linux/poky.git/meta/classes/useradd_base.bbclass, branch yocto-4.1.2

classes: Add SPDX license identifiers

2022-08-12T10:58:01+00:00

As stated in our top level license files, the license is MIT unless otherwise stated. Add SPDX identifers accordingly. Replace older license statementa with the standardised syntax. Also drop "All Rights Reserved" expression as it isn't used now, doesn't mean anything and is confusing. (From OE-Core rev: 081a391fe09a21265881e39a2a496e4e10b4f80b) Signed-off-by: Richard Purdie

classes: Add copyright statements to files without one

2022-08-12T10:58:01+00:00

Where there isn't a copyright statement, add one to make it explicit. Also drop editor config lines where they were present. (From OE-Core rev: 880c1ea3edc8edef974e65b2d424fc36809ea034) Signed-off-by: Richard Purdie

add new extrausers command passwd-expire

2020-11-11T10:08:12+00:00

This enhances extrausers with a new passwd-expire command that causes a local user's password to be expired as if the `passwd --expire` command was run, so the password needs to be changed on initial login. Example: EXTRA_USERS_PARAMS += " useradd ... USER; passwd-expire USER;" Tested: on useradd accounts When configured with Linux-PAM, console login prompts for and can successfully change the password. OpenSSH server works. Dropbear SSH server notes the password must be changed but does not offer a password change dialog and rejects the login request. (From OE-Core rev: 1bdcfa4b0d378947a6759fb91872a4edc9a42622) Signed-off-by: Joseph Reynolds Signed-off-by: Kai Kang Signed-off-by: Richard Purdie

useradd_base.bbclass: Make perform_groupmems handle overlapping usernames

2018-10-16T19:35:43+00:00

If the name of the last user being part of the group had a name that was a prefix of the user being added, then perform_groupmems() would treat it as if the user already existed in the list of users and not add it. Reported-by: Peter Henricsson (From OE-Core rev: 3bab0416f20366e75444be9b65fb1369643f103a) Signed-off-by: Peter Kjellerstedt Signed-off-by: Richard Purdie

useradd_base: keep group if it still has users

2017-01-26T10:44:27+00:00

perform_groupdel() tries to delete a group irrespective if other users have it as their primary group, thus the call to groupdel will fail with the following error error: groupdel: cannot remove the primary group of user '' Add a check to perform_groupdel() to determine if there are other users and keep the group, printing a warning. This is called right after a user is deleted to delete it's group. If the last user is deleted, only then the group is also deleted. (From OE-Core rev: bba1f02cb6d80279c6fed34bb18f010aa921fc1e) Signed-off-by: Ioan-Adrian Ratiu Signed-off-by: Richard Purdie

useradd_base.bbclass: Do not mess with the gshadow file in the sysroot

2016-09-16T14:24:03+00:00

Previously, if the gshadow file did not exist in the sysroot when perform_groupmems() was run, it would be temporarily created and removed again afterwards. This was supposedly due to groupmems failing if it does not exist. However, based on empirical testing and examination of the source code for groupmems, it should not fail if the gshadow file does not exist when groupmems is started. But it WILL fail if the file is removed sometime after its existence has been check at the beginning of the execution, but before it needs to be modified. And this is exactly what the previous code in perform_groupmems() could cause if multiple tasks simultaneously modified users or groups. It could cause any of the useradd, groupadd and groupmems commands to fail as long as at least one other recipe invoked perform_groupmems(). (From OE-Core rev: 4fcaa484a2e8046cf3277b5d14933cdaa94a4c3f) Signed-off-by: Peter Kjellerstedt Signed-off-by: Richard Purdie

useradd_base: avoid unintended expansion for useradd parameters

2016-08-23T16:44:40+00:00

Now, useradd dollar sign requires three prepending backslash characters to avoid unintended expansion. It used to be just one prepending backslash character before Krogoth. Restore that behaviour. [YOCTO #10062] (From OE-Core rev: 9e43a73c7ad576666d53c8c9e0283bc6bb9087a8) Signed-off-by: Niko Mauno Signed-off-by: Maxin B. John Signed-off-by: Ross Burton Signed-off-by: Richard Purdie

useradd_base.bbclass: remove flock option '-w'

2016-04-14T09:58:33+00:00

Option '-w 100' of flock is failsafe to finish if dead lock occurs. It should be impossible to occur dead lock. And option '-w' is not supported by busybox, so remove it. [YOCTO #9371] (From OE-Core rev: 5cf97364685bfb86c6eeaffcebcad62ba9f93ee4) Signed-off-by: Kai Kang Signed-off-by: Ross Burton Signed-off-by: Richard Purdie

useradd_base.bbclass: prevent variable expansion in $opts

2016-04-09T22:00:45+00:00

Many user/group operations will involve hashes which will include '$' followed by a number or even possibly an env. variable name. Passing $opts to flock requires that we take additional precautions to prevent the unexpected expansion of these instances. This was found by an image which used usermod operations to set the password hash for root. The image could not be logged-in to and examining /etc/shadow clearly showed that $0 and other $* variables had been expanded unexpectedly. This change returnes the behavior to what existed prior to commit 2ebf697b46c42cee8bfa6d2e6087397f8cce385c [useradd_base.bbclass: replace retry logic with flock]. (From OE-Core rev: d80065642c5a1c95a298b235a8d575460147ede1) Signed-off-by: Mark Asselstine Signed-off-by: Richard Purdie

useradd_base.bbclass: replace retry logic with flock

2016-03-20T23:12:27+00:00

When perform useradd during populate sysroot, it locks files passwd.lock and group.lock at same time. And then it meets a dead lock issue randomly. Use flock to reslove it by using an universal lock directory for all the user and group related operations. [YOCTO #9022] (From OE-Core rev: 2ebf697b46c42cee8bfa6d2e6087397f8cce385c) Signed-off-by: Kai Kang Signed-off-by: Ross Burton Signed-off-by: Richard Purdie