summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-extended')
-rw-r--r--meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch18
-rw-r--r--meta/recipes-extended/shadow/files/0001-Do-not-check-for-validity-of-shell-executable.patch29
-rw-r--r--meta/recipes-extended/shadow/files/0001-Make-the-sp_lstchg-shadow-field-reproducible-re.-71.patch89
-rw-r--r--meta/recipes-extended/shadow/files/0001-configure.ac-fix-configure-error-with-dash.patch36
-rw-r--r--meta/recipes-extended/shadow/files/0001-useradd.c-create-parent-directories-when-necessary.patch116
-rw-r--r--meta/recipes-extended/shadow/files/0002-Allow-for-setting-password-in-clear-text.patch (renamed from meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch)101
-rw-r--r--meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch15
-rw-r--r--meta/recipes-extended/shadow/files/shadow-relaxed-usernames.patch51
-rw-r--r--meta/recipes-extended/shadow/shadow.inc11
-rw-r--r--meta/recipes-extended/shadow/shadow_4.8.bb (renamed from meta/recipes-extended/shadow/shadow_4.6.bb)0
10 files changed, 133 insertions, 333 deletions
diff --git a/meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch b/meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch
index aac2d42b12..ab317b9aa0 100644
--- a/meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch
+++ b/meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch
@@ -1,4 +1,4 @@
1From 8cf3454d567f77233023be49a39a33e9f0836f89 Mon Sep 17 00:00:00 2001 1From fa2d9453656641002802d8165e80adb9e6a729d2 Mon Sep 17 00:00:00 2001
2From: Scott Garman <scott.a.garman@intel.com> 2From: Scott Garman <scott.a.garman@intel.com>
3Date: Thu, 14 Apr 2016 12:28:57 +0200 3Date: Thu, 14 Apr 2016 12:28:57 +0200
4Subject: [PATCH] Disable use of syslog for sysroot 4Subject: [PATCH] Disable use of syslog for sysroot
@@ -12,6 +12,7 @@ Upstream-Status: Inappropriate [disable feature]
12Signed-off-by: Scott Garman <scott.a.garman@intel.com> 12Signed-off-by: Scott Garman <scott.a.garman@intel.com>
13Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> 13Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
14Signed-off-by: Chen Qi <Qi.Chen@windriver.com> 14Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
15
15--- 16---
16 src/groupadd.c | 3 +++ 17 src/groupadd.c | 3 +++
17 src/groupdel.c | 3 +++ 18 src/groupdel.c | 3 +++
@@ -23,7 +24,7 @@ Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
23 7 files changed, 21 insertions(+) 24 7 files changed, 21 insertions(+)
24 25
25diff --git a/src/groupadd.c b/src/groupadd.c 26diff --git a/src/groupadd.c b/src/groupadd.c
26index 63e1c48..a596c49 100644 27index 2dd8eec..e9c4bb7 100644
27--- a/src/groupadd.c 28--- a/src/groupadd.c
28+++ b/src/groupadd.c 29+++ b/src/groupadd.c
29@@ -34,6 +34,9 @@ 30@@ -34,6 +34,9 @@
@@ -37,7 +38,7 @@ index 63e1c48..a596c49 100644
37 #include <fcntl.h> 38 #include <fcntl.h>
38 #include <getopt.h> 39 #include <getopt.h>
39diff --git a/src/groupdel.c b/src/groupdel.c 40diff --git a/src/groupdel.c b/src/groupdel.c
40index 70bed01..ababd81 100644 41index f941a84..5a70056 100644
41--- a/src/groupdel.c 42--- a/src/groupdel.c
42+++ b/src/groupdel.c 43+++ b/src/groupdel.c
43@@ -34,6 +34,9 @@ 44@@ -34,6 +34,9 @@
@@ -65,7 +66,7 @@ index fc91c8b..2842514 100644
65 #include <getopt.h> 66 #include <getopt.h>
66 #include <grp.h> 67 #include <grp.h>
67diff --git a/src/groupmod.c b/src/groupmod.c 68diff --git a/src/groupmod.c b/src/groupmod.c
68index 72daf2c..8965f9d 100644 69index 1dca5fc..bc14438 100644
69--- a/src/groupmod.c 70--- a/src/groupmod.c
70+++ b/src/groupmod.c 71+++ b/src/groupmod.c
71@@ -34,6 +34,9 @@ 72@@ -34,6 +34,9 @@
@@ -79,7 +80,7 @@ index 72daf2c..8965f9d 100644
79 #include <fcntl.h> 80 #include <fcntl.h>
80 #include <getopt.h> 81 #include <getopt.h>
81diff --git a/src/useradd.c b/src/useradd.c 82diff --git a/src/useradd.c b/src/useradd.c
82index 3aaf45c..1ab9174 100644 83index 4af0f7c..1b7bf06 100644
83--- a/src/useradd.c 84--- a/src/useradd.c
84+++ b/src/useradd.c 85+++ b/src/useradd.c
85@@ -34,6 +34,9 @@ 86@@ -34,6 +34,9 @@
@@ -93,7 +94,7 @@ index 3aaf45c..1ab9174 100644
93 #include <ctype.h> 94 #include <ctype.h>
94 #include <errno.h> 95 #include <errno.h>
95diff --git a/src/userdel.c b/src/userdel.c 96diff --git a/src/userdel.c b/src/userdel.c
96index c8de1d3..24d3ea9 100644 97index cc951e5..153e0be 100644
97--- a/src/userdel.c 98--- a/src/userdel.c
98+++ b/src/userdel.c 99+++ b/src/userdel.c
99@@ -34,6 +34,9 @@ 100@@ -34,6 +34,9 @@
@@ -107,7 +108,7 @@ index c8de1d3..24d3ea9 100644
107 #include <errno.h> 108 #include <errno.h>
108 #include <fcntl.h> 109 #include <fcntl.h>
109diff --git a/src/usermod.c b/src/usermod.c 110diff --git a/src/usermod.c b/src/usermod.c
110index ccfbb99..24fb60d 100644 111index 05b9871..21c6da9 100644
111--- a/src/usermod.c 112--- a/src/usermod.c
112+++ b/src/usermod.c 113+++ b/src/usermod.c
113@@ -34,6 +34,9 @@ 114@@ -34,6 +34,9 @@
@@ -120,6 +121,3 @@ index ccfbb99..24fb60d 100644
120 #include <assert.h> 121 #include <assert.h>
121 #include <ctype.h> 122 #include <ctype.h>
122 #include <errno.h> 123 #include <errno.h>
123--
1242.11.0
125
diff --git a/meta/recipes-extended/shadow/files/0001-Do-not-check-for-validity-of-shell-executable.patch b/meta/recipes-extended/shadow/files/0001-Do-not-check-for-validity-of-shell-executable.patch
new file mode 100644
index 0000000000..2d15ff0673
--- /dev/null
+++ b/meta/recipes-extended/shadow/files/0001-Do-not-check-for-validity-of-shell-executable.patch
@@ -0,0 +1,29 @@
1From 0d0aded7307a9f4ee0d299951512acd18b3e029e Mon Sep 17 00:00:00 2001
2From: Alexander Kanavin <alex.kanavin@gmail.com>
3Date: Wed, 4 Dec 2019 19:28:48 +0100
4Subject: [PATCH] Do not check for validity of shell executable.
5
6This kind of check fails when building a rootfs.
7
8Upstream-Status: Inappropriate [oe-core specific]
9Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
10---
11 src/useradd.c | 5 +----
12 1 file changed, 1 insertion(+), 4 deletions(-)
13
14diff --git a/src/useradd.c b/src/useradd.c
15index 4af0f7c..898fe02 100644
16--- a/src/useradd.c
17+++ b/src/useradd.c
18@@ -1328,10 +1328,7 @@ static void process_flags (int argc, char **argv)
19 if ( ( !VALID (optarg) )
20 || ( ('\0' != optarg[0])
21 && ('/' != optarg[0])
22- && ('*' != optarg[0]) )
23- || (stat(optarg, &st) != 0)
24- || (S_ISDIR(st.st_mode))
25- || (access(optarg, X_OK) != 0)) {
26+ && ('*' != optarg[0]) )) {
27 fprintf (stderr,
28 _("%s: invalid shell '%s'\n"),
29 Prog, optarg);
diff --git a/meta/recipes-extended/shadow/files/0001-Make-the-sp_lstchg-shadow-field-reproducible-re.-71.patch b/meta/recipes-extended/shadow/files/0001-Make-the-sp_lstchg-shadow-field-reproducible-re.-71.patch
deleted file mode 100644
index de0ba3ebb4..0000000000
--- a/meta/recipes-extended/shadow/files/0001-Make-the-sp_lstchg-shadow-field-reproducible-re.-71.patch
+++ /dev/null
@@ -1,89 +0,0 @@
1From fe34a2a0e44bc80ff213bfd185046a5f10c94997 Mon Sep 17 00:00:00 2001
2From: Chris Lamb <chris@chris-lamb.co.uk>
3Date: Wed, 2 Jan 2019 18:06:16 +0000
4Subject: [PATCH 1/2] Make the sp_lstchg shadow field reproducible (re. #71)
5
6From <https://github.com/shadow-maint/shadow/pull/71>:
7
8```
9The third field in the /etc/shadow file (sp_lstchg) contains the date of
10the last password change expressed as the number of days since Jan 1, 1970.
11As this is a relative time, creating a user today will result in:
12
13username:17238:0:99999:7:::
14whilst creating the same user tomorrow will result in:
15
16username:17239:0:99999:7:::
17This has an impact for the Reproducible Builds[0] project where we aim to
18be independent of as many elements the build environment as possible,
19including the current date.
20
21This patch changes the behaviour to use the SOURCE_DATE_EPOCH[1]
22environment variable (instead of Jan 1, 1970) if valid.
23```
24
25This updated PR adds some missing calls to gettime (). This was originally
26filed by Johannes Schauer in Debian as #917773 [2].
27
28[0] https://reproducible-builds.org/
29[1] https://reproducible-builds.org/specs/source-date-epoch/
30[2] https://bugs.debian.org/917773
31
32Upstream-Status: Backport
33Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
34---
35 libmisc/pwd2spwd.c | 3 +--
36 src/pwck.c | 2 +-
37 src/pwconv.c | 2 +-
38 3 files changed, 3 insertions(+), 4 deletions(-)
39
40diff --git a/libmisc/pwd2spwd.c b/libmisc/pwd2spwd.c
41index c1b9b29ac873..6799dd50d490 100644
42--- a/libmisc/pwd2spwd.c
43+++ b/libmisc/pwd2spwd.c
44@@ -40,7 +40,6 @@
45 #include "prototypes.h"
46 #include "defines.h"
47 #include <pwd.h>
48-extern time_t time (time_t *);
49
50 /*
51 * pwd_to_spwd - create entries for new spwd structure
52@@ -66,7 +65,7 @@ struct spwd *pwd_to_spwd (const struct passwd *pw)
53 */
54 sp.sp_min = 0;
55 sp.sp_max = (10000L * DAY) / SCALE;
56- sp.sp_lstchg = (long) time ((time_t *) 0) / SCALE;
57+ sp.sp_lstchg = (long) gettime () / SCALE;
58 if (0 == sp.sp_lstchg) {
59 /* Better disable aging than requiring a password
60 * change */
61diff --git a/src/pwck.c b/src/pwck.c
62index 0ffb711efb13..f70071b12500 100644
63--- a/src/pwck.c
64+++ b/src/pwck.c
65@@ -609,7 +609,7 @@ static void check_pw_file (int *errors, bool *changed)
66 sp.sp_inact = -1;
67 sp.sp_expire = -1;
68 sp.sp_flag = SHADOW_SP_FLAG_UNSET;
69- sp.sp_lstchg = (long) time ((time_t *) 0) / SCALE;
70+ sp.sp_lstchg = (long) gettime () / SCALE;
71 if (0 == sp.sp_lstchg) {
72 /* Better disable aging than
73 * requiring a password change
74diff --git a/src/pwconv.c b/src/pwconv.c
75index 9c69fa131d8e..f932f266c59c 100644
76--- a/src/pwconv.c
77+++ b/src/pwconv.c
78@@ -267,7 +267,7 @@ int main (int argc, char **argv)
79 spent.sp_flag = SHADOW_SP_FLAG_UNSET;
80 }
81 spent.sp_pwdp = pw->pw_passwd;
82- spent.sp_lstchg = (long) time ((time_t *) 0) / SCALE;
83+ spent.sp_lstchg = (long) gettime () / SCALE;
84 if (0 == spent.sp_lstchg) {
85 /* Better disable aging than requiring a password
86 * change */
87--
882.17.1
89
diff --git a/meta/recipes-extended/shadow/files/0001-configure.ac-fix-configure-error-with-dash.patch b/meta/recipes-extended/shadow/files/0001-configure.ac-fix-configure-error-with-dash.patch
deleted file mode 100644
index a74cbb0c0e..0000000000
--- a/meta/recipes-extended/shadow/files/0001-configure.ac-fix-configure-error-with-dash.patch
+++ /dev/null
@@ -1,36 +0,0 @@
1From 3c52a84ff8775590e7e9da9c0d4408c23494305e Mon Sep 17 00:00:00 2001
2From: Yi Zhao <yi.zhao@windriver.com>
3Date: Mon, 17 Jun 2019 15:36:34 +0800
4Subject: [PATCH] configure.ac: fix configure error with dash
5
6A configure error occurs when /bin/sh -> dash:
7 checking for is_selinux_enabled in -lselinux... yes
8 checking for semanage_connect in -lsemanage... yes
9 configure: 16322: test: yesyes: unexpected operator
10
11Use "=" instead of "==" since dash doesn't support this operator.
12
13Upstream-Status: Backport
14[https://github.com/shadow-maint/shadow/commit/3c52a84ff8775590e7e9da9c0d4408c23494305e]
15
16Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
17---
18 configure.ac | 2 +-
19 1 file changed, 1 insertion(+), 1 deletion(-)
20
21diff --git a/configure.ac b/configure.ac
22index 6762556..1907afb 100644
23--- a/configure.ac
24+++ b/configure.ac
25@@ -500,7 +500,7 @@ if test "$with_selinux" != "no"; then
26 AC_MSG_ERROR([libsemanage not found])
27 fi
28
29- if test "$selinux_lib$semanage_lib" == "yesyes" ; then
30+ if test "$selinux_lib$semanage_lib" = "yesyes" ; then
31 AC_DEFINE(WITH_SELINUX, 1,
32 [Build shadow with SELinux support])
33 LIBSELINUX="-lselinux"
34--
352.7.4
36
diff --git a/meta/recipes-extended/shadow/files/0001-useradd.c-create-parent-directories-when-necessary.patch b/meta/recipes-extended/shadow/files/0001-useradd.c-create-parent-directories-when-necessary.patch
deleted file mode 100644
index faa6f68ebe..0000000000
--- a/meta/recipes-extended/shadow/files/0001-useradd.c-create-parent-directories-when-necessary.patch
+++ /dev/null
@@ -1,116 +0,0 @@
1Subject: [PATCH] useradd.c: create parent directories when necessary
2
3Upstream-Status: Inappropriate [OE specific]
4
5Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
6---
7 src/useradd.c | 80 +++++++++++++++++++++++++++++++++++++++--------------------
8 1 file changed, 53 insertions(+), 27 deletions(-)
9
10diff --git a/src/useradd.c b/src/useradd.c
11index 00a3c30..9ecbb58 100644
12--- a/src/useradd.c
13+++ b/src/useradd.c
14@@ -2021,6 +2021,35 @@ static void usr_update (void)
15 }
16
17 /*
18+ * mkdir_p - create directories, including parent directories when needed
19+ *
20+ * similar to `mkdir -p'
21+ */
22+void mkdir_p(const char *path) {
23+ int len = strlen(path);
24+ char newdir[len + 1];
25+ mode_t mode = 0755;
26+ int i = 0;
27+
28+ if (path[i] == '\0') {
29+ return;
30+ }
31+
32+ /* skip the leading '/' */
33+ i++;
34+
35+ while(path[i] != '\0') {
36+ if (path[i] == '/') {
37+ strncpy(newdir, path, i);
38+ newdir[i] = '\0';
39+ mkdir(newdir, mode);
40+ }
41+ i++;
42+ }
43+ mkdir(path, mode);
44+}
45+
46+/*
47 * create_home - create the user's home directory
48 *
49 * create_home() creates the user's home directory if it does not
50@@ -2038,39 +2067,36 @@ static void create_home (void)
51 fail_exit (E_HOMEDIR);
52 }
53 #endif
54- /* XXX - create missing parent directories. --marekm */
55- if (mkdir (prefix_user_home, 0) != 0) {
56- fprintf (stderr,
57- _("%s: cannot create directory %s\n"),
58- Prog, prefix_user_home);
59+ mkdir_p(user_home);
60+ }
61+ if (access (prefix_user_home, F_OK) != 0) {
62 #ifdef WITH_AUDIT
63- audit_logger (AUDIT_ADD_USER, Prog,
64- "adding home directory",
65- user_name, (unsigned int) user_id,
66- SHADOW_AUDIT_FAILURE);
67+ audit_logger (AUDIT_ADD_USER, Prog,
68+ "adding home directory",
69+ user_name, (unsigned int) user_id,
70+ SHADOW_AUDIT_FAILURE);
71 #endif
72- fail_exit (E_HOMEDIR);
73- }
74- (void) chown (prefix_user_home, user_id, user_gid);
75- chmod (prefix_user_home,
76- 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
77- home_added = true;
78+ fail_exit (E_HOMEDIR);
79+ }
80+ (void) chown (prefix_user_home, user_id, user_gid);
81+ chmod (prefix_user_home,
82+ 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
83+ home_added = true;
84 #ifdef WITH_AUDIT
85- audit_logger (AUDIT_ADD_USER, Prog,
86- "adding home directory",
87- user_name, (unsigned int) user_id,
88- SHADOW_AUDIT_SUCCESS);
89+ audit_logger (AUDIT_ADD_USER, Prog,
90+ "adding home directory",
91+ user_name, (unsigned int) user_id,
92+ SHADOW_AUDIT_SUCCESS);
93 #endif
94 #ifdef WITH_SELINUX
95- /* Reset SELinux to create files with default contexts */
96- if (reset_selinux_file_context () != 0) {
97- fprintf (stderr,
98- _("%s: cannot reset SELinux file creation context\n"),
99- Prog);
100- fail_exit (E_HOMEDIR);
101- }
102-#endif
103+ /* Reset SELinux to create files with default contexts */
104+ if (reset_selinux_file_context () != 0) {
105+ fprintf (stderr,
106+ _("%s: cannot reset SELinux file creation context\n"),
107+ Prog);
108+ fail_exit (E_HOMEDIR);
109 }
110+#endif
111 }
112
113 /*
114--
1152.11.0
116
diff --git a/meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch b/meta/recipes-extended/shadow/files/0002-Allow-for-setting-password-in-clear-text.patch
index fa7eb07aa5..c6332e4f76 100644
--- a/meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch
+++ b/meta/recipes-extended/shadow/files/0002-Allow-for-setting-password-in-clear-text.patch
@@ -1,8 +1,12 @@
1From a7d995228491ad5255ad86c1f04ba071f6880897 Mon Sep 17 00:00:00 2001
2From: Chen Qi <Qi.Chen@windriver.com>
3Date: Sat, 16 Nov 2013 15:27:47 +0800
1Subject: [PATCH] Allow for setting password in clear text 4Subject: [PATCH] Allow for setting password in clear text
2 5
3Upstream-Status: Inappropriate [OE specific] 6Upstream-Status: Inappropriate [OE specific]
4 7
5Signed-off-by: Chen Qi <Qi.Chen@windriver.com> 8Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
9
6--- 10---
7 src/Makefile.am | 8 ++++---- 11 src/Makefile.am | 8 ++++----
8 src/groupadd.c | 20 +++++++++++++++----- 12 src/groupadd.c | 20 +++++++++++++++-----
@@ -12,39 +16,39 @@ Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
12 5 files changed, 64 insertions(+), 25 deletions(-) 16 5 files changed, 64 insertions(+), 25 deletions(-)
13 17
14diff --git a/src/Makefile.am b/src/Makefile.am 18diff --git a/src/Makefile.am b/src/Makefile.am
15index 3c98a8d..b8093d5 100644 19index f31fd7a..4a317a3 100644
16--- a/src/Makefile.am 20--- a/src/Makefile.am
17+++ b/src/Makefile.am 21+++ b/src/Makefile.am
18@@ -93,10 +93,10 @@ chgpasswd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBSELINUX) $(LIBCRYPT) 22@@ -103,10 +103,10 @@ chsh_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT_NOPAM)
19 chsh_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) 23 chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) $(LIBECONF)
20 chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT) 24 expiry_LDADD = $(LDADD) $(LIBECONF)
21 gpasswd_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) 25 gpasswd_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) $(LIBECONF)
22-groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) 26-groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
23+groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) 27+groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) $(LIBCRYPT)
24 groupdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) 28 groupdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
25 groupmems_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) 29 groupmems_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
26-groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) 30-groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
27+groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) 31+groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) $(LIBCRYPT)
28 grpck_LDADD = $(LDADD) $(LIBSELINUX) 32 grpck_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
29 grpconv_LDADD = $(LDADD) $(LIBSELINUX) 33 grpconv_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
30 grpunconv_LDADD = $(LDADD) $(LIBSELINUX) 34 grpunconv_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
31@@ -117,9 +117,9 @@ su_SOURCES = \ 35@@ -127,9 +127,9 @@ su_SOURCES = \
32 suauth.c 36 suauth.c
33 su_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) 37 su_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) $(LIBECONF)
34 sulogin_LDADD = $(LDADD) $(LIBCRYPT) 38 sulogin_LDADD = $(LDADD) $(LIBCRYPT) $(LIBECONF)
35-useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) 39-useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF)
36+useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBCRYPT) 40+useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF) $(LIBCRYPT)
37 userdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) 41 userdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBECONF)
38-usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) 42-usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF)
39+usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBCRYPT) 43+usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF) $(LIBCRYPT)
40 vipw_LDADD = $(LDADD) $(LIBSELINUX) 44 vipw_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
41 45
42 install-am: all-am 46 install-am: all-am
43diff --git a/src/groupadd.c b/src/groupadd.c 47diff --git a/src/groupadd.c b/src/groupadd.c
44index b57006c..63e1c48 100644 48index e9c4bb7..d572c00 100644
45--- a/src/groupadd.c 49--- a/src/groupadd.c
46+++ b/src/groupadd.c 50+++ b/src/groupadd.c
47@@ -123,9 +123,10 @@ static /*@noreturn@*/void usage (int status) 51@@ -127,9 +127,10 @@ static /*@noreturn@*/void usage (int status)
48 (void) fputs (_(" -o, --non-unique allow to create groups with duplicate\n" 52 (void) fputs (_(" -o, --non-unique allow to create groups with duplicate\n"
49 " (non-unique) GID\n"), usageout); 53 " (non-unique) GID\n"), usageout);
50 (void) fputs (_(" -p, --password PASSWORD use this encrypted password for the new group\n"), usageout); 54 (void) fputs (_(" -p, --password PASSWORD use this encrypted password for the new group\n"), usageout);
@@ -56,7 +60,7 @@ index b57006c..63e1c48 100644
56 (void) fputs ("\n", usageout); 60 (void) fputs ("\n", usageout);
57 exit (status); 61 exit (status);
58 } 62 }
59@@ -387,13 +388,14 @@ static void process_flags (int argc, char **argv) 63@@ -391,13 +392,14 @@ static void process_flags (int argc, char **argv)
60 {"key", required_argument, NULL, 'K'}, 64 {"key", required_argument, NULL, 'K'},
61 {"non-unique", no_argument, NULL, 'o'}, 65 {"non-unique", no_argument, NULL, 'o'},
62 {"password", required_argument, NULL, 'p'}, 66 {"password", required_argument, NULL, 'p'},
@@ -73,7 +77,7 @@ index b57006c..63e1c48 100644
73 long_options, NULL)) != -1) { 77 long_options, NULL)) != -1) {
74 switch (c) { 78 switch (c) {
75 case 'f': 79 case 'f':
76@@ -445,12 +447,20 @@ static void process_flags (int argc, char **argv) 80@@ -449,12 +451,20 @@ static void process_flags (int argc, char **argv)
77 pflg = true; 81 pflg = true;
78 group_passwd = optarg; 82 group_passwd = optarg;
79 break; 83 break;
@@ -95,7 +99,7 @@ index b57006c..63e1c48 100644
95 break; 99 break;
96 default: 100 default:
97 usage (E_USAGE); 101 usage (E_USAGE);
98@@ -584,7 +594,7 @@ int main (int argc, char **argv) 102@@ -588,7 +598,7 @@ int main (int argc, char **argv)
99 (void) textdomain (PACKAGE); 103 (void) textdomain (PACKAGE);
100 104
101 process_root_flag ("-R", argc, argv); 105 process_root_flag ("-R", argc, argv);
@@ -105,10 +109,10 @@ index b57006c..63e1c48 100644
105 OPENLOG ("groupadd"); 109 OPENLOG ("groupadd");
106 #ifdef WITH_AUDIT 110 #ifdef WITH_AUDIT
107diff --git a/src/groupmod.c b/src/groupmod.c 111diff --git a/src/groupmod.c b/src/groupmod.c
108index b293b98..72daf2c 100644 112index bc14438..25ccb44 100644
109--- a/src/groupmod.c 113--- a/src/groupmod.c
110+++ b/src/groupmod.c 114+++ b/src/groupmod.c
111@@ -134,8 +134,9 @@ static void usage (int status) 115@@ -138,8 +138,9 @@ static void usage (int status)
112 (void) fputs (_(" -o, --non-unique allow to use a duplicate (non-unique) GID\n"), usageout); 116 (void) fputs (_(" -o, --non-unique allow to use a duplicate (non-unique) GID\n"), usageout);
113 (void) fputs (_(" -p, --password PASSWORD change the password to this (encrypted)\n" 117 (void) fputs (_(" -p, --password PASSWORD change the password to this (encrypted)\n"
114 " PASSWORD\n"), usageout); 118 " PASSWORD\n"), usageout);
@@ -119,7 +123,7 @@ index b293b98..72daf2c 100644
119 (void) fputs ("\n", usageout); 123 (void) fputs ("\n", usageout);
120 exit (status); 124 exit (status);
121 } 125 }
122@@ -383,11 +384,12 @@ static void process_flags (int argc, char **argv) 126@@ -387,11 +388,12 @@ static void process_flags (int argc, char **argv)
123 {"new-name", required_argument, NULL, 'n'}, 127 {"new-name", required_argument, NULL, 'n'},
124 {"non-unique", no_argument, NULL, 'o'}, 128 {"non-unique", no_argument, NULL, 'o'},
125 {"password", required_argument, NULL, 'p'}, 129 {"password", required_argument, NULL, 'p'},
@@ -134,7 +138,7 @@ index b293b98..72daf2c 100644
134 long_options, NULL)) != -1) { 138 long_options, NULL)) != -1) {
135 switch (c) { 139 switch (c) {
136 case 'g': 140 case 'g':
137@@ -414,9 +416,17 @@ static void process_flags (int argc, char **argv) 141@@ -418,9 +420,17 @@ static void process_flags (int argc, char **argv)
138 group_passwd = optarg; 142 group_passwd = optarg;
139 pflg = true; 143 pflg = true;
140 break; 144 break;
@@ -153,7 +157,7 @@ index b293b98..72daf2c 100644
153 break; 157 break;
154 default: 158 default:
155 usage (E_USAGE); 159 usage (E_USAGE);
156@@ -757,7 +767,7 @@ int main (int argc, char **argv) 160@@ -761,7 +771,7 @@ int main (int argc, char **argv)
157 (void) textdomain (PACKAGE); 161 (void) textdomain (PACKAGE);
158 162
159 process_root_flag ("-R", argc, argv); 163 process_root_flag ("-R", argc, argv);
@@ -163,10 +167,10 @@ index b293b98..72daf2c 100644
163 OPENLOG ("groupmod"); 167 OPENLOG ("groupmod");
164 #ifdef WITH_AUDIT 168 #ifdef WITH_AUDIT
165diff --git a/src/useradd.c b/src/useradd.c 169diff --git a/src/useradd.c b/src/useradd.c
166index c74e491..7214e72 100644 170index 1b7bf06..44f09e2 100644
167--- a/src/useradd.c 171--- a/src/useradd.c
168+++ b/src/useradd.c 172+++ b/src/useradd.c
169@@ -829,9 +829,10 @@ static void usage (int status) 173@@ -853,9 +853,10 @@ static void usage (int status)
170 (void) fputs (_(" -o, --non-unique allow to create users with duplicate\n" 174 (void) fputs (_(" -o, --non-unique allow to create users with duplicate\n"
171 " (non-unique) UID\n"), usageout); 175 " (non-unique) UID\n"), usageout);
172 (void) fputs (_(" -p, --password PASSWORD encrypted password of the new account\n"), usageout); 176 (void) fputs (_(" -p, --password PASSWORD encrypted password of the new account\n"), usageout);
@@ -178,7 +182,7 @@ index c74e491..7214e72 100644
178 (void) fputs (_(" -s, --shell SHELL login shell of the new account\n"), usageout); 182 (void) fputs (_(" -s, --shell SHELL login shell of the new account\n"), usageout);
179 (void) fputs (_(" -u, --uid UID user ID of the new account\n"), usageout); 183 (void) fputs (_(" -u, --uid UID user ID of the new account\n"), usageout);
180 (void) fputs (_(" -U, --user-group create a group with the same name as the user\n"), usageout); 184 (void) fputs (_(" -U, --user-group create a group with the same name as the user\n"), usageout);
181@@ -1104,9 +1105,10 @@ static void process_flags (int argc, char **argv) 185@@ -1133,9 +1134,10 @@ static void process_flags (int argc, char **argv)
182 {"no-user-group", no_argument, NULL, 'N'}, 186 {"no-user-group", no_argument, NULL, 'N'},
183 {"non-unique", no_argument, NULL, 'o'}, 187 {"non-unique", no_argument, NULL, 'o'},
184 {"password", required_argument, NULL, 'p'}, 188 {"password", required_argument, NULL, 'p'},
@@ -190,7 +194,7 @@ index c74e491..7214e72 100644
190 {"shell", required_argument, NULL, 's'}, 194 {"shell", required_argument, NULL, 's'},
191 {"uid", required_argument, NULL, 'u'}, 195 {"uid", required_argument, NULL, 'u'},
192 {"user-group", no_argument, NULL, 'U'}, 196 {"user-group", no_argument, NULL, 'U'},
193@@ -1117,9 +1119,9 @@ static void process_flags (int argc, char **argv) 197@@ -1146,9 +1148,9 @@ static void process_flags (int argc, char **argv)
194 }; 198 };
195 while ((c = getopt_long (argc, argv, 199 while ((c = getopt_long (argc, argv,
196 #ifdef WITH_SELINUX 200 #ifdef WITH_SELINUX
@@ -202,7 +206,7 @@ index c74e491..7214e72 100644
202 #endif /* !WITH_SELINUX */ 206 #endif /* !WITH_SELINUX */
203 long_options, NULL)) != -1) { 207 long_options, NULL)) != -1) {
204 switch (c) { 208 switch (c) {
205@@ -1285,12 +1287,19 @@ static void process_flags (int argc, char **argv) 209@@ -1320,12 +1322,19 @@ static void process_flags (int argc, char **argv)
206 } 210 }
207 user_pass = optarg; 211 user_pass = optarg;
208 break; 212 break;
@@ -223,7 +227,7 @@ index c74e491..7214e72 100644
223 break; 227 break;
224 case 's': 228 case 's':
225 if ( ( !VALID (optarg) ) 229 if ( ( !VALID (optarg) )
226@@ -2148,7 +2157,7 @@ int main (int argc, char **argv) 230@@ -2257,7 +2266,7 @@ int main (int argc, char **argv)
227 231
228 process_root_flag ("-R", argc, argv); 232 process_root_flag ("-R", argc, argv);
229 233
@@ -233,10 +237,10 @@ index c74e491..7214e72 100644
233 OPENLOG ("useradd"); 237 OPENLOG ("useradd");
234 #ifdef WITH_AUDIT 238 #ifdef WITH_AUDIT
235diff --git a/src/usermod.c b/src/usermod.c 239diff --git a/src/usermod.c b/src/usermod.c
236index e571426..ccfbb99 100644 240index 21c6da9..cffdb3e 100644
237--- a/src/usermod.c 241--- a/src/usermod.c
238+++ b/src/usermod.c 242+++ b/src/usermod.c
239@@ -424,8 +424,9 @@ static /*@noreturn@*/void usage (int status) 243@@ -431,8 +431,9 @@ static /*@noreturn@*/void usage (int status)
240 " new location (use only with -d)\n"), usageout); 244 " new location (use only with -d)\n"), usageout);
241 (void) fputs (_(" -o, --non-unique allow using duplicate (non-unique) UID\n"), usageout); 245 (void) fputs (_(" -o, --non-unique allow using duplicate (non-unique) UID\n"), usageout);
242 (void) fputs (_(" -p, --password PASSWORD use encrypted password for the new password\n"), usageout); 246 (void) fputs (_(" -p, --password PASSWORD use encrypted password for the new password\n"), usageout);
@@ -247,7 +251,7 @@ index e571426..ccfbb99 100644
247 (void) fputs (_(" -s, --shell SHELL new login shell for the user account\n"), usageout); 251 (void) fputs (_(" -s, --shell SHELL new login shell for the user account\n"), usageout);
248 (void) fputs (_(" -u, --uid UID new UID for the user account\n"), usageout); 252 (void) fputs (_(" -u, --uid UID new UID for the user account\n"), usageout);
249 (void) fputs (_(" -U, --unlock unlock the user account\n"), usageout); 253 (void) fputs (_(" -U, --unlock unlock the user account\n"), usageout);
250@@ -1002,8 +1003,9 @@ static void process_flags (int argc, char **argv) 254@@ -1010,8 +1011,9 @@ static void process_flags (int argc, char **argv)
251 {"move-home", no_argument, NULL, 'm'}, 255 {"move-home", no_argument, NULL, 'm'},
252 {"non-unique", no_argument, NULL, 'o'}, 256 {"non-unique", no_argument, NULL, 'o'},
253 {"password", required_argument, NULL, 'p'}, 257 {"password", required_argument, NULL, 'p'},
@@ -258,16 +262,16 @@ index e571426..ccfbb99 100644
258 {"shell", required_argument, NULL, 's'}, 262 {"shell", required_argument, NULL, 's'},
259 {"uid", required_argument, NULL, 'u'}, 263 {"uid", required_argument, NULL, 'u'},
260 {"unlock", no_argument, NULL, 'U'}, 264 {"unlock", no_argument, NULL, 'U'},
261@@ -1019,7 +1021,7 @@ static void process_flags (int argc, char **argv) 265@@ -1027,7 +1029,7 @@ static void process_flags (int argc, char **argv)
262 {NULL, 0, NULL, '\0'} 266 {NULL, 0, NULL, '\0'}
263 }; 267 };
264 while ((c = getopt_long (argc, argv, 268 while ((c = getopt_long (argc, argv,
265- "ac:d:e:f:g:G:hl:Lmop:R:s:u:UP:" 269- "abc:d:e:f:g:G:hl:Lmop:R:s:u:UP:"
266+ "ac:d:e:f:g:G:hl:Lmop:P:R:s:u:UA:" 270+ "abc:d:e:f:g:G:hl:Lmop:P:R:s:u:UA:"
267 #ifdef ENABLE_SUBIDS 271 #ifdef ENABLE_SUBIDS
268 "v:w:V:W:" 272 "v:w:V:W:"
269 #endif /* ENABLE_SUBIDS */ 273 #endif /* ENABLE_SUBIDS */
270@@ -1119,9 +1121,17 @@ static void process_flags (int argc, char **argv) 274@@ -1130,9 +1132,17 @@ static void process_flags (int argc, char **argv)
271 user_pass = optarg; 275 user_pass = optarg;
272 pflg = true; 276 pflg = true;
273 break; 277 break;
@@ -286,7 +290,7 @@ index e571426..ccfbb99 100644
286 break; 290 break;
287 case 's': 291 case 's':
288 if (!VALID (optarg)) { 292 if (!VALID (optarg)) {
289@@ -2098,7 +2108,7 @@ int main (int argc, char **argv) 293@@ -2127,7 +2137,7 @@ int main (int argc, char **argv)
290 (void) textdomain (PACKAGE); 294 (void) textdomain (PACKAGE);
291 295
292 process_root_flag ("-R", argc, argv); 296 process_root_flag ("-R", argc, argv);
@@ -295,6 +299,3 @@ index e571426..ccfbb99 100644
295 299
296 OPENLOG ("usermod"); 300 OPENLOG ("usermod");
297 #ifdef WITH_AUDIT 301 #ifdef WITH_AUDIT
298--
2992.11.0
300
diff --git a/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch b/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch
index 4fa3d184ed..9825216369 100644
--- a/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch
+++ b/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch
@@ -1,3 +1,8 @@
1From 66533c7c6f347d257020675a1ed6e0c59cbbc3f0 Mon Sep 17 00:00:00 2001
2From: Chen Qi <Qi.Chen@windriver.com>
3Date: Thu, 17 Jul 2014 15:53:34 +0800
4Subject: [PATCH] commonio.c-fix-unexpected-open-failure-in-chroot-env
5
1Upstream-Status: Inappropriate [OE specific] 6Upstream-Status: Inappropriate [OE specific]
2 7
3commonio.c: fix unexpected open failure in chroot environment 8commonio.c: fix unexpected open failure in chroot environment
@@ -10,15 +15,16 @@ Note that this patch doesn't change the logic in the code, it just expands
10the codes. 15the codes.
11 16
12Signed-off-by: Chen Qi <Qi.Chen@windriver.com> 17Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
18
13--- 19---
14 lib/commonio.c | 16 ++++++++++++---- 20 lib/commonio.c | 16 ++++++++++++----
15 1 file changed, 12 insertions(+), 4 deletions(-) 21 1 file changed, 12 insertions(+), 4 deletions(-)
16 22
17diff --git a/lib/commonio.c b/lib/commonio.c 23diff --git a/lib/commonio.c b/lib/commonio.c
18index cc536bf..51cafd9 100644 24index 16fa7e7..d6bc297 100644
19--- a/lib/commonio.c 25--- a/lib/commonio.c
20+++ b/lib/commonio.c 26+++ b/lib/commonio.c
21@@ -613,10 +613,18 @@ int commonio_open (struct commonio_db *db, int mode) 27@@ -632,10 +632,18 @@ int commonio_open (struct commonio_db *db, int mode)
22 db->cursor = NULL; 28 db->cursor = NULL;
23 db->changed = false; 29 db->changed = false;
24 30
@@ -41,6 +47,3 @@ index cc536bf..51cafd9 100644
41 db->fp = NULL; 47 db->fp = NULL;
42 if (fd >= 0) { 48 if (fd >= 0) {
43 #ifdef WITH_TCB 49 #ifdef WITH_TCB
44--
451.7.9.5
46
diff --git a/meta/recipes-extended/shadow/files/shadow-relaxed-usernames.patch b/meta/recipes-extended/shadow/files/shadow-relaxed-usernames.patch
index 1af04d5fe8..cc833362e9 100644
--- a/meta/recipes-extended/shadow/files/shadow-relaxed-usernames.patch
+++ b/meta/recipes-extended/shadow/files/shadow-relaxed-usernames.patch
@@ -1,26 +1,37 @@
1From ca472d6866e545aaa70a70020e3226f236a8aafc Mon Sep 17 00:00:00 2001
2From: Shan Hai <shan.hai@windriver.com>
3Date: Tue, 13 Sep 2016 13:45:46 +0800
4Subject: [PATCH] shadow: use relaxed usernames
1 5
2The groupadd from shadow does not allow upper case group names, the 6The groupadd from shadow does not allow upper case group names, the
3same is true for the upstream shadow. But distributions like 7same is true for the upstream shadow. But distributions like
4Debian/Ubuntu/CentOS has their own way to cope with this problem, 8Debian/Ubuntu/CentOS has their own way to cope with this problem,
5this patch is picked up from CentOS release 7.0 to relax the usernames 9this patch is picked up from CentOS release 7.0 to relax the usernames
6restrictions to allow the upper case group names, and the relaxation is 10restrictions to allow the upper case group names, and the relaxation is
7POSIX compliant because POSIX indicate that usernames are composed of 11POSIX compliant because POSIX indicate that usernames are composed of
8characters from the portable filename character set [A-Za-z0-9._-]. 12characters from the portable filename character set [A-Za-z0-9._-].
9 13
10Upstream-Status: Pending 14Upstream-Status: Pending
11 15
12Signed-off-by: Shan Hai <shan.hai@windriver.com> 16Signed-off-by: Shan Hai <shan.hai@windriver.com>
13 17
14diff -urpN a/libmisc/chkname.c b/libmisc/chkname.c 18---
15index 5089112..f40a0da 100644 19 libmisc/chkname.c | 30 ++++++++++++++++++------------
20 man/groupadd.8.xml | 6 ------
21 man/useradd.8.xml | 8 +-------
22 3 files changed, 19 insertions(+), 25 deletions(-)
23
24diff --git a/libmisc/chkname.c b/libmisc/chkname.c
25index 90f185c..65762b4 100644
16--- a/libmisc/chkname.c 26--- a/libmisc/chkname.c
17+++ b/libmisc/chkname.c 27+++ b/libmisc/chkname.c
18@@ -49,21 +49,28 @@ 28@@ -55,22 +55,28 @@ static bool is_valid_name (const char *name)
19 static bool is_valid_name (const char *name) 29 }
20 { 30
21 /* 31 /*
22- * User/group names must match [a-z_][a-z0-9_-]*[$] 32- * User/group names must match [a-z_][a-z0-9_-]*[$]
23- */ 33- */
34-
24- if (('\0' == *name) || 35- if (('\0' == *name) ||
25- !((('a' <= *name) && ('z' >= *name)) || ('_' == *name))) { 36- !((('a' <= *name) && ('z' >= *name)) || ('_' == *name))) {
26+ * User/group names must match gnu e-regex: 37+ * User/group names must match gnu e-regex:
@@ -55,28 +66,28 @@ index 5089112..f40a0da 100644
55 return false; 66 return false;
56 } 67 }
57 } 68 }
58diff -urpN a/man/groupadd.8.xml b/man/groupadd.8.xml 69diff --git a/man/groupadd.8.xml b/man/groupadd.8.xml
59index 230fd0c..94f7807 100644 70index 1e58f09..d804b61 100644
60--- a/man/groupadd.8.xml 71--- a/man/groupadd.8.xml
61+++ b/man/groupadd.8.xml 72+++ b/man/groupadd.8.xml
62@@ -222,12 +222,6 @@ 73@@ -272,12 +272,6 @@
74
63 <refsect1 id='caveats'> 75 <refsect1 id='caveats'>
64 <title>CAVEATS</title> 76 <title>CAVEATS</title>
65 <para> 77- <para>
66- Groupnames must start with a lower case letter or an underscore, 78- Groupnames must start with a lower case letter or an underscore,
67- followed by lower case letters, digits, underscores, or dashes. 79- followed by lower case letters, digits, underscores, or dashes.
68- They can end with a dollar sign. 80- They can end with a dollar sign.
69- In regular expression terms: [a-z_][a-z0-9_-]*[$]? 81- In regular expression terms: [a-z_][a-z0-9_-]*[$]?
70- </para> 82- </para>
71- <para> 83 <para>
72 Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long. 84 Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long.
73 </para> 85 </para>
74 <para> 86diff --git a/man/useradd.8.xml b/man/useradd.8.xml
75diff -urpN a/man/useradd.8.xml b/man/useradd.8.xml 87index a16d730..c0bd777 100644
76index 5dec989..fe623b9 100644
77--- a/man/useradd.8.xml 88--- a/man/useradd.8.xml
78+++ b/man/useradd.8.xml 89+++ b/man/useradd.8.xml
79@@ -336,7 +336,7 @@ 90@@ -366,7 +366,7 @@
80 </term> 91 </term>
81 <listitem> 92 <listitem>
82 <para> 93 <para>
@@ -85,16 +96,16 @@ index 5dec989..fe623b9 100644
85 wide setting from <filename>/etc/login.defs</filename> 96 wide setting from <filename>/etc/login.defs</filename>
86 (<option>CREATE_HOME</option>) is set to 97 (<option>CREATE_HOME</option>) is set to
87 <replaceable>yes</replaceable>. 98 <replaceable>yes</replaceable>.
88@@ -607,12 +607,6 @@ 99@@ -660,12 +660,6 @@
100 the user account creation request.
89 </para> 101 </para>
90 102
91 <para> 103- <para>
92- Usernames must start with a lower case letter or an underscore, 104- Usernames must start with a lower case letter or an underscore,
93- followed by lower case letters, digits, underscores, or dashes. 105- followed by lower case letters, digits, underscores, or dashes.
94- They can end with a dollar sign. 106- They can end with a dollar sign.
95- In regular expression terms: [a-z_][a-z0-9_-]*[$]? 107- In regular expression terms: [a-z_][a-z0-9_-]*[$]?
96- </para> 108- </para>
97- <para> 109 <para>
98 Usernames may only be up to 32 characters long. 110 Usernames may only be up to 32 characters long.
99 </para> 111 </para>
100 </refsect1>
diff --git a/meta/recipes-extended/shadow/shadow.inc b/meta/recipes-extended/shadow/shadow.inc
index 770c239e96..267d2324c5 100644
--- a/meta/recipes-extended/shadow/shadow.inc
+++ b/meta/recipes-extended/shadow/shadow.inc
@@ -11,8 +11,6 @@ DEPENDS = "virtual/crypt"
11UPSTREAM_CHECK_URI = "https://github.com/shadow-maint/shadow/releases" 11UPSTREAM_CHECK_URI = "https://github.com/shadow-maint/shadow/releases"
12SRC_URI = "https://github.com/shadow-maint/shadow/releases/download/${PV}/${BP}.tar.gz \ 12SRC_URI = "https://github.com/shadow-maint/shadow/releases/download/${PV}/${BP}.tar.gz \
13 file://shadow-4.1.3-dots-in-usernames.patch \ 13 file://shadow-4.1.3-dots-in-usernames.patch \
14 file://0001-Make-the-sp_lstchg-shadow-field-reproducible-re.-71.patch \
15 file://0001-configure.ac-fix-configure-error-with-dash.patch \
16 ${@bb.utils.contains('PACKAGECONFIG', 'pam', '${PAM_SRC_URI}', '', d)} \ 14 ${@bb.utils.contains('PACKAGECONFIG', 'pam', '${PAM_SRC_URI}', '', d)} \
17 file://shadow-relaxed-usernames.patch \ 15 file://shadow-relaxed-usernames.patch \
18 " 16 "
@@ -24,16 +22,16 @@ SRC_URI_append_class-target = " \
24 22
25SRC_URI_append_class-native = " \ 23SRC_URI_append_class-native = " \
26 file://0001-Disable-use-of-syslog-for-sysroot.patch \ 24 file://0001-Disable-use-of-syslog-for-sysroot.patch \
27 file://allow-for-setting-password-in-clear-text.patch \ 25 file://0002-Allow-for-setting-password-in-clear-text.patch \
28 file://commonio.c-fix-unexpected-open-failure-in-chroot-env.patch \ 26 file://commonio.c-fix-unexpected-open-failure-in-chroot-env.patch \
29 file://0001-useradd.c-create-parent-directories-when-necessary.patch \ 27 file://0001-Do-not-check-for-validity-of-shell-executable.patch \
30 " 28 "
31SRC_URI_append_class-nativesdk = " \ 29SRC_URI_append_class-nativesdk = " \
32 file://0001-Disable-use-of-syslog-for-sysroot.patch \ 30 file://0001-Disable-use-of-syslog-for-sysroot.patch \
33 " 31 "
34 32
35SRC_URI[md5sum] = "36feb15665338ae3de414f2a88e434db" 33SRC_URI[md5sum] = "017ac773ba370bc28e157cee30dad71a"
36SRC_URI[sha256sum] = "4668f99bd087399c4a586084dc3b046b75f560720d83e92fd23bf7a89dda4d31" 34SRC_URI[sha256sum] = "82016d65317555fc8ce9e669eb187984d8d4b1f8ecda0769f4bc5412aed326e4"
37 35
38# Additional Policy files for PAM 36# Additional Policy files for PAM
39PAM_SRC_URI = "file://pam.d/chfn \ 37PAM_SRC_URI = "file://pam.d/chfn \
@@ -53,6 +51,7 @@ EXTRA_OECONF += "--without-audit \
53 --without-selinux \ 51 --without-selinux \
54 --with-group-name-max-length=24 \ 52 --with-group-name-max-length=24 \
55 --enable-subordinate-ids=yes \ 53 --enable-subordinate-ids=yes \
54 --without-sssd \
56 ${NSCDOPT}" 55 ${NSCDOPT}"
57 56
58NSCDOPT = "" 57NSCDOPT = ""
diff --git a/meta/recipes-extended/shadow/shadow_4.6.bb b/meta/recipes-extended/shadow/shadow_4.8.bb
index c975395ff8..c975395ff8 100644
--- a/meta/recipes-extended/shadow/shadow_4.6.bb
+++ b/meta/recipes-extended/shadow/shadow_4.8.bb