop:R:rs:u:U", | ||
1094 | #endif | ||
1095 | long_options, NULL)) != -1) { | ||
1096 | switch (c) { | ||
1097 | @@ -1156,6 +1211,9 @@ | ||
1098 | } | ||
1099 | user_pass = optarg; | ||
1100 | break; | ||
1101 | + case 'R': | ||
1102 | + /* no-op since we handled this in process_root_flag() earlier */ | ||
1103 | + break; | ||
1104 | case 'r': | ||
1105 | rflg = true; | ||
1106 | break; | ||
1107 | @@ -1735,6 +1793,36 @@ | ||
1108 | } | ||
1109 | } | ||
1110 | #endif | ||
1111 | + | ||
1112 | +/* | ||
1113 | + * mkdir_p - create directories, including parent directories when needed | ||
1114 | + * | ||
1115 | + * similar to mkdir -p | ||
1116 | + */ | ||
1117 | +void mkdir_p(const char *path) { | ||
1118 | + int len = strlen(path); | ||
1119 | + char newdir[len + 1]; | ||
1120 | + mode_t mode = 0755; | ||
1121 | + int i = 0; | ||
1122 | + | ||
1123 | + if (path[i] == '\0') { | ||
1124 | + return; | ||
1125 | + } | ||
1126 | + | ||
1127 | + /* skip the leading '/' */ | ||
1128 | + i++; | ||
1129 | + | ||
1130 | + while(path[i] != '\0') { | ||
1131 | + if (path[i] == '/') { | ||
1132 | + strncpy(newdir, path, i); | ||
1133 | + newdir[i] = '\0'; | ||
1134 | + mkdir(newdir, mode); | ||
1135 | + } | ||
1136 | + i++; | ||
1137 | + } | ||
1138 | + mkdir(path, mode); | ||
1139 | +} | ||
1140 | + | ||
1141 | /* | ||
1142 | * create_home - create the user's home directory | ||
1143 | * | ||
1144 | @@ -1748,34 +1836,31 @@ | ||
1145 | #ifdef WITH_SELINUX | ||
1146 | selinux_file_context (user_home); | ||
1147 | #endif | ||
1148 | - /* XXX - create missing parent directories. --marekm */ | ||
1149 | - if (mkdir (user_home, 0) != 0) { | ||
1150 | - fprintf (stderr, | ||
1151 | - _("%s: cannot create directory %s\n"), | ||
1152 | - Prog, user_home); | ||
1153 | -#ifdef WITH_AUDIT | ||
1154 | - audit_logger (AUDIT_ADD_USER, Prog, | ||
1155 | - "adding home directory", | ||
1156 | - user_name, (unsigned int) user_id, | ||
1157 | - SHADOW_AUDIT_FAILURE); | ||
1158 | -#endif | ||
1159 | - fail_exit (E_HOMEDIR); | ||
1160 | - } | ||
1161 | - chown (user_home, user_id, user_gid); | ||
1162 | - chmod (user_home, | ||
1163 | - 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK)); | ||
1164 | - home_added = true; | ||
1165 | + mkdir_p(user_home); | ||
1166 | + } | ||
1167 | + if (access (user_home, F_OK) != 0) { | ||
1168 | #ifdef WITH_AUDIT | ||
1169 | audit_logger (AUDIT_ADD_USER, Prog, | ||
1170 | "adding home directory", | ||
1171 | user_name, (unsigned int) user_id, | ||
1172 | - SHADOW_AUDIT_SUCCESS); | ||
1173 | + SHADOW_AUDIT_FAILURE); | ||
1174 | +#endif | ||
1175 | + fail_exit (E_HOMEDIR); | ||
1176 | + } | ||
1177 | + chown (user_home, user_id, user_gid); | ||
1178 | + chmod (user_home, | ||
1179 | + 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK)); | ||
1180 | + home_added = true; | ||
1181 | +#ifdef WITH_AUDIT | ||
1182 | + audit_logger (AUDIT_ADD_USER, Prog, | ||
1183 | + "adding home directory", | ||
1184 | + user_name, (unsigned int) user_id, | ||
1185 | + SHADOW_AUDIT_SUCCESS); | ||
1186 | #endif | ||
1187 | #ifdef WITH_SELINUX | ||
1188 | - /* Reset SELinux to create files with default contexts */ | ||
1189 | - setfscreatecon (NULL); | ||
1190 | + /* Reset SELinux to create files with default contexts */ | ||
1191 | + setfscreatecon (NULL); | ||
1192 | #endif | ||
1193 | - } | ||
1194 | } | ||
1195 | |||
1196 | /* | ||
1197 | @@ -1861,6 +1946,7 @@ | ||
1198 | */ | ||
1199 | user_groups[0] = (char *) 0; | ||
1200 | |||
1201 | + process_root_flag (argc, argv); | ||
1202 | |||
1203 | is_shadow_pwd = spw_file_present (); | ||
1204 | #ifdef SHADOWGRP | ||
1205 | diff -urN shadow-4.1.4.3.orig//src/userdel.c shadow-4.1.4.3//src/userdel.c | ||
1206 | --- shadow-4.1.4.3.orig//src/userdel.c 2011-09-29 12:00:45.216000091 +0100 | ||
1207 | +++ shadow-4.1.4.3//src/userdel.c 2011-09-29 11:59:28.389000092 +0100 | ||
1208 | @@ -79,6 +79,7 @@ | ||
1209 | static char *user_name; | ||
1210 | static uid_t user_id; | ||
1211 | static char *user_home; | ||
1212 | +static const char *newroot = ""; | ||
1213 | |||
1214 | static bool fflg = false; | ||
1215 | static bool rflg = false; | ||
1216 | @@ -119,6 +120,7 @@ | ||
1217 | " -f, --force force removal of files,\n" | ||
1218 | " even if not owned by user\n" | ||
1219 | " -h, --help display this help message and exit\n" | ||
1220 | + " -R, --root CHROOT_DIR directory to chroot into\n" | ||
1221 | " -r, --remove remove home directory and mail spool\n" | ||
1222 | "\n"), stderr); | ||
1223 | exit (E_USAGE); | ||
1224 | @@ -768,12 +770,34 @@ | ||
1225 | {"remove", no_argument, NULL, 'r'}, | ||
1226 | {NULL, 0, NULL, '\0'} | ||
1227 | }; | ||
1228 | - while ((c = getopt_long (argc, argv, "fhr", | ||
1229 | + while ((c = getopt_long (argc, argv, "fhR:r", | ||
1230 | long_options, NULL)) != -1) { | ||
1231 | switch (c) { | ||
1232 | case 'f': /* force remove even if not owned by user */ | ||
1233 | fflg = true; | ||
1234 | break; | ||
1235 | + case 'R': | ||
1236 | + if ('/' != optarg[0]) { | ||
1237 | + fprintf (stderr, | ||
1238 | + _("%s: invalid chroot path '%s'\n"), | ||
1239 | + Prog, optarg); | ||
1240 | + exit (E_BAD_ARG); | ||
1241 | + } | ||
1242 | + newroot = optarg; | ||
1243 | + | ||
1244 | + if (access (newroot, F_OK) != 0) { | ||
1245 | + fprintf(stderr, | ||
1246 | + _("%s: chroot directory %s does not exist\n"), | ||
1247 | + Prog, newroot); | ||
1248 | + exit (E_BAD_ARG); | ||
1249 | + } | ||
1250 | + if ( chroot(newroot) != 0 ) { | ||
1251 | + fprintf(stderr, | ||
1252 | + _("%s: unable to chroot to directory %s\n"), | ||
1253 | + Prog, newroot); | ||
1254 | + exit (E_BAD_ARG); | ||
1255 | + } | ||
1256 | + break; | ||
1257 | case 'r': /* remove home dir and mailbox */ | ||
1258 | rflg = true; | ||
1259 | break; | ||
1260 | diff -urN shadow-4.1.4.3.orig//src/usermod.c shadow-4.1.4.3//src/usermod.c | ||
1261 | --- shadow-4.1.4.3.orig//src/usermod.c 2011-09-29 12:00:45.216000091 +0100 | ||
1262 | +++ shadow-4.1.4.3//src/usermod.c 2011-09-29 11:59:28.390000092 +0100 | ||
1263 | @@ -110,6 +110,7 @@ | ||
1264 | static long user_newinactive; | ||
1265 | static long sys_ngroups; | ||
1266 | static char **user_groups; /* NULL-terminated list */ | ||
1267 | +static const char *newroot = ""; | ||
1268 | |||
1269 | static bool | ||
1270 | aflg = false, /* append to existing secondary group set */ | ||
1271 | @@ -164,6 +165,7 @@ | ||
1272 | #endif | ||
1273 | static void grp_update (void); | ||
1274 | |||
1275 | +static void process_root_flag (int, char **); | ||
1276 | static void process_flags (int, char **); | ||
1277 | static void close_files (void); | ||
1278 | static void open_files (void); | ||
1279 | @@ -323,6 +325,7 @@ | ||
1280 | " new location (use only with -d)\n" | ||
1281 | " -o, --non-unique allow using duplicate (non-unique) UID\n" | ||
1282 | " -p, --password PASSWORD use encrypted password for the new password\n" | ||
1283 | + " -R --root CHROOT_DIR directory to chroot into\n" | ||
1284 | " -s, --shell SHELL new login shell for the user account\n" | ||
1285 | " -u, --uid UID new UID for the user account\n" | ||
1286 | " -U, --unlock unlock the user account\n" | ||
1287 | @@ -802,6 +805,58 @@ | ||
1288 | } | ||
1289 | |||
1290 | /* | ||
1291 | + * process_root_flag - chroot if given the --root option | ||
1292 | + * | ||
1293 | + * We do this outside of process_flags() because | ||
1294 | + * the is_shadow_pwd boolean needs to be set before | ||
1295 | + * process_flags(), and if we do need to chroot() we | ||
1296 | + * must do so before is_shadow_pwd gets set. | ||
1297 | + */ | ||
1298 | +static void process_root_flag (int argc, char **argv) | ||
1299 | +{ | ||
1300 | + /* | ||
1301 | + * Parse the command line options. | ||
1302 | + */ | ||
1303 | + int i; | ||
1304 | + char *root; | ||
1305 | + | ||
1306 | + for (i = 0; i < argc; i++) { | ||
1307 | + if (!strcmp (argv[i], "--root") || !strcmp (argv[i], "-R")) { | ||
1308 | + if (i + 1 == argc) { | ||
1309 | + fprintf (stderr, | ||
1310 | + _("%s: option '%s' requires an argument\n"), | ||
1311 | + Prog, argv[i]); | ||
1312 | + exit (E_BAD_ARG); | ||
1313 | + } | ||
1314 | + root = argv[i + 1]; | ||
1315 | + | ||
1316 | + if ( (!VALID (root) ) | ||
1317 | + || ( ('/' != root[0]) ) ) { | ||
1318 | + fprintf (stderr, | ||
1319 | + _("%s: invalid chroot path '%s'\n"), | ||
1320 | + Prog, root); | ||
1321 | + exit (E_BAD_ARG); | ||
1322 | + } | ||
1323 | + newroot = root; | ||
1324 | + | ||
1325 | + if (access (newroot, F_OK) != 0) { | ||
1326 | + fprintf(stderr, | ||
1327 | + _("%s: chroot directory %s does not exist\n"), | ||
1328 | + Prog, newroot); | ||
1329 | + exit (E_BAD_ARG); | ||
1330 | + } | ||
1331 | + if ( chroot(newroot) != 0 ) { | ||
1332 | + fprintf(stderr, | ||
1333 | + _("%s: unable to chroot to directory %s\n"), | ||
1334 | + Prog, newroot); | ||
1335 | + exit (E_BAD_ARG); | ||
1336 | + } | ||
1337 | + break; | ||
1338 | + } | ||
1339 | + } | ||
1340 | +} | ||
1341 | + | ||
1342 | +/* | ||
1343 | * process_flags - perform command line argument setting | ||
1344 | * | ||
1345 | * process_flags() interprets the command line arguments and sets the | ||
1346 | @@ -895,6 +950,7 @@ | ||
1347 | {"move-home", no_argument, NULL, 'm'}, | ||
1348 | {"non-unique", no_argument, NULL, 'o'}, | ||
1349 | {"password", required_argument, NULL, 'p'}, | ||
1350 | + {"root", required_argument, NULL, 'R'}, | ||
1351 | #ifdef WITH_SELINUX | ||
1352 | {"selinux-user", required_argument, NULL, 'Z'}, | ||
1353 | #endif | ||
1354 | @@ -905,9 +961,9 @@ | ||
1355 | }; | ||
1356 | while ((c = getopt_long (argc, argv, | ||
1357 | #ifdef WITH_SELINUX | ||
1358 | - "ac:d:e:f:g:G:hl:Lmop:s:u:UZ:", | ||
1359 | + "ac:d:e:f:g:G:hl:Lmop:R:s:u:UZ:", | ||
1360 | #else | ||
1361 | - "ac:d:e:f:g:G:hl:Lmop:s:u:U", | ||
1362 | + "ac:d:e:f:g:G:hl:Lmop:R:s:u:U", | ||
1363 | #endif | ||
1364 | long_options, NULL)) != -1) { | ||
1365 | switch (c) { | ||
1366 | @@ -999,6 +1055,9 @@ | ||
1367 | user_pass = optarg; | ||
1368 | pflg = true; | ||
1369 | break; | ||
1370 | + case 'R': | ||
1371 | + /* no-op since we handled this in process_root_flag() earlier */ | ||
1372 | + break; | ||
1373 | case 's': | ||
1374 | if (!VALID (optarg)) { | ||
1375 | fprintf (stderr, | ||
1376 | @@ -1715,6 +1774,8 @@ | ||
1377 | |||
1378 | OPENLOG ("usermod"); | ||
1379 | |||
1380 | + process_root_flag (argc, argv); | ||
1381 | + | ||
1382 | is_shadow_pwd = spw_file_present (); | ||
1383 | #ifdef SHADOWGRP | ||
1384 | is_shadow_grp = sgr_file_present (); | ||
diff --git a/meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch b/meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch index eafb935a3a..68da25f406 100644 --- a/meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch +++ b/meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch | |||
@@ -3,20 +3,19 @@ Upstream-Status: Inappropriate [OE specific] | |||
3 | Allow for setting password in clear text. | 3 | Allow for setting password in clear text. |
4 | 4 | ||
5 | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> | 5 | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> |
6 | |||
7 | --- | 6 | --- |
8 | src/Makefile.am | 8 ++++---- | 7 | src/Makefile.am | 8 ++++---- |
9 | src/groupadd.c | 8 +++++++- | 8 | src/groupadd.c | 8 +++++++- |
10 | src/groupmod.c | 9 ++++++++- | 9 | src/groupmod.c | 8 +++++++- |
11 | src/useradd.c | 9 +++++++-- | 10 | src/useradd.c | 9 +++++++-- |
12 | src/usermod.c | 10 ++++++++-- | 11 | src/usermod.c | 8 +++++++- |
13 | 5 files changed, 34 insertions(+), 10 deletions(-) | 12 | 5 files changed, 32 insertions(+), 9 deletions(-) |
14 | 13 | ||
15 | diff --git a/src/Makefile.am b/src/Makefile.am | 14 | diff --git a/src/Makefile.am b/src/Makefile.am |
16 | index 6a3b4c5..1ffdbc6 100644 | 15 | index 25e288d..856b087 100644 |
17 | --- a/src/Makefile.am | 16 | --- a/src/Makefile.am |
18 | +++ b/src/Makefile.am | 17 | +++ b/src/Makefile.am |
19 | @@ -76,10 +76,10 @@ chgpasswd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBSELINUX) $(LIBCRYPT) | 18 | @@ -88,10 +88,10 @@ chgpasswd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBSELINUX) $(LIBCRYPT) |
20 | chsh_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) | 19 | chsh_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) |
21 | chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT) | 20 | chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT) |
22 | gpasswd_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) | 21 | gpasswd_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) |
@@ -29,47 +28,46 @@ index 6a3b4c5..1ffdbc6 100644 | |||
29 | grpck_LDADD = $(LDADD) $(LIBSELINUX) | 28 | grpck_LDADD = $(LDADD) $(LIBSELINUX) |
30 | grpconv_LDADD = $(LDADD) $(LIBSELINUX) | 29 | grpconv_LDADD = $(LDADD) $(LIBSELINUX) |
31 | grpunconv_LDADD = $(LDADD) $(LIBSELINUX) | 30 | grpunconv_LDADD = $(LDADD) $(LIBSELINUX) |
32 | @@ -99,9 +99,9 @@ su_SOURCES = \ | 31 | @@ -111,9 +111,9 @@ su_SOURCES = \ |
33 | suauth.c | 32 | suauth.c |
34 | su_LDADD = $(LDADD) $(LIBPAM) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) | 33 | su_LDADD = $(LDADD) $(LIBPAM) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) |
35 | sulogin_LDADD = $(LDADD) $(LIBCRYPT) | 34 | sulogin_LDADD = $(LDADD) $(LIBCRYPT) |
36 | -useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) | 35 | -useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) |
37 | +useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) | 36 | +useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBCRYPT) |
38 | userdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) | 37 | userdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) |
39 | -usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) | 38 | -usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) |
40 | +usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) | 39 | +usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBCRYPT) |
41 | vipw_LDADD = $(LDADD) $(LIBSELINUX) | 40 | vipw_LDADD = $(LDADD) $(LIBSELINUX) |
42 | 41 | ||
43 | install-am: all-am | 42 | install-am: all-am |
44 | diff --git a/src/groupadd.c b/src/groupadd.c | 43 | diff --git a/src/groupadd.c b/src/groupadd.c |
45 | index 66b38de..3157486 100644 | 44 | index f716f57..4e28c26 100644 |
46 | --- a/src/groupadd.c | 45 | --- a/src/groupadd.c |
47 | +++ b/src/groupadd.c | 46 | +++ b/src/groupadd.c |
48 | @@ -124,6 +124,7 @@ static void usage (void) | 47 | @@ -124,6 +124,7 @@ static /*@noreturn@*/void usage (int status) |
49 | (void) fputs (_(" -o, --non-unique allow to create groups with duplicate\n" | 48 | (void) fputs (_(" -o, --non-unique allow to create groups with duplicate\n" |
50 | " (non-unique) GID\n"), stderr); | 49 | " (non-unique) GID\n"), usageout); |
51 | (void) fputs (_(" -p, --password PASSWORD use this encrypted password for the new group\n"), stderr); | 50 | (void) fputs (_(" -p, --password PASSWORD use this encrypted password for the new group\n"), usageout); |
52 | + (void) fputs (_(" -P, --clear-password PASSWORD use this clear text password for the new group\n"), stderr); | 51 | + (void) fputs (_(" -P, --clear-password PASSWORD use this clear password for the new group\n"), usageout); |
53 | (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), stderr); | 52 | (void) fputs (_(" -r, --system create a system account\n"), usageout); |
54 | (void) fputs (_(" -r, --system create a system account\n"), stderr); | 53 | (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); |
55 | (void) fputs ("\n", stderr); | 54 | (void) fputs ("\n", usageout); |
56 | @@ -388,13 +389,14 @@ static void process_flags (int argc, char **argv) | 55 | @@ -387,12 +388,13 @@ static void process_flags (int argc, char **argv) |
57 | {"key", required_argument, NULL, 'K'}, | 56 | {"key", required_argument, NULL, 'K'}, |
58 | {"non-unique", no_argument, NULL, 'o'}, | 57 | {"non-unique", no_argument, NULL, 'o'}, |
59 | {"password", required_argument, NULL, 'p'}, | 58 | {"password", required_argument, NULL, 'p'}, |
60 | + {"clear-password", required_argument, NULL, 'P'}, | 59 | + {"clear-password", required_argument, NULL, 'P'}, |
61 | {"root", required_argument, NULL, 'R'}, | 60 | {"system", no_argument, NULL, 'r'}, |
62 | {"system", no_argument, NULL, 'r'}, | 61 | {"root", required_argument, NULL, 'R'}, |
63 | {NULL, 0, NULL, '\0'} | 62 | {NULL, 0, NULL, '\0'} |
64 | }; | 63 | }; |
65 | 64 | ||
66 | while ((c = | 65 | - while ((c = getopt_long (argc, argv, "fg:hK:op:rR:", |
67 | - getopt_long (argc, argv, "fg:hK:op:R:r", long_options, | 66 | + while ((c = getopt_long (argc, argv, "fg:hK:op:P:rR:", |
68 | + getopt_long (argc, argv, "fg:hK:op:P:R:r", long_options, | 67 | long_options, NULL)) != -1) { |
69 | &option_index)) != -1) { | ||
70 | switch (c) { | 68 | switch (c) { |
71 | case 'f': | 69 | case 'f': |
72 | @@ -446,6 +448,10 @@ static void process_flags (int argc, char **argv) | 70 | @@ -444,6 +446,10 @@ static void process_flags (int argc, char **argv) |
73 | pflg = true; | 71 | pflg = true; |
74 | group_passwd = optarg; | 72 | group_passwd = optarg; |
75 | break; | 73 | break; |
@@ -77,37 +75,35 @@ index 66b38de..3157486 100644 | |||
77 | + pflg = true; | 75 | + pflg = true; |
78 | + group_passwd = pw_encrypt (optarg, crypt_make_salt (NULL, NULL)); | 76 | + group_passwd = pw_encrypt (optarg, crypt_make_salt (NULL, NULL)); |
79 | + break; | 77 | + break; |
80 | case 'R': | 78 | case 'r': |
81 | if ('/' != optarg[0]) { | 79 | rflg = true; |
82 | fprintf (stderr, | 80 | break; |
83 | diff --git a/src/groupmod.c b/src/groupmod.c | 81 | diff --git a/src/groupmod.c b/src/groupmod.c |
84 | index 27eb159..17acbc3 100644 | 82 | index d9d3807..68f49d1 100644 |
85 | --- a/src/groupmod.c | 83 | --- a/src/groupmod.c |
86 | +++ b/src/groupmod.c | 84 | +++ b/src/groupmod.c |
87 | @@ -127,6 +127,8 @@ static void usage (void) | 85 | @@ -127,6 +127,7 @@ static void usage (int status) |
88 | (void) fputs (_(" -o, --non-unique allow to use a duplicate (non-unique) GID\n"), stderr); | 86 | (void) fputs (_(" -o, --non-unique allow to use a duplicate (non-unique) GID\n"), usageout); |
89 | (void) fputs (_(" -p, --password PASSWORD change the password to this (encrypted)\n" | 87 | (void) fputs (_(" -p, --password PASSWORD change the password to this (encrypted)\n" |
90 | " PASSWORD\n"), stderr); | 88 | " PASSWORD\n"), usageout); |
91 | + (void) fputs (_(" -P, --clear-password PASSWORD change the password to this (clear text)\n" | 89 | + (void) fputs (_(" -P, --clear-password PASSWORD change the password to this clear PASSWORD\n"), usageout); |
92 | + " PASSWORD\n"), stderr); | 90 | (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); |
93 | (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), stderr); | 91 | (void) fputs ("\n", usageout); |
94 | (void) fputs ("\n", stderr); | 92 | exit (status); |
95 | exit (E_USAGE); | 93 | @@ -375,10 +376,11 @@ static void process_flags (int argc, char **argv) |
96 | @@ -348,11 +350,12 @@ static void process_flags (int argc, char **argv) | 94 | {"new-name", required_argument, NULL, 'n'}, |
97 | {"new-name", required_argument, NULL, 'n'}, | 95 | {"non-unique", no_argument, NULL, 'o'}, |
98 | {"non-unique", no_argument, NULL, 'o'}, | 96 | {"password", required_argument, NULL, 'p'}, |
99 | {"password", required_argument, NULL, 'p'}, | ||
100 | + {"clear-password", required_argument, NULL, 'P'}, | 97 | + {"clear-password", required_argument, NULL, 'P'}, |
101 | {"root", required_argument, NULL, 'R'}, | 98 | {"root", required_argument, NULL, 'R'}, |
102 | {NULL, 0, NULL, '\0'} | 99 | {NULL, 0, NULL, '\0'} |
103 | }; | 100 | }; |
104 | while ((c = | 101 | - while ((c = getopt_long (argc, argv, "g:hn:op:R:", |
105 | - getopt_long (argc, argv, "g:hn:op:R:", | 102 | + while ((c = getopt_long (argc, argv, "g:hn:op:P:R:", |
106 | + getopt_long (argc, argv, "g:hn:op:P:R:", | 103 | long_options, NULL)) != -1) { |
107 | long_options, &option_index)) != -1) { | ||
108 | switch (c) { | 104 | switch (c) { |
109 | case 'g': | 105 | case 'g': |
110 | @@ -376,6 +379,10 @@ static void process_flags (int argc, char **argv) | 106 | @@ -405,6 +407,10 @@ static void process_flags (int argc, char **argv) |
111 | group_passwd = optarg; | 107 | group_passwd = optarg; |
112 | pflg = true; | 108 | pflg = true; |
113 | break; | 109 | break; |
@@ -115,84 +111,81 @@ index 27eb159..17acbc3 100644 | |||
115 | + group_passwd = pw_encrypt (optarg, crypt_make_salt (NULL, NULL)); | 111 | + group_passwd = pw_encrypt (optarg, crypt_make_salt (NULL, NULL)); |
116 | + pflg = true; | 112 | + pflg = true; |
117 | + break; | 113 | + break; |
118 | case 'R': | 114 | case 'R': /* no-op, handled in process_root_flag () */ |
119 | if ('/' != optarg[0]) { | 115 | break; |
120 | fprintf (stderr, | 116 | default: |
121 | diff --git a/src/useradd.c b/src/useradd.c | 117 | diff --git a/src/useradd.c b/src/useradd.c |
122 | index 2102630..390909c 100644 | 118 | index b3bd451..4416f90 100644 |
123 | --- a/src/useradd.c | 119 | --- a/src/useradd.c |
124 | +++ b/src/useradd.c | 120 | +++ b/src/useradd.c |
125 | @@ -716,6 +716,7 @@ static void usage (void) | 121 | @@ -773,6 +773,7 @@ static void usage (int status) |
126 | (void) fputs (_(" -o, --non-unique allow to create users with duplicate\n" | 122 | (void) fputs (_(" -o, --non-unique allow to create users with duplicate\n" |
127 | " (non-unique) UID\n"), stderr); | 123 | " (non-unique) UID\n"), usageout); |
128 | (void) fputs (_(" -p, --password PASSWORD encrypted password of the new account\n"), stderr); | 124 | (void) fputs (_(" -p, --password PASSWORD encrypted password of the new account\n"), usageout); |
129 | + (void) fputs (_(" -P, --clear-password PASSWORD clear text password of the new account\n"), stderr); | 125 | + (void) fputs (_(" -P, --clear-password PASSWORD clear password of the new account\n"), usageout); |
130 | (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), stderr); | 126 | (void) fputs (_(" -r, --system create a system account\n"), usageout); |
131 | (void) fputs (_(" -r, --system create a system account\n"), stderr); | 127 | (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); |
132 | (void) fputs (_(" -s, --shell SHELL login shell of the new account\n"), stderr); | 128 | (void) fputs (_(" -s, --shell SHELL login shell of the new account\n"), usageout); |
133 | @@ -1035,6 +1036,7 @@ static void process_flags (int argc, char **argv) | 129 | @@ -1047,6 +1048,7 @@ static void process_flags (int argc, char **argv) |
134 | {"no-user-group", no_argument, NULL, 'N'}, | 130 | {"no-user-group", no_argument, NULL, 'N'}, |
135 | {"non-unique", no_argument, NULL, 'o'}, | 131 | {"non-unique", no_argument, NULL, 'o'}, |
136 | {"password", required_argument, NULL, 'p'}, | 132 | {"password", required_argument, NULL, 'p'}, |
137 | + {"clear-password", required_argument, NULL, 'P'}, | 133 | + {"clear-password", required_argument, NULL, 'P'}, |
138 | {"root", required_argument, NULL, 'R'}, | 134 | {"system", no_argument, NULL, 'r'}, |
139 | {"system", no_argument, NULL, 'r'}, | 135 | {"root", required_argument, NULL, 'R'}, |
140 | {"shell", required_argument, NULL, 's'}, | 136 | {"shell", required_argument, NULL, 's'}, |
141 | @@ -1047,9 +1049,9 @@ static void process_flags (int argc, char **argv) | 137 | @@ -1059,9 +1061,9 @@ static void process_flags (int argc, char **argv) |
142 | }; | 138 | }; |
143 | while ((c = getopt_long (argc, argv, | 139 | while ((c = getopt_long (argc, argv, |
144 | #ifdef WITH_SELINUX | 140 | #ifdef WITH_SELINUX |
145 | - "b:c:d:De:f:g:G:k:K:lmMNop:R:rs:u:UZ:", | 141 | - "b:c:d:De:f:g:G:hk:K:lmMNop:rR:s:u:UZ:", |
146 | + "b:c:d:De:f:g:G:k:K:lmMNop:P:R:rs:u:UZ:", | 142 | + "b:c:d:De:f:g:G:hk:K:lmMNop:P:rR:s:u:UZ:", |
147 | #else | 143 | #else /* !WITH_SELINUX */ |
148 | - "b:c:d:De:f:g:G:k:K:lmMNop:R:rs:u:U", | 144 | - "b:c:d:De:f:g:G:hk:K:lmMNop:rR:s:u:U", |
149 | + "b:c:d:De:f:g:G:k:K:lmMNop:P:R:rs:u:U", | 145 | + "b:c:d:De:f:g:G:hk:K:lmMNop:P:rR:s:u:U", |
150 | #endif | 146 | #endif /* !WITH_SELINUX */ |
151 | long_options, NULL)) != -1) { | 147 | long_options, NULL)) != -1) { |
152 | switch (c) { | 148 | switch (c) { |
153 | @@ -1214,6 +1216,9 @@ static void process_flags (int argc, char **argv) | 149 | @@ -1227,6 +1229,9 @@ static void process_flags (int argc, char **argv) |
154 | } | 150 | } |
155 | user_pass = optarg; | 151 | user_pass = optarg; |
156 | break; | 152 | break; |
157 | + case 'P': /* set clear text password */ | 153 | + case 'P': /* set clear text password */ |
158 | + user_pass = pw_encrypt (optarg, crypt_make_salt (NULL, NULL)); | 154 | + user_pass = pw_encrypt (optarg, crypt_make_salt (NULL, NULL)); |
159 | + break; | 155 | + break; |
160 | case 'R': | 156 | case 'r': |
161 | /* no-op since we handled this in process_root_flag() earlier */ | 157 | rflg = true; |
162 | break; | 158 | break; |
163 | diff --git a/src/usermod.c b/src/usermod.c | 159 | diff --git a/src/usermod.c b/src/usermod.c |
164 | index 8363597..f4c1cee 100644 | 160 | index e7d4351..b79f7a3 100644 |
165 | --- a/src/usermod.c | 161 | --- a/src/usermod.c |
166 | +++ b/src/usermod.c | 162 | +++ b/src/usermod.c |
167 | @@ -325,6 +325,7 @@ static void usage (void) | 163 | @@ -419,6 +419,7 @@ static /*@noreturn@*/void usage (int status) |
168 | " new location (use only with -d)\n" | 164 | " new location (use only with -d)\n"), usageout); |
169 | " -o, --non-unique allow using duplicate (non-unique) UID\n" | 165 | (void) fputs (_(" -o, --non-unique allow using duplicate (non-unique) UID\n"), usageout); |
170 | " -p, --password PASSWORD use encrypted password for the new password\n" | 166 | (void) fputs (_(" -p, --password PASSWORD use encrypted password for the new password\n"), usageout); |
171 | + " -P, --clear-password PASSWORD use clear text password for the new password\n" | 167 | + (void) fputs (_(" -P, --clear-password PASSWORD use clear password for the new password\n"), usageout); |
172 | " -R --root CHROOT_DIR directory to chroot into\n" | 168 | (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); |
173 | " -s, --shell SHELL new login shell for the user account\n" | 169 | (void) fputs (_(" -s, --shell SHELL new login shell for the user account\n"), usageout); |
174 | " -u, --uid UID new UID for the user account\n" | 170 | (void) fputs (_(" -u, --uid UID new UID for the user account\n"), usageout); |
175 | @@ -950,6 +951,7 @@ static void process_flags (int argc, char **argv) | 171 | @@ -996,6 +997,7 @@ static void process_flags (int argc, char **argv) |
176 | {"move-home", no_argument, NULL, 'm'}, | 172 | {"move-home", no_argument, NULL, 'm'}, |
177 | {"non-unique", no_argument, NULL, 'o'}, | 173 | {"non-unique", no_argument, NULL, 'o'}, |
178 | {"password", required_argument, NULL, 'p'}, | 174 | {"password", required_argument, NULL, 'p'}, |
179 | + {"clear-password", required_argument, NULL, 'P'}, | 175 | + {"clear-password", required_argument, NULL, 'P'}, |
180 | {"root", required_argument, NULL, 'R'}, | 176 | {"root", required_argument, NULL, 'R'}, |
181 | #ifdef WITH_SELINUX | 177 | {"shell", required_argument, NULL, 's'}, |
182 | {"selinux-user", required_argument, NULL, 'Z'}, | 178 | {"uid", required_argument, NULL, 'u'}, |
183 | @@ -961,9 +963,9 @@ static void process_flags (int argc, char **argv) | 179 | @@ -1012,7 +1014,7 @@ static void process_flags (int argc, char **argv) |
180 | {NULL, 0, NULL, '\0'} | ||
184 | }; | 181 | }; |
185 | while ((c = getopt_long (argc, argv, | 182 | while ((c = getopt_long (argc, argv, |
186 | #ifdef WITH_SELINUX | 183 | - "ac:d:e:f:g:G:hl:Lmop:R:s:u:U" |
187 | - "ac:d:e:f:g:G:hl:Lmop:R:s:u:UZ:", | 184 | + "ac:d:e:f:g:G:hl:Lmop:P:R:s:u:U" |
188 | + "ac:d:e:f:g:G:hl:Lmop:P:R:s:u:UZ:", | 185 | #ifdef ENABLE_SUBIDS |
189 | #else | 186 | "v:w:V:W:" |
190 | - "ac:d:e:f:g:G:hl:Lmop:R:s:u:U", | 187 | #endif /* ENABLE_SUBIDS */ |
191 | + "ac:d:e:f:g:G:hl:Lmop:P:R:s:u:U", | 188 | @@ -1112,6 +1114,10 @@ static void process_flags (int argc, char **argv) |
192 | #endif | ||
193 | long_options, NULL)) != -1) { | ||
194 | switch (c) { | ||
195 | @@ -1055,6 +1057,10 @@ static void process_flags (int argc, char **argv) | ||
196 | user_pass = optarg; | 189 | user_pass = optarg; |
197 | pflg = true; | 190 | pflg = true; |
198 | break; | 191 | break; |
@@ -200,9 +193,9 @@ index 8363597..f4c1cee 100644 | |||
200 | + user_pass = pw_encrypt (optarg, crypt_make_salt (NULL, NULL)); | 193 | + user_pass = pw_encrypt (optarg, crypt_make_salt (NULL, NULL)); |
201 | + pflg = true; | 194 | + pflg = true; |
202 | + break; | 195 | + break; |
203 | case 'R': | 196 | case 'R': /* no-op, handled in process_root_flag () */ |
204 | /* no-op since we handled this in process_root_flag() earlier */ | ||
205 | break; | 197 | break; |
198 | case 's': | ||
206 | -- | 199 | -- |
207 | 1.7.9.5 | 200 | 1.7.9.5 |
208 | 201 | ||
diff --git a/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch b/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch new file mode 100644 index 0000000000..4fa3d184ed --- /dev/null +++ b/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch | |||
@@ -0,0 +1,46 @@ | |||
1 | Upstream-Status: Inappropriate [OE specific] | ||
2 | |||
3 | commonio.c: fix unexpected open failure in chroot environment | ||
4 | |||
5 | When using commands with '-R <newroot>' option in our pseudo environment, | ||
6 | we would usually get the 'Pemission Denied' error. This patch serves as | ||
7 | a workaround to this problem. | ||
8 | |||
9 | Note that this patch doesn't change the logic in the code, it just expands | ||
10 | the codes. | ||
11 | |||
12 | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> | ||
13 | --- | ||
14 | lib/commonio.c | 16 ++++++++++++---- | ||
15 | 1 file changed, 12 insertions(+), 4 deletions(-) | ||
16 | |||
17 | diff --git a/lib/commonio.c b/lib/commonio.c | ||
18 | index cc536bf..51cafd9 100644 | ||
19 | --- a/lib/commonio.c | ||
20 | +++ b/lib/commonio.c | ||
21 | @@ -613,10 +613,18 @@ int commonio_open (struct commonio_db *db, int mode) | ||
22 | db->cursor = NULL; | ||
23 | db->changed = false; | ||
24 | |||
25 | - fd = open (db->filename, | ||
26 | - (db->readonly ? O_RDONLY : O_RDWR) | ||
27 | - | O_NOCTTY | O_NONBLOCK | O_NOFOLLOW); | ||
28 | - saved_errno = errno; | ||
29 | + if (db->readonly) { | ||
30 | + fd = open (db->filename, | ||
31 | + (true ? O_RDONLY : O_RDWR) | ||
32 | + | O_NOCTTY | O_NONBLOCK | O_NOFOLLOW); | ||
33 | + saved_errno = errno; | ||
34 | + } else { | ||
35 | + fd = open (db->filename, | ||
36 | + (false ? O_RDONLY : O_RDWR) | ||
37 | + | O_NOCTTY | O_NONBLOCK | O_NOFOLLOW); | ||
38 | + saved_errno = errno; | ||
39 | + } | ||
40 | + | ||
41 | db->fp = NULL; | ||
42 | if (fd >= 0) { | ||
43 | #ifdef WITH_TCB | ||
44 | -- | ||
45 | 1.7.9.5 | ||
46 | |||
diff --git a/meta/recipes-extended/shadow/files/fix-etc-gshadow-reading.patch b/meta/recipes-extended/shadow/files/fix-etc-gshadow-reading.patch deleted file mode 100644 index 80ebdc22a4..0000000000 --- a/meta/recipes-extended/shadow/files/fix-etc-gshadow-reading.patch +++ /dev/null | |||
@@ -1,36 +0,0 @@ | |||
1 | shadow: Fix parsing of gshadow entries | ||
2 | |||
3 | Upstream-Status: Backport [http://anonscm.debian.org/viewvc/pkg-shadow?view=revision&revision=3096] | ||
4 | |||
5 | newgrp command does not function properly. | ||
6 | Even with the valid password, it outputs: "'Invalid password'" | ||
7 | |||
8 | Signed-off-by: Roy.Li <rongqing.li@windriver.com> | ||
9 | |||
10 | 2010-02-14 Michael Bunk <mb@computer-leipzig.com> | ||
11 | |||
12 | * NEWS, lib/gshadow.c: Fix parsing of gshadow entries. | ||
13 | |||
14 | diff -urpN a/lib/gshadow.c b/lib/gshadow.c | ||
15 | --- a/lib/gshadow.c 2013-07-11 10:18:15.745450428 +0800 | ||
16 | +++ b/lib/gshadow.c 2013-07-11 10:17:30.465450280 +0800 | ||
17 | @@ -222,6 +222,7 @@ void endsgent (void) | ||
18 | if (NULL == buf) { | ||
19 | return NULL; | ||
20 | } | ||
21 | + buflen = BUFSIZ; | ||
22 | } | ||
23 | |||
24 | if (NULL == fp) { | ||
25 | @@ -229,9 +230,9 @@ void endsgent (void) | ||
26 | } | ||
27 | |||
28 | #ifdef USE_NIS | ||
29 | - while (fgetsx (buf, (int) sizeof buf, fp) == buf) | ||
30 | + while (fgetsx (buf, (int) buflen, fp) == buf) | ||
31 | #else | ||
32 | - if (fgetsx (buf, (int) sizeof buf, fp) == buf) | ||
33 | + if (fgetsx (buf, (int) buflen, fp) == buf) | ||
34 | #endif | ||
35 | { | ||
36 | while ( ((cp = strrchr (buf, '\n')) == NULL) | ||
diff --git a/meta/recipes-extended/shadow/files/fix-installation-failure-with-subids-disabled.patch b/meta/recipes-extended/shadow/files/fix-installation-failure-with-subids-disabled.patch new file mode 100644 index 0000000000..02cb91aafd --- /dev/null +++ b/meta/recipes-extended/shadow/files/fix-installation-failure-with-subids-disabled.patch | |||
@@ -0,0 +1,28 @@ | |||
1 | Upstream-Status: Pending | ||
2 | |||
3 | Subject: fix installation failure with subids disabled | ||
4 | |||
5 | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> | ||
6 | --- | ||
7 | src/Makefile.am | 5 ++++- | ||
8 | 1 file changed, 4 insertions(+), 1 deletion(-) | ||
9 | |||
10 | diff --git a/src/Makefile.am b/src/Makefile.am | ||
11 | index 25e288d..076f8ef 100644 | ||
12 | --- a/src/Makefile.am | ||
13 | +++ b/src/Makefile.am | ||
14 | @@ -52,7 +52,10 @@ usbin_PROGRAMS = \ | ||
15 | noinst_PROGRAMS = id sulogin | ||
16 | |||
17 | suidbins = su | ||
18 | -suidubins = chage chfn chsh expiry gpasswd newgrp passwd newuidmap newgidmap | ||
19 | +suidubins = chage chfn chsh expiry gpasswd newgrp passwd | ||
20 | +if ENABLE_SUBIDS | ||
21 | +suidubins += newgidmap newuidmap | ||
22 | +endif | ||
23 | if ACCT_TOOLS_SETUID | ||
24 | suidubins += chage chgpasswd chpasswd groupadd groupdel groupmod newusers useradd userdel usermod | ||
25 | endif | ||
26 | -- | ||
27 | 1.7.9.5 | ||
28 | |||
diff --git a/meta/recipes-extended/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch b/meta/recipes-extended/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch deleted file mode 100644 index 651474674b..0000000000 --- a/meta/recipes-extended/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch +++ /dev/null | |||
@@ -1,31 +0,0 @@ | |||
1 | # commit message copied from openembedded: | ||
2 | # commit 246c80637b135f3a113d319b163422f98174ee6c | ||
3 | # Author: Khem Raj <raj.khem@gmail.com> | ||
4 | # Date: Wed Jun 9 13:37:03 2010 -0700 | ||
5 | # | ||
6 | # shadow-4.1.4.2: Add patches to support dots in login id. | ||
7 | # | ||
8 | # Signed-off-by: Khem Raj <raj.khem@gmail.com> | ||
9 | # | ||
10 | # comment added by Kevin Tian <kevin.tian@intel.com>, 2010-08-11 | ||
11 | |||
12 | http://bugs.gentoo.org/283725 | ||
13 | https://alioth.debian.org/tracker/index.php?func=detail&aid=311740&group_id=30580&atid=411480 | ||
14 | |||
15 | Upstream-Status: Pending | ||
16 | |||
17 | Signed-off-by: Scott Garman <scott.a.garman@intel.com> | ||
18 | |||
19 | Index: shadow-4.1.4.2/libmisc/env.c | ||
20 | =================================================================== | ||
21 | --- shadow-4.1.4.2.orig/libmisc/env.c 2009-04-27 13:07:56.000000000 -0700 | ||
22 | +++ shadow-4.1.4.2/libmisc/env.c 2010-06-03 17:44:51.456408474 -0700 | ||
23 | @@ -251,7 +251,7 @@ void sanitize_env (void) | ||
24 | if (strncmp (*cur, *bad, strlen (*bad)) != 0) { | ||
25 | continue; | ||
26 | } | ||
27 | - if (strchr (*cur, '/') != NULL) { | ||
28 | + if (strchr (*cur, '/') == NULL) { | ||
29 | continue; /* OK */ | ||
30 | } | ||
31 | for (move = cur; NULL != *move; move++) { | ||
diff --git a/meta/recipes-extended/shadow/files/shadow-4.1.4.2-groupmod-pam-check.patch b/meta/recipes-extended/shadow/files/shadow-4.1.4.2-groupmod-pam-check.patch deleted file mode 100644 index 640200b796..0000000000 --- a/meta/recipes-extended/shadow/files/shadow-4.1.4.2-groupmod-pam-check.patch +++ /dev/null | |||
@@ -1,36 +0,0 @@ | |||
1 | # commit message copied from openembedded: | ||
2 | # commit 246c80637b135f3a113d319b163422f98174ee6c | ||
3 | # Author: Khem Raj <raj.khem@gmail.com> | ||
4 | # Date: Wed Jun 9 13:37:03 2010 -0700 | ||
5 | # | ||
6 | # shadow-4.1.4.2: Add patches to support dots in login id. | ||
7 | # | ||
8 | # Signed-off-by: Khem Raj <raj.khem@gmail.com> | ||
9 | # | ||
10 | # comment added by Kevin Tian <kevin.tian@intel.com>, 2010-08-11 | ||
11 | |||
12 | http://bugs.gentoo.org/300790 | ||
13 | http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/2009-November/007850.html | ||
14 | |||
15 | 2009-11-05 Nicolas François <nicolas.francois@centraliens.net> | ||
16 | |||
17 | * NEWS, src/groupmod.c: Fixed groupmod when configured with | ||
18 | --enable-account-tools-setuid. | ||
19 | |||
20 | Upstream-Status: Pending | ||
21 | |||
22 | Signed-off-by: Scott Garman <scott.a.garman@intel.com> | ||
23 | |||
24 | Index: shadow-4.1.4.2/src/groupmod.c | ||
25 | =================================================================== | ||
26 | --- shadow-4.1.4.2.orig/src/groupmod.c 2009-06-05 15:16:58.000000000 -0700 | ||
27 | +++ shadow-4.1.4.2/src/groupmod.c 2010-06-03 17:45:43.828952613 -0700 | ||
28 | @@ -720,7 +720,7 @@ int main (int argc, char **argv) | ||
29 | { | ||
30 | struct passwd *pampw; | ||
31 | pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ | ||
32 | - if (NULL == pamh) { | ||
33 | + if (NULL == pampw) { | ||
34 | fprintf (stderr, | ||
35 | _("%s: Cannot determine your user name.\n"), | ||
36 | Prog); | ||
diff --git a/meta/recipes-extended/shadow/files/shadow-4.1.4.2-su_no_sanitize_env.patch b/meta/recipes-extended/shadow/files/shadow-4.1.4.2-su_no_sanitize_env.patch deleted file mode 100644 index 0dc4d75b97..0000000000 --- a/meta/recipes-extended/shadow/files/shadow-4.1.4.2-su_no_sanitize_env.patch +++ /dev/null | |||
@@ -1,31 +0,0 @@ | |||
1 | # commit message copied from openembedded: | ||
2 | # commit 246c80637b135f3a113d319b163422f98174ee6c | ||
3 | # Author: Khem Raj <raj.khem@gmail.com> | ||
4 | # Date: Wed Jun 9 13:37:03 2010 -0700 | ||
5 | # | ||
6 | # shadow-4.1.4.2: Add patches to support dots in login id. | ||
7 | # | ||
8 | # Signed-off-by: Khem Raj <raj.khem@gmail.com> | ||
9 | # | ||
10 | # comment added by Kevin Tian <kevin.tian@intel.com>, 2010-08-11 | ||
11 | |||
12 | http://bugs.gentoo.org/show_bug.cgi?id=301957 | ||
13 | https://alioth.debian.org/scm/browser.php?group_id=30580 | ||
14 | |||
15 | Upstream-Status: Pending | ||
16 | |||
17 | Signed-off-by: Scott Garman <scott.a.garman@intel.com> | ||
18 | |||
19 | Index: shadow-4.1.4.2/src/su.c | ||
20 | =================================================================== | ||
21 | --- shadow-4.1.4.2.orig/src/su.c 2009-07-23 13:38:56.000000000 -0700 | ||
22 | +++ shadow-4.1.4.2/src/su.c 2010-06-03 17:46:47.718944010 -0700 | ||
23 | @@ -378,7 +378,7 @@ int main (int argc, char **argv) | ||
24 | #endif | ||
25 | #endif /* !USE_PAM */ | ||
26 | |||
27 | - sanitize_env (); | ||
28 | + /* sanitize_env (); */ | ||
29 | |||
30 | (void) setlocale (LC_ALL, ""); | ||
31 | (void) bindtextdomain (PACKAGE, LOCALEDIR); | ||
diff --git a/meta/recipes-extended/shadow/files/shadow.automake-1.11.patch b/meta/recipes-extended/shadow/files/shadow.automake-1.11.patch deleted file mode 100644 index a793f09a4e..0000000000 --- a/meta/recipes-extended/shadow/files/shadow.automake-1.11.patch +++ /dev/null | |||
@@ -1,106 +0,0 @@ | |||
1 | # patch is from openembedded: | ||
2 | # commit 2db61370333f7a2fc1dbb86385734883387e0217 | ||
3 | # Author: Martin Jansa <Martin.Jansa@gmail.com> | ||
4 | # Date: Fri Apr 2 07:34:46 2010 +0200 | ||
5 | # | ||
6 | # shadow: fix do_install with automake-1.11 | ||
7 | # | ||
8 | # Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> | ||
9 | # | ||
10 | # comment added by Kevin Tian <kevin.tian@intel.com> | ||
11 | |||
12 | man_nopan is for !USE_PAM already included in man_MANS and automake-1.11 hates to install some file twice | ||
13 | |||
14 | Upstream-Status: Pending | ||
15 | |||
16 | Signed-off-by: Scott Garman <scott.a.garman@intel.com> | ||
17 | |||
18 | diff -uNr shadow-4.1.4.2.orig/man/Makefile.am shadow-4.1.4.2/man/Makefile.am | ||
19 | --- shadow-4.1.4.2.orig/man/Makefile.am 2009-03-14 15:40:10.000000000 +0100 | ||
20 | +++ shadow-4.1.4.2/man/Makefile.am 2010-04-02 07:31:17.000000000 +0200 | ||
21 | @@ -163,7 +163,6 @@ | ||
22 | $(man_MANS) \ | ||
23 | $(man_XMANS) \ | ||
24 | $(addprefix login.defs.d/,$(login_defs_v)) \ | ||
25 | - $(man_nopam) \ | ||
26 | id.1 \ | ||
27 | id.1.xml \ | ||
28 | sulogin.8 \ | ||
29 | diff -uNr shadow-4.1.4.2.orig/man/fr/Makefile.am shadow-4.1.4.2/man/fr/Makefile.am | ||
30 | --- shadow-4.1.4.2.orig/man/fr/Makefile.am 2008-09-06 18:44:45.000000000 +0200 | ||
31 | +++ shadow-4.1.4.2/man/fr/Makefile.am 2010-04-02 07:42:11.000000000 +0200 | ||
32 | @@ -52,7 +52,6 @@ | ||
33 | |||
34 | EXTRA_DIST = \ | ||
35 | $(man_MANS) \ | ||
36 | - $(man_nopam) \ | ||
37 | id.1 | ||
38 | |||
39 | include ../generate_translations.mak | ||
40 | diff -uNr shadow-4.1.4.2.orig/man/it/Makefile.am shadow-4.1.4.2/man/it/Makefile.am | ||
41 | --- shadow-4.1.4.2.orig/man/it/Makefile.am 2008-09-06 18:44:45.000000000 +0200 | ||
42 | +++ shadow-4.1.4.2/man/it/Makefile.am 2010-04-02 07:42:20.000000000 +0200 | ||
43 | @@ -46,7 +46,6 @@ | ||
44 | |||
45 | EXTRA_DIST = \ | ||
46 | $(man_MANS) \ | ||
47 | - $(man_nopam) \ | ||
48 | id.1 \ | ||
49 | logoutd.8 | ||
50 | |||
51 | diff -uNr shadow-4.1.4.2.orig/man/ja/Makefile.am shadow-4.1.4.2/man/ja/Makefile.am | ||
52 | --- shadow-4.1.4.2.orig/man/ja/Makefile.am 2007-12-31 17:48:28.000000000 +0100 | ||
53 | +++ shadow-4.1.4.2/man/ja/Makefile.am 2010-04-02 07:42:17.000000000 +0200 | ||
54 | @@ -49,7 +49,6 @@ | ||
55 | |||
56 | EXTRA_DIST = \ | ||
57 | $(man_MANS) \ | ||
58 | - $(man_nopam) \ | ||
59 | id.1 \ | ||
60 | shadow.3 \ | ||
61 | sulogin.8 | ||
62 | diff -uNr shadow-4.1.4.2.orig/man/pl/Makefile.am shadow-4.1.4.2/man/pl/Makefile.am | ||
63 | --- shadow-4.1.4.2.orig/man/pl/Makefile.am 2008-09-06 18:44:45.000000000 +0200 | ||
64 | +++ shadow-4.1.4.2/man/pl/Makefile.am 2010-04-02 07:42:07.000000000 +0200 | ||
65 | @@ -49,7 +49,6 @@ | ||
66 | |||
67 | EXTRA_DIST = \ | ||
68 | $(man_MANS) \ | ||
69 | - $(man_nopam) \ | ||
70 | getspnam.3 \ | ||
71 | id.1 \ | ||
72 | shadow.3 \ | ||
73 | diff -uNr shadow-4.1.4.2.orig/man/ru/Makefile.am shadow-4.1.4.2/man/ru/Makefile.am | ||
74 | --- shadow-4.1.4.2.orig/man/ru/Makefile.am 2010-04-02 07:39:00.000000000 +0200 | ||
75 | +++ shadow-4.1.4.2/man/ru/Makefile.am 2010-04-02 07:42:01.000000000 +0200 | ||
76 | @@ -54,7 +54,6 @@ | ||
77 | |||
78 | EXTRA_DIST = \ | ||
79 | $(man_MANS) \ | ||
80 | - $(man_nopam) \ | ||
81 | id.1 \ | ||
82 | sulogin.8 | ||
83 | |||
84 | diff -uNr shadow-4.1.4.2.orig/man/sv/Makefile.am shadow-4.1.4.2/man/sv/Makefile.am | ||
85 | --- shadow-4.1.4.2.orig/man/sv/Makefile.am 2008-09-06 18:44:45.000000000 +0200 | ||
86 | +++ shadow-4.1.4.2/man/sv/Makefile.am 2010-04-02 07:42:24.000000000 +0200 | ||
87 | @@ -53,8 +53,7 @@ | ||
88 | endif | ||
89 | |||
90 | EXTRA_DIST = \ | ||
91 | - $(man_MANS) \ | ||
92 | - $(man_nopam) | ||
93 | + $(man_MANS) | ||
94 | |||
95 | include ../generate_translations.mak | ||
96 | |||
97 | --- shadow-4.1.4.2.orig/man/ru/Makefile.am 2010-04-02 07:54:09.000000000 +0200 | ||
98 | +++ shadow-4.1.4.2/man/ru/Makefile.am 2010-04-02 07:51:57.000000000 +0200 | ||
99 | @@ -1,7 +1,6 @@ | ||
100 | mandir = @mandir@/ru | ||
101 | |||
102 | man_MANS = \ | ||
103 | - $(man_nopam) \ | ||
104 | chage.1 \ | ||
105 | chfn.1 \ | ||
106 | chgpasswd.8 \ | ||
diff --git a/meta/recipes-extended/shadow/files/shadow_fix_for_automake-1.12.patch b/meta/recipes-extended/shadow/files/shadow_fix_for_automake-1.12.patch deleted file mode 100644 index 6a27ed387d..0000000000 --- a/meta/recipes-extended/shadow/files/shadow_fix_for_automake-1.12.patch +++ /dev/null | |||
@@ -1,23 +0,0 @@ | |||
1 | Upstream-Status: pending | ||
2 | |||
3 | Automake 1.12 has deprecated automatic de-ANSI-fication support | ||
4 | |||
5 | This patch avoids this issue with automake 1.12: | ||
6 | |||
7 | | configure.in:22: error: automatic de-ANSI-fication support has been removed | ||
8 | |||
9 | Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> | ||
10 | 2012/05/02 | ||
11 | |||
12 | Index: shadow-4.1.4.3/configure.in | ||
13 | =================================================================== | ||
14 | --- shadow-4.1.4.3.orig/configure.in | ||
15 | +++ shadow-4.1.4.3/configure.in | ||
16 | @@ -19,7 +19,6 @@ AC_PROG_CC | ||
17 | AC_ISC_POSIX | ||
18 | AC_PROG_LN_S | ||
19 | AC_PROG_YACC | ||
20 | -AM_C_PROTOTYPES | ||
21 | AM_PROG_LIBTOOL | ||
22 | |||
23 | dnl Checks for libraries. | ||
diff --git a/meta/recipes-extended/shadow/files/slackware_fix_for_glib-2.17_crypt.patch b/meta/recipes-extended/shadow/files/slackware_fix_for_glib-2.17_crypt.patch deleted file mode 100644 index 7cd45afebb..0000000000 --- a/meta/recipes-extended/shadow/files/slackware_fix_for_glib-2.17_crypt.patch +++ /dev/null | |||
@@ -1,63 +0,0 @@ | |||
1 | |||
2 | This patch is from Slackware, I tried to find the actual | ||
3 | author to add that attribution. The comment below is the | ||
4 | best summary, I will not repeat it here. | ||
5 | |||
6 | Upstream-Status: Backport from slackware | ||
7 | |||
8 | Signed-off-by: Saul Wold <sgw@linux.intel.com> | ||
9 | |||
10 | Index: shadow-4.1.4.3/lib/encrypt.c | ||
11 | =================================================================== | ||
12 | --- shadow-4.1.4.3.orig/lib/encrypt.c | ||
13 | +++ shadow-4.1.4.3/lib/encrypt.c | ||
14 | @@ -45,15 +45,40 @@ char *pw_encrypt (const char *clear, con | ||
15 | static char cipher[128]; | ||
16 | char *cp; | ||
17 | |||
18 | - cp = crypt (clear, salt); | ||
19 | - if (!cp) { | ||
20 | - /* | ||
21 | - * Single Unix Spec: crypt() may return a null pointer, | ||
22 | - * and set errno to indicate an error. The caller doesn't | ||
23 | - * expect us to return NULL, so... | ||
24 | - */ | ||
25 | - perror ("crypt"); | ||
26 | - exit (EXIT_FAILURE); | ||
27 | + cp = crypt (clear, salt); | ||
28 | + if (!cp) { | ||
29 | + /* | ||
30 | + * In glibc-2.17 and newer, crypt() will return NULL if | ||
31 | + * it was called using an invalid salt format. Previous | ||
32 | + * versions of glibc would go ahead and compute a DES hash | ||
33 | + * using the invalid salt. The salt value in this case was | ||
34 | + * always '!'. We might arrive at this place if either the | ||
35 | + * user does not exist, or if the hash in /etc/shadow doesn't | ||
36 | + * have the proper magic for one of the supported hash | ||
37 | + * formats (for example, if the account was locked using | ||
38 | + * "passwd -l". To handle this situation, we will recompute | ||
39 | + * the hash using a hardcoded salt as was previously done | ||
40 | + * by glibc. The hash returned by the old glibc function | ||
41 | + * always began with "!!", which would ensure that it could | ||
42 | + * never match an otherwise valid hash in /etc/shadow that | ||
43 | + * was disabled with a "!" at the beginning (since the second | ||
44 | + * character would never be "!" as well), so we will also | ||
45 | + * prepend the resulting hash with "!!". Finally, in case | ||
46 | + * crypt() failed for some other reason we will check to see | ||
47 | + * if we still get NULL from crypt even with the valid salt | ||
48 | + * and will fail if that's the case. | ||
49 | + */ | ||
50 | + | ||
51 | + /* Recalculate hash using a hardcoded, valid SHA512 salt: */ | ||
52 | + cp = crypt (clear, "$6$8IIcy/1EPOk/"); | ||
53 | + | ||
54 | + if (!cp) { | ||
55 | + perror ("crypt"); | ||
56 | + exit (EXIT_FAILURE); | ||
57 | + } else { | ||
58 | + sprintf (cipher, "!!%s", cp); | ||
59 | + return cipher; | ||
60 | + } | ||
61 | } | ||
62 | |||
63 | /* The GNU crypt does not return NULL if the algorithm is not | ||
diff --git a/meta/recipes-extended/shadow/files/useradd.patch b/meta/recipes-extended/shadow/files/useradd.patch deleted file mode 100644 index ff5016c0bf..0000000000 --- a/meta/recipes-extended/shadow/files/useradd.patch +++ /dev/null | |||
@@ -1,17 +0,0 @@ | |||
1 | Work around a bug introduced with the --root option which was causing | ||
2 | all other arguments to be ignored. | ||
3 | |||
4 | Upstream-Status: inappropriate | ||
5 | Signed-off-by: Phil Blundell <philb@gnu.org> | ||
6 | |||
7 | --- a/src/useradd.c~ 2011-09-01 15:36:40.398234861 +0100 | ||
8 | +++ b/src/useradd.c 2011-09-01 17:29:00.782004133 +0100 | ||
9 | @@ -1957,6 +1957,8 @@ | ||
10 | |||
11 | get_defaults (); | ||
12 | |||
13 | + optind = 1; | ||
14 | + | ||
15 | process_flags (argc, argv); | ||
16 | |||
17 | #ifdef ACCT_TOOLS_SETUID | ||
diff --git a/meta/recipes-extended/shadow/files/usermod-fix-compilation-failure-with-subids-disabled.patch b/meta/recipes-extended/shadow/files/usermod-fix-compilation-failure-with-subids-disabled.patch new file mode 100644 index 0000000000..37dc153fca --- /dev/null +++ b/meta/recipes-extended/shadow/files/usermod-fix-compilation-failure-with-subids-disabled.patch | |||
@@ -0,0 +1,33 @@ | |||
1 | Upstream-Status: Pending | ||
2 | |||
3 | usermod: fix compilation failure with subids disabled | ||
4 | |||
5 | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> | ||
6 | --- | ||
7 | src/usermod.c | 3 ++- | ||
8 | 1 file changed, 2 insertions(+), 1 deletion(-) | ||
9 | |||
10 | diff --git a/src/usermod.c b/src/usermod.c | ||
11 | index e7d4351..685b50a 100644 | ||
12 | --- a/src/usermod.c | ||
13 | +++ b/src/usermod.c | ||
14 | @@ -1360,7 +1360,7 @@ static void process_flags (int argc, char **argv) | ||
15 | Prog, (unsigned long) user_newid); | ||
16 | exit (E_UID_IN_USE); | ||
17 | } | ||
18 | - | ||
19 | +#ifdef ENABLE_SUBIDS | ||
20 | if ( (vflg || Vflg) | ||
21 | && !is_sub_uid) { | ||
22 | fprintf (stderr, | ||
23 | @@ -1376,6 +1376,7 @@ static void process_flags (int argc, char **argv) | ||
24 | Prog, sub_gid_dbname (), "-w", "-W"); | ||
25 | exit (E_USAGE); | ||
26 | } | ||
27 | +#endif | ||
28 | } | ||
29 | |||
30 | /* | ||
31 | -- | ||
32 | 1.7.9.5 | ||
33 | |||
diff --git a/meta/recipes-extended/shadow/shadow-securetty_4.1.4.3.bb b/meta/recipes-extended/shadow/shadow-securetty_4.2.1.bb index 0e0410043b..0e0410043b 100644 --- a/meta/recipes-extended/shadow/shadow-securetty_4.1.4.3.bb +++ b/meta/recipes-extended/shadow/shadow-securetty_4.2.1.bb | |||
diff --git a/meta/recipes-extended/shadow/shadow-sysroot_4.1.4.3.bb b/meta/recipes-extended/shadow/shadow-sysroot_4.2.1.bb index 697569c47e..697569c47e 100644 --- a/meta/recipes-extended/shadow/shadow-sysroot_4.1.4.3.bb +++ b/meta/recipes-extended/shadow/shadow-sysroot_4.2.1.bb | |||
diff --git a/meta/recipes-extended/shadow/shadow.inc b/meta/recipes-extended/shadow/shadow.inc index 6848e054b3..40f58f0d12 100644 --- a/meta/recipes-extended/shadow/shadow.inc +++ b/meta/recipes-extended/shadow/shadow.inc | |||
@@ -1,50 +1,39 @@ | |||
1 | SUMMARY = "Tools to change and administer password and group data" | 1 | SUMMARY = "Tools to change and administer password and group data" |
2 | HOMEPAGE = "http://pkg-shadow.alioth.debian.org" | 2 | HOMEPAGE = "http://pkg-shadow.alioth.debian.org" |
3 | BUGTRACKER = "https://alioth.debian.org/tracker/?group_id=30580" | 3 | BUGTRACKER = "https://alioth.debian.org/tracker/?group_id=30580" |
4 | SECTION = "base utils" | 4 | SECTION = "base/utils" |
5 | LICENSE = "BSD | Artistic-1.0" | 5 | LICENSE = "BSD | Artistic-1.0" |
6 | LIC_FILES_CHKSUM = "file://COPYING;md5=08c553a87d4e51bbed50b20e0adcaede \ | 6 | LIC_FILES_CHKSUM = "file://COPYING;md5=ed80ff1c2b40843cf5768e5229cf16e5 \ |
7 | file://src/passwd.c;beginline=8;endline=30;md5=d83888ea14ae61951982d77125947661" | 7 | file://src/passwd.c;beginline=8;endline=30;md5=d83888ea14ae61951982d77125947661" |
8 | 8 | ||
9 | DEPENDS = "shadow-native" | 9 | DEPENDS = "shadow-native" |
10 | DEPENDS_class-native = "" | 10 | DEPENDS_class-native = "" |
11 | DEPENDS_class-nativesdk = "" | 11 | DEPENDS_class-nativesdk = "" |
12 | 12 | ||
13 | SRC_URI = "http://pkg-shadow.alioth.debian.org/releases/${BPN}-${PV}.tar.bz2 \ | 13 | SRC_URI = "http://pkg-shadow.alioth.debian.org/releases/${BPN}-${PV}.tar.xz \ |
14 | file://shadow.automake-1.11.patch \ | ||
15 | file://shadow_fix_for_automake-1.12.patch \ | ||
16 | file://shadow-4.1.3-dots-in-usernames.patch \ | 14 | file://shadow-4.1.3-dots-in-usernames.patch \ |
17 | file://shadow-4.1.4.2-env-reset-keep-locale.patch \ | 15 | file://usermod-fix-compilation-failure-with-subids-disabled.patch \ |
16 | file://fix-installation-failure-with-subids-disabled.patch \ | ||
18 | ${@bb.utils.contains('PACKAGECONFIG', 'pam', '${PAM_SRC_URI}', '', d)} \ | 17 | ${@bb.utils.contains('PACKAGECONFIG', 'pam', '${PAM_SRC_URI}', '', d)} \ |
19 | " | 18 | " |
20 | 19 | ||
21 | SRC_URI_append_class-target = " \ | 20 | SRC_URI_append_class-target = " \ |
22 | file://login_defs_pam.sed \ | 21 | file://login_defs_pam.sed \ |
23 | file://shadow-4.1.4.2-groupmod-pam-check.patch \ | ||
24 | file://shadow-4.1.4.2-su_no_sanitize_env.patch \ | ||
25 | file://shadow-update-pam-conf.patch \ | 22 | file://shadow-update-pam-conf.patch \ |
26 | file://slackware_fix_for_glib-2.17_crypt.patch \ | ||
27 | file://fix-etc-gshadow-reading.patch \ | ||
28 | " | 23 | " |
29 | 24 | ||
30 | SRC_URI_append_class-native = " \ | 25 | SRC_URI_append_class-native = " \ |
31 | file://add_root_cmd_options.patch \ | ||
32 | file://disable-syslog.patch \ | 26 | file://disable-syslog.patch \ |
33 | file://useradd.patch \ | ||
34 | file://add_root_cmd_groupmems.patch \ | ||
35 | file://allow-for-setting-password-in-clear-text.patch \ | 27 | file://allow-for-setting-password-in-clear-text.patch \ |
28 | file://commonio.c-fix-unexpected-open-failure-in-chroot-env.patch \ | ||
29 | file://0001-useradd.c-create-parent-directories-when-necessary.patch \ | ||
36 | " | 30 | " |
37 | SRC_URI_append_class-nativesdk = " \ | 31 | SRC_URI_append_class-nativesdk = " \ |
38 | file://add_root_cmd_options.patch \ | ||
39 | file://disable-syslog.patch \ | 32 | file://disable-syslog.patch \ |
40 | file://useradd.patch \ | ||
41 | file://add_root_cmd_groupmems.patch \ | ||
42 | " | 33 | " |
43 | 34 | ||
44 | SRC_URI[md5sum] = "b8608d8294ac88974f27b20f991c0e79" | 35 | SRC_URI[md5sum] = "2bfafe7d4962682d31b5eba65dba4fc8" |
45 | SRC_URI[sha256sum] = "633f5bb4ea0c88c55f3642c97f9d25cbef74f82e0b4cf8d54e7ad6f9f9caa778" | 36 | SRC_URI[sha256sum] = "3b0893d1476766868cd88920f4f1231c4795652aa407569faff802bcda0f3d41" |
46 | |||
47 | PR = "r14" | ||
48 | 37 | ||
49 | # Additional Policy files for PAM | 38 | # Additional Policy files for PAM |
50 | PAM_SRC_URI = "file://pam.d/chfn \ | 39 | PAM_SRC_URI = "file://pam.d/chfn \ |
@@ -61,6 +50,7 @@ EXTRA_OECONF += "--without-audit \ | |||
61 | --without-libcrack \ | 50 | --without-libcrack \ |
62 | --without-selinux \ | 51 | --without-selinux \ |
63 | --with-group-name-max-length=24 \ | 52 | --with-group-name-max-length=24 \ |
53 | --enable-subordinate-ids=no \ | ||
64 | ${NSCDOPT}" | 54 | ${NSCDOPT}" |
65 | 55 | ||
66 | NSCDOPT = "" | 56 | NSCDOPT = "" |
@@ -166,11 +156,11 @@ ALTERNATIVE_LINK_NAME[su] = "${base_bindir}/su" | |||
166 | 156 | ||
167 | pkg_postinst_${PN} () { | 157 | pkg_postinst_${PN} () { |
168 | if [ "x$D" != "x" ]; then | 158 | if [ "x$D" != "x" ]; then |
169 | rootarg="--root=$D" | 159 | rootarg="--root $D" |
170 | else | 160 | else |
171 | rootarg="" | 161 | rootarg="" |
172 | fi | 162 | fi |
173 | 163 | ||
174 | pwconv $rootarg | 164 | pwconv $rootarg || exit 1 |
175 | grpconv $rootarg | 165 | grpconv $rootarg || exit 1 |
176 | } | 166 | } |
diff --git a/meta/recipes-extended/shadow/shadow_4.1.4.3.bb b/meta/recipes-extended/shadow/shadow_4.2.1.bb index 5675cb8cc9..5675cb8cc9 100644 --- a/meta/recipes-extended/shadow/shadow_4.1.4.3.bb +++ b/meta/recipes-extended/shadow/shadow_4.2.1.bb | |||