diff options
author | Scott Garman <scott.a.garman@intel.com> | 2011-06-28 15:15:39 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2011-06-30 20:56:18 +0100 |
commit | 7d4099a964ec79b1ac4cf5348cf9f4221c3d4908 (patch) | |
tree | 725e103d62ecbb749a87e762b0d927ddb2d78404 /meta/recipes-extended/shadow/files | |
parent | fd383ab8e0a8cc8098f557ffcb097190a495c45e (diff) | |
download | openembedded-core-7d4099a964ec79b1ac4cf5348cf9f4221c3d4908.tar.gz openembedded-core-7d4099a964ec79b1ac4cf5348cf9f4221c3d4908.tar.bz2 openembedded-core-7d4099a964ec79b1ac4cf5348cf9f4221c3d4908.zip |
shadow-native: fix creation of home directories
Pseudo was recently changed so that when system() calls are
made after a chroot(), the host binaries can no longer be found,
breaking the system("mkdir -p") approach when useradd creates
home directories.
Instead, use mkdir(2) to create home directories with a helper
function to ensure parent directories get created.
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
Diffstat (limited to 'meta/recipes-extended/shadow/files')
-rw-r--r-- | meta/recipes-extended/shadow/files/add_root_cmd_options.patch | 125 |
1 files changed, 98 insertions, 27 deletions
diff --git a/meta/recipes-extended/shadow/files/add_root_cmd_options.patch b/meta/recipes-extended/shadow/files/add_root_cmd_options.patch index db969bbb60..c5f2bec56b 100644 --- a/meta/recipes-extended/shadow/files/add_root_cmd_options.patch +++ b/meta/recipes-extended/shadow/files/add_root_cmd_options.patch @@ -27,7 +27,7 @@ Signed-off-by: Scott Garman <scott.a.garman@intel.com> diff -urN shadow-4.1.4.3.orig//src/gpasswd.c shadow-4.1.4.3//src/gpasswd.c --- shadow-4.1.4.3.orig//src/gpasswd.c 2011-02-13 09:58:16.000000000 -0800 -+++ shadow-4.1.4.3//src/gpasswd.c 2011-05-28 17:09:52.346013331 -0700 ++++ shadow-4.1.4.3//src/gpasswd.c 2011-06-28 15:12:03.539504372 -0700 @@ -63,6 +63,7 @@ * (/etc/gshadow present) */ static bool is_shadowgrp; @@ -146,7 +146,7 @@ diff -urN shadow-4.1.4.3.orig//src/gpasswd.c shadow-4.1.4.3//src/gpasswd.c #endif diff -urN shadow-4.1.4.3.orig//src/groupadd.c shadow-4.1.4.3//src/groupadd.c --- shadow-4.1.4.3.orig//src/groupadd.c 2011-02-13 09:58:16.000000000 -0800 -+++ shadow-4.1.4.3//src/groupadd.c 2011-05-28 17:09:52.346013331 -0700 ++++ shadow-4.1.4.3//src/groupadd.c 2011-06-28 15:12:03.539504372 -0700 @@ -76,6 +76,7 @@ static gid_t group_id; static /*@null@*/char *group_passwd; @@ -209,7 +209,7 @@ diff -urN shadow-4.1.4.3.orig//src/groupadd.c shadow-4.1.4.3//src/groupadd.c break; diff -urN shadow-4.1.4.3.orig//src/groupdel.c shadow-4.1.4.3//src/groupdel.c --- shadow-4.1.4.3.orig//src/groupdel.c 2011-02-13 09:58:16.000000000 -0800 -+++ shadow-4.1.4.3//src/groupdel.c 2011-05-28 17:09:52.346013331 -0700 ++++ shadow-4.1.4.3//src/groupdel.c 2011-06-28 15:12:03.539504372 -0700 @@ -36,6 +36,7 @@ #include <ctype.h> @@ -341,7 +341,7 @@ diff -urN shadow-4.1.4.3.orig//src/groupdel.c shadow-4.1.4.3//src/groupdel.c { diff -urN shadow-4.1.4.3.orig//src/groupmod.c shadow-4.1.4.3//src/groupmod.c --- shadow-4.1.4.3.orig//src/groupmod.c 2011-02-13 09:58:16.000000000 -0800 -+++ shadow-4.1.4.3//src/groupmod.c 2011-05-28 17:09:52.346013331 -0700 ++++ shadow-4.1.4.3//src/groupmod.c 2011-06-28 15:12:03.539504372 -0700 @@ -79,6 +79,7 @@ static char *group_passwd; static gid_t group_id; @@ -402,7 +402,7 @@ diff -urN shadow-4.1.4.3.orig//src/groupmod.c shadow-4.1.4.3//src/groupmod.c } diff -urN shadow-4.1.4.3.orig//src/grpconv.c shadow-4.1.4.3//src/grpconv.c --- shadow-4.1.4.3.orig//src/grpconv.c 2011-02-13 09:58:16.000000000 -0800 -+++ shadow-4.1.4.3//src/grpconv.c 2011-05-28 17:09:52.346013331 -0700 ++++ shadow-4.1.4.3//src/grpconv.c 2011-06-28 15:12:03.539504372 -0700 @@ -39,6 +39,7 @@ #include <errno.h> @@ -528,7 +528,7 @@ diff -urN shadow-4.1.4.3.orig//src/grpconv.c shadow-4.1.4.3//src/grpconv.c _("%s: cannot lock %s; try again later.\n"), diff -urN shadow-4.1.4.3.orig//src/grpunconv.c shadow-4.1.4.3//src/grpunconv.c --- shadow-4.1.4.3.orig//src/grpunconv.c 2011-02-13 09:58:16.000000000 -0800 -+++ shadow-4.1.4.3//src/grpunconv.c 2011-05-28 17:09:52.346013331 -0700 ++++ shadow-4.1.4.3//src/grpunconv.c 2011-06-28 15:12:03.539504372 -0700 @@ -43,6 +43,7 @@ #include <stdlib.h> #include <string.h> @@ -654,7 +654,7 @@ diff -urN shadow-4.1.4.3.orig//src/grpunconv.c shadow-4.1.4.3//src/grpunconv.c } diff -urN shadow-4.1.4.3.orig//src/passwd.c shadow-4.1.4.3//src/passwd.c --- shadow-4.1.4.3.orig//src/passwd.c 2011-02-13 09:58:16.000000000 -0800 -+++ shadow-4.1.4.3//src/passwd.c 2011-05-28 17:09:52.346013331 -0700 ++++ shadow-4.1.4.3//src/passwd.c 2011-06-28 15:12:03.539504372 -0700 @@ -75,6 +75,7 @@ static char *name; /* The name of user whose password is being changed */ static char *myname; /* The current user's name */ @@ -719,7 +719,7 @@ diff -urN shadow-4.1.4.3.orig//src/passwd.c shadow-4.1.4.3//src/passwd.c /* only "files" supported for now */ diff -urN shadow-4.1.4.3.orig//src/pwconv.c shadow-4.1.4.3//src/pwconv.c --- shadow-4.1.4.3.orig//src/pwconv.c 2011-02-13 09:58:16.000000000 -0800 -+++ shadow-4.1.4.3//src/pwconv.c 2011-05-28 17:09:52.346013331 -0700 ++++ shadow-4.1.4.3//src/pwconv.c 2011-06-28 15:12:03.539504372 -0700 @@ -59,6 +59,7 @@ #include <errno.h> @@ -848,7 +848,7 @@ diff -urN shadow-4.1.4.3.orig//src/pwconv.c shadow-4.1.4.3//src/pwconv.c _("%s: cannot lock %s; try again later.\n"), diff -urN shadow-4.1.4.3.orig//src/pwunconv.c shadow-4.1.4.3//src/pwunconv.c --- shadow-4.1.4.3.orig//src/pwunconv.c 2011-02-13 09:58:16.000000000 -0800 -+++ shadow-4.1.4.3//src/pwunconv.c 2011-05-28 17:09:52.356013600 -0700 ++++ shadow-4.1.4.3//src/pwunconv.c 2011-06-28 15:12:03.539504372 -0700 @@ -35,6 +35,7 @@ #ident "$Id: pwunconv.c 2852 2009-04-30 21:44:35Z nekral-guest $" @@ -970,7 +970,7 @@ diff -urN shadow-4.1.4.3.orig//src/pwunconv.c shadow-4.1.4.3//src/pwunconv.c exit (0); diff -urN shadow-4.1.4.3.orig//src/useradd.c shadow-4.1.4.3//src/useradd.c --- shadow-4.1.4.3.orig//src/useradd.c 2011-02-13 09:58:16.000000000 -0800 -+++ shadow-4.1.4.3//src/useradd.c 2011-05-28 17:10:25.446909971 -0700 ++++ shadow-4.1.4.3//src/useradd.c 2011-06-28 15:12:14.608787030 -0700 @@ -112,6 +112,7 @@ #ifdef WITH_SELINUX static const char *user_selinux = ""; @@ -1085,26 +1085,97 @@ diff -urN shadow-4.1.4.3.orig//src/useradd.c shadow-4.1.4.3//src/useradd.c case 'r': rflg = true; break; -@@ -1748,8 +1808,16 @@ +@@ -1735,6 +1795,36 @@ + } + } + #endif ++ ++/* ++ * mkdir_p - create directories, including parent directories when needed ++ * ++ * similar to mkdir -p ++ */ ++void mkdir_p(const char *path) { ++ int len = strlen(path); ++ char newdir[len + 1]; ++ mode_t mode = 0755; ++ int i = 0; ++ ++ if (path[i] == '\0') { ++ return; ++ } ++ ++ /* skip the leading '/' */ ++ i++; ++ ++ while(path[i] != '\0') { ++ if (path[i] == '/') { ++ strncpy(newdir, path, i); ++ newdir[i] = '\0'; ++ mkdir(newdir, mode); ++ } ++ i++; ++ } ++ mkdir(path, mode); ++} ++ + /* + * create_home - create the user's home directory + * +@@ -1748,34 +1838,31 @@ #ifdef WITH_SELINUX selinux_file_context (user_home); #endif - /* XXX - create missing parent directories. --marekm */ - if (mkdir (user_home, 0) != 0) { -+ /* shell out to invoke mkdir -p -+ * creating a subshell under pseudo's chroot() breaks the jail -+ * (bug in pseudo), so make sure we include the full host path -+ * to the sysroot when the --root option is in use. -+ */ -+ int sysroot_path_len = strlen(newroot); -+ int home_path_len = strlen(user_home); -+ char cmd[sysroot_path_len + home_path_len + 10]; -+ sprintf(cmd, "mkdir -p %s%s", newroot, user_home); -+ if (system (cmd) != 0) { - fprintf (stderr, - _("%s: cannot create directory %s\n"), - Prog, user_home); -@@ -1861,6 +1929,7 @@ +- fprintf (stderr, +- _("%s: cannot create directory %s\n"), +- Prog, user_home); +-#ifdef WITH_AUDIT +- audit_logger (AUDIT_ADD_USER, Prog, +- "adding home directory", +- user_name, (unsigned int) user_id, +- SHADOW_AUDIT_FAILURE); +-#endif +- fail_exit (E_HOMEDIR); +- } +- chown (user_home, user_id, user_gid); +- chmod (user_home, +- 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK)); +- home_added = true; ++ mkdir_p(user_home); ++ } ++ if (access (user_home, F_OK) != 0) { + #ifdef WITH_AUDIT + audit_logger (AUDIT_ADD_USER, Prog, + "adding home directory", + user_name, (unsigned int) user_id, +- SHADOW_AUDIT_SUCCESS); ++ SHADOW_AUDIT_FAILURE); ++#endif ++ fail_exit (E_HOMEDIR); ++ } ++ chown (user_home, user_id, user_gid); ++ chmod (user_home, ++ 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK)); ++ home_added = true; ++#ifdef WITH_AUDIT ++ audit_logger (AUDIT_ADD_USER, Prog, ++ "adding home directory", ++ user_name, (unsigned int) user_id, ++ SHADOW_AUDIT_SUCCESS); + #endif + #ifdef WITH_SELINUX +- /* Reset SELinux to create files with default contexts */ +- setfscreatecon (NULL); ++ /* Reset SELinux to create files with default contexts */ ++ setfscreatecon (NULL); + #endif +- } + } + + /* +@@ -1861,6 +1948,7 @@ */ user_groups[0] = (char *) 0; @@ -1114,7 +1185,7 @@ diff -urN shadow-4.1.4.3.orig//src/useradd.c shadow-4.1.4.3//src/useradd.c #ifdef SHADOWGRP diff -urN shadow-4.1.4.3.orig//src/userdel.c shadow-4.1.4.3//src/userdel.c --- shadow-4.1.4.3.orig//src/userdel.c 2011-02-13 09:58:16.000000000 -0800 -+++ shadow-4.1.4.3//src/userdel.c 2011-05-28 17:09:52.356013600 -0700 ++++ shadow-4.1.4.3//src/userdel.c 2011-06-28 15:12:03.549503721 -0700 @@ -79,6 +79,7 @@ static char *user_name; static uid_t user_id; @@ -1169,7 +1240,7 @@ diff -urN shadow-4.1.4.3.orig//src/userdel.c shadow-4.1.4.3//src/userdel.c break; diff -urN shadow-4.1.4.3.orig//src/usermod.c shadow-4.1.4.3//src/usermod.c --- shadow-4.1.4.3.orig//src/usermod.c 2011-02-13 09:58:16.000000000 -0800 -+++ shadow-4.1.4.3//src/usermod.c 2011-05-28 17:09:52.356013600 -0700 ++++ shadow-4.1.4.3//src/usermod.c 2011-06-28 15:12:03.549503721 -0700 @@ -110,6 +110,7 @@ static long user_newinactive; static long sys_ngroups; |