diff options
Diffstat (limited to 'meta')
19 files changed, 333 insertions, 1936 deletions
diff --git a/meta/recipes-extended/shadow/files/0001-useradd.c-create-parent-directories-when-necessary.patch b/meta/recipes-extended/shadow/files/0001-useradd.c-create-parent-directories-when-necessary.patch new file mode 100644 index 0000000000..85dde8e1bb --- /dev/null +++ b/meta/recipes-extended/shadow/files/0001-useradd.c-create-parent-directories-when-necessary.patch @@ -0,0 +1,109 @@ +Upstream-Status: Inappropriate [OE specific] + +Subject: useradd.c: create parent directories when necessary + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/useradd.c | 72 +++++++++++++++++++++++++++++++++++++++------------------ + 1 file changed, 49 insertions(+), 23 deletions(-) + +diff --git a/src/useradd.c b/src/useradd.c +index 4bd969d..cb5dd6c 100644 +--- a/src/useradd.c ++++ b/src/useradd.c +@@ -1893,6 +1893,35 @@ static void usr_update (void) + } + + /* ++ * mkdir_p - create directories, including parent directories when needed ++ * ++ * similar to `mkdir -p' ++ */ ++void mkdir_p(const char *path) { ++ int len = strlen(path); ++ char newdir[len + 1]; ++ mode_t mode = 0755; ++ int i = 0; ++ ++ if (path[i] == '\0') { ++ return; ++ } ++ ++ /* skip the leading '/' */ ++ i++; ++ ++ while(path[i] != '\0') { ++ if (path[i] == '/') { ++ strncpy(newdir, path, i); ++ newdir[i] = '\0'; ++ mkdir(newdir, mode); ++ } ++ i++; ++ } ++ mkdir(path, mode); ++} ++ ++/* + * create_home - create the user's home directory + * + * create_home() creates the user's home directory if it does not +@@ -1907,36 +1936,33 @@ static void create_home (void) + fail_exit (E_HOMEDIR); + } + #endif +- /* XXX - create missing parent directories. --marekm */ +- if (mkdir (user_home, 0) != 0) { +- fprintf (stderr, +- _("%s: cannot create directory %s\n"), +- Prog, user_home); +-#ifdef WITH_AUDIT +- audit_logger (AUDIT_ADD_USER, Prog, +- "adding home directory", +- user_name, (unsigned int) user_id, +- SHADOW_AUDIT_FAILURE); +-#endif +- fail_exit (E_HOMEDIR); +- } +- chown (user_home, user_id, user_gid); +- chmod (user_home, +- 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK)); +- home_added = true; ++ mkdir_p(user_home); ++ } ++ if (access (user_home, F_OK) != 0) { + #ifdef WITH_AUDIT + audit_logger (AUDIT_ADD_USER, Prog, + "adding home directory", + user_name, (unsigned int) user_id, +- SHADOW_AUDIT_SUCCESS); ++ SHADOW_AUDIT_FAILURE); + #endif +-#ifdef WITH_SELINUX +- /* Reset SELinux to create files with default contexts */ +- if (reset_selinux_file_context () != 0) { +- fail_exit (E_HOMEDIR); +- } ++ fail_exit (E_HOMEDIR); ++ } ++ chown (user_home, user_id, user_gid); ++ chmod (user_home, ++ 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK)); ++ home_added = true; ++#ifdef WITH_AUDIT ++ audit_logger (AUDIT_ADD_USER, Prog, ++ "adding home directory", ++ user_name, (unsigned int) user_id, ++ SHADOW_AUDIT_SUCCESS); + #endif ++#ifdef WITH_SELINUX ++ /* Reset SELinux to create files with default contexts */ ++ if (reset_selinux_file_context () != 0) { ++ fail_exit (E_HOMEDIR); + } ++#endif + } + + /* +-- +1.7.9.5 + diff --git a/meta/recipes-extended/shadow/files/add_root_cmd_groupmems.patch b/meta/recipes-extended/shadow/files/add_root_cmd_groupmems.patch deleted file mode 100644 index 40444967ab..0000000000 --- a/meta/recipes-extended/shadow/files/add_root_cmd_groupmems.patch +++ /dev/null @@ -1,75 +0,0 @@ -Add a --root command option to groupmems utility. - -This option allows the utility to be chrooted when run under pseudo. - -Signed-off-by: Mikhail Durnev <mikhail_durnev@mentor.com> - -diff -Naur old/src/groupmems.c new/src/groupmems.c ---- old/src/groupmems.c 2011-02-13 11:58:16.000000000 -0600 -+++ new/src/groupmems.c 2013-05-30 04:45:38.000000000 -0500 -@@ -60,6 +60,7 @@ - #define EXIT_MEMBER_EXISTS 7 /* member of group already exists */ - #define EXIT_INVALID_USER 8 /* specified user does not exist */ - #define EXIT_INVALID_GROUP 9 /* specified group does not exist */ -+#define EXIT_BAD_ARG 10 /* invalid argument to option */ - - /* - * Global variables -@@ -79,6 +80,7 @@ - static bool is_shadowgrp; - static bool sgr_locked = false; - #endif -+static const char *newroot = ""; - - /* local function prototypes */ - static char *whoami (void); -@@ -368,6 +370,7 @@ - "Options:\n" - " -g, --group groupname change groupname instead of the user's group\n" - " (root only)\n" -+ " -R, --root CHROOT_DIR directory to chroot into\n" - "\n" - "Actions:\n" - " -a, --add username add username to the members of the group\n" -@@ -391,10 +394,11 @@ - {"group", required_argument, NULL, 'g'}, - {"list", no_argument, NULL, 'l'}, - {"purge", no_argument, NULL, 'p'}, -+ {"root", required_argument, NULL, 'R'}, - {NULL, 0, NULL, '\0'} - }; - -- while ((arg = getopt_long (argc, argv, "a:d:g:lp", long_options, -+ while ((arg = getopt_long (argc, argv, "a:d:g:lpR:", long_options, - &option_index)) != EOF) { - switch (arg) { - case 'a': -@@ -416,6 +420,28 @@ - purge = true; - ++exclusive; - break; -+ case 'R': -+ if ('/' != optarg[0]) { -+ fprintf (stderr, -+ _("%s: invalid chroot path '%s'\n"), -+ Prog, optarg); -+ exit (EXIT_BAD_ARG); -+ } -+ newroot = optarg; -+ -+ if (access (newroot, F_OK) != 0) { -+ fprintf(stderr, -+ _("%s: chroot directory %s does not exist\n"), -+ Prog, newroot); -+ exit (EXIT_BAD_ARG); -+ } -+ if ( chroot(newroot) != 0 ) { -+ fprintf(stderr, -+ _("%s: unable to chroot to directory %s\n"), -+ Prog, newroot); -+ exit (EXIT_BAD_ARG); -+ } -+ break; - default: - usage (); - } diff --git a/meta/recipes-extended/shadow/files/add_root_cmd_options.patch b/meta/recipes-extended/shadow/files/add_root_cmd_options.patch deleted file mode 100644 index ab87e35535..0000000000 --- a/meta/recipes-extended/shadow/files/add_root_cmd_options.patch +++ /dev/null @@ -1,1384 +0,0 @@ -Add a --root command option to the following utilties: - -* useradd -* groupadd -* usermod -* groupmod -* userdel -* groupdel -* passwd -* gpasswd -* pwconv -* pwunconv -* grpconv -* grpunconv - -This option allows the utilities to be chrooted when run under pseudo. -They can then be used to manipulate user and group account information -in target sysroots. - -The useradd utility was also modified to create home directories -recursively when necessary. - -Upstream-Status: Inappropriate [Other] -Workaround is specific to our build system. - -Signed-off-by: Scott Garman <scott.a.garman@intel.com> - -2011-09-29 Fix the parsing of the --root option in gpasswd, useradd, usermod: - -In programs which need to scan the command line in two passes to handle ---root option separately from the rest of the arguments, replace the first -calls to getopt_long with a simple iteration over the argument list since -getopt_long has the bad habit of reordering arguments on the command line. - -Signed-off-by: Julian Pidancet <julian.pidancet@gmail.com> - -diff -urN shadow-4.1.4.3.orig//src/gpasswd.c shadow-4.1.4.3//src/gpasswd.c ---- shadow-4.1.4.3.orig//src/gpasswd.c 2011-09-29 12:00:45.211000091 +0100 -+++ shadow-4.1.4.3//src/gpasswd.c 2011-09-29 12:09:54.590000090 +0100 -@@ -63,6 +63,7 @@ - * (/etc/gshadow present) */ - static bool is_shadowgrp; - #endif -+static const char *newroot = ""; - - /* Flags set by options */ - static bool aflg = false; -@@ -97,6 +98,7 @@ - static void usage (void); - static RETSIGTYPE catch_signals (int killed); - static bool is_valid_user_list (const char *users); -+static void process_root_flag (int argc, char **argv); - static void process_flags (int argc, char **argv); - static void check_flags (int argc, int opt_index); - static void open_files (void); -@@ -136,6 +138,7 @@ - "Options:\n" - " -a, --add USER add USER to GROUP\n" - " -d, --delete USER remove USER from GROUP\n" -+ " -Q --root CHROOT_DIR directory to chroot into\n" - " -r, --remove-password remove the GROUP's password\n" - " -R, --restrict restrict access to GROUP to its members\n" - " -M, --members USER,... set the list of members of GROUP\n" -@@ -226,6 +229,57 @@ - } - - /* -+ * process_root_flag - chroot if given the --root option -+ * -+ * We do this outside of process_flags() because -+ * the is_shadow_pwd boolean needs to be set before -+ * process_flags(), and if we do need to chroot() we -+ * must do so before is_shadow_pwd gets set. -+ */ -+static void process_root_flag (int argc, char **argv) -+{ -+ /* -+ * Parse the command line options. -+ */ -+ int i; -+ char *root; -+ -+ for (i = 0; i < argc; i++) { -+ if (!strcmp (argv[i], "--root") || !strcmp (argv[i], "-Q")) { -+ if (i + 1 == argc) { -+ fprintf (stderr, -+ _("%s: option '%s' requires an argument\n"), -+ Prog, argv[i]); -+ exit (E_BAD_ARG); -+ } -+ root = argv[i + 1]; -+ -+ if ('/' != root[0]) { -+ fprintf (stderr, -+ _("%s: invalid chroot path '%s'\n"), -+ Prog, root); -+ exit (E_BAD_ARG); -+ } -+ newroot = root; -+ -+ if (access (newroot, F_OK) != 0) { -+ fprintf(stderr, -+ _("%s: chroot directory %s does not exist\n"), -+ Prog, newroot); -+ exit (E_BAD_ARG); -+ } -+ if ( chroot(newroot) != 0 ) { -+ fprintf(stderr, -+ _("%s: unable to chroot to directory %s\n"), -+ Prog, newroot); -+ exit (E_BAD_ARG); -+ } -+ break; -+ } -+ } -+} -+ -+/* - * process_flags - process the command line options and arguments - */ - static void process_flags (int argc, char **argv) -@@ -235,6 +289,7 @@ - static struct option long_options[] = { - {"add", required_argument, NULL, 'a'}, - {"delete", required_argument, NULL, 'd'}, -+ {"root", required_argument, NULL, 'Q'}, - {"remove-password", no_argument, NULL, 'r'}, - {"restrict", no_argument, NULL, 'R'}, - {"administrators", required_argument, NULL, 'A'}, -@@ -242,7 +297,7 @@ - {NULL, 0, NULL, '\0'} - }; - -- while ((flag = getopt_long (argc, argv, "a:A:d:gM:rR", long_options, &option_index)) != -1) { -+ while ((flag = getopt_long (argc, argv, "a:A:d:gM:Q:rR", long_options, &option_index)) != -1) { - switch (flag) { - case 'a': /* add a user */ - aflg = true; -@@ -283,6 +338,9 @@ - } - Mflg = true; - break; -+ case 'Q': -+ /* no-op since we handled this in process_root_flag() earlier */ -+ break; - case 'r': /* remove group password */ - rflg = true; - break; -@@ -995,6 +1053,8 @@ - setbuf (stdout, NULL); - setbuf (stderr, NULL); - -+ process_root_flag (argc, argv); -+ - #ifdef SHADOWGRP - is_shadowgrp = sgr_file_present (); - #endif -diff -urN shadow-4.1.4.3.orig//src/groupadd.c shadow-4.1.4.3//src/groupadd.c ---- shadow-4.1.4.3.orig//src/groupadd.c 2011-09-29 12:00:45.212000091 +0100 -+++ shadow-4.1.4.3//src/groupadd.c 2011-09-29 11:59:28.386000092 +0100 -@@ -76,6 +76,7 @@ - static gid_t group_id; - static /*@null@*/char *group_passwd; - static /*@null@*/char *empty_list = NULL; -+static const char *newroot = ""; - - static bool oflg = false; /* permit non-unique group ID to be specified with -g */ - static bool gflg = false; /* ID value for the new group */ -@@ -120,6 +121,7 @@ - (void) fputs (_(" -o, --non-unique allow to create groups with duplicate\n" - " (non-unique) GID\n"), stderr); - (void) fputs (_(" -p, --password PASSWORD use this encrypted password for the new group\n"), stderr); -+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), stderr); - (void) fputs (_(" -r, --system create a system account\n"), stderr); - (void) fputs ("\n", stderr); - exit (E_USAGE); -@@ -383,12 +385,13 @@ - {"key", required_argument, NULL, 'K'}, - {"non-unique", no_argument, NULL, 'o'}, - {"password", required_argument, NULL, 'p'}, -+ {"root", required_argument, NULL, 'R'}, - {"system", no_argument, NULL, 'r'}, - {NULL, 0, NULL, '\0'} - }; - - while ((c = -- getopt_long (argc, argv, "fg:hK:op:r", long_options, -+ getopt_long (argc, argv, "fg:hK:op:R:r", long_options, - &option_index)) != -1) { - switch (c) { - case 'f': -@@ -440,6 +443,28 @@ - pflg = true; - group_passwd = optarg; - break; -+ case 'R': -+ if ('/' != optarg[0]) { -+ fprintf (stderr, -+ _("%s: invalid chroot path '%s'\n"), -+ Prog, optarg); -+ exit (E_BAD_ARG); -+ } -+ newroot = optarg; -+ -+ if (access (newroot, F_OK) != 0) { -+ fprintf(stderr, -+ _("%s: chroot directory %s does not exist\n"), -+ Prog, newroot); -+ exit (E_BAD_ARG); -+ } -+ if ( chroot(newroot) != 0 ) { -+ fprintf(stderr, -+ _("%s: unable to chroot to directory %s\n"), -+ Prog, newroot); -+ exit (E_BAD_ARG); -+ } -+ break; - case 'r': - rflg = true; - break; -diff -urN shadow-4.1.4.3.orig//src/groupdel.c shadow-4.1.4.3//src/groupdel.c ---- shadow-4.1.4.3.orig//src/groupdel.c 2011-09-29 12:00:45.212000091 +0100 -+++ shadow-4.1.4.3//src/groupdel.c 2011-09-29 11:59:28.386000092 +0100 -@@ -36,6 +36,7 @@ - - #include <ctype.h> - #include <fcntl.h> -+#include <getopt.h> - #include <grp.h> - #include <pwd.h> - #ifdef ACCT_TOOLS_SETUID -@@ -59,6 +60,7 @@ - - static char *group_name; - static gid_t group_id = -1; -+static const char *newroot = ""; - - #ifdef SHADOWGRP - static bool is_shadow_grp; -@@ -70,12 +72,14 @@ - /*@-exitarg@*/ - #define E_SUCCESS 0 /* success */ - #define E_USAGE 2 /* invalid command syntax */ -+#define E_BAD_ARG 3 /* invalid argument to option */ - #define E_NOTFOUND 6 /* specified group doesn't exist */ - #define E_GROUP_BUSY 8 /* can't remove user's primary group */ - #define E_GRP_UPDATE 10 /* can't update group file */ - - /* local function prototypes */ - static void usage (void); -+static void process_flags (int argc, char **argv); - static void grp_update (void); - static void close_files (void); - static void open_files (void); -@@ -86,11 +90,78 @@ - */ - static void usage (void) - { -- fputs (_("Usage: groupdel group\n"), stderr); -+ (void) fprintf (stderr, -+ _("Usage: groupdel [options]\n" -+ "\n" -+ "Options:\n"), -+ Prog); -+ (void) fputs (_(" -g, --group GROUP group name to delete\n"), stderr); -+ (void) fputs (_(" -h, --help display this help message and exit\n"), stderr); -+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), stderr); -+ (void) fputs ("\n", stderr); - exit (E_USAGE); - } - - /* -+ * process_flags - perform command line argument setting -+ * -+ * process_flags() interprets the command line arguments and sets -+ * the values that the user will be created with accordingly. The -+ * values are checked for sanity. -+ */ -+static void process_flags (int argc, char **argv) -+{ -+ { -+ /* -+ * Parse the command line options. -+ */ -+ int c; -+ static struct option long_options[] = { -+ {"group", required_argument, NULL, 'g'}, -+ {"help", no_argument, NULL, 'h'}, -+ {"root", required_argument, NULL, 'R'}, -+ {NULL, 0, NULL, '\0'} -+ }; -+ while ((c = getopt_long (argc, argv, -+ "g:R:", -+ long_options, NULL)) != -1) { -+ switch (c) { -+ case 'g': -+ group_name = optarg; -+ break; -+ case 'h': -+ usage (); -+ break; -+ case 'R': -+ if ('/' != optarg[0]) { -+ fprintf (stderr, -+ _("%s: invalid chroot path '%s'\n"), -+ Prog, optarg); -+ exit (E_BAD_ARG); -+ } -+ newroot = optarg; -+ -+ if (access (newroot, F_OK) != 0) { -+ fprintf(stderr, -+ _("%s: chroot directory %s does not exist\n"), -+ Prog, newroot); -+ exit (E_BAD_ARG); -+ } -+ if ( chroot(newroot) != 0 ) { -+ fprintf(stderr, -+ _("%s: unable to chroot to directory %s\n"), -+ Prog, newroot); -+ exit (E_BAD_ARG); -+ } -+ break; -+ default: -+ usage (); -+ } -+ } -+ } -+} -+ -+/* - * grp_update - update group file entries - * - * grp_update() writes the new records to the group files. -@@ -328,14 +399,14 @@ - (void) bindtextdomain (PACKAGE, LOCALEDIR); - (void) textdomain (PACKAGE); - -- if (argc != 2) { -+ if (argc == 1) { - usage (); - } - -- group_name = argv[1]; -- - OPENLOG ("groupdel"); - -+ process_flags (argc, argv); -+ - #ifdef ACCT_TOOLS_SETUID - #ifdef USE_PAM - { -diff -urN shadow-4.1.4.3.orig//src/groupmod.c shadow-4.1.4.3//src/groupmod.c ---- shadow-4.1.4.3.orig//src/groupmod.c 2011-09-29 12:00:45.212000091 +0100 -+++ shadow-4.1.4.3//src/groupmod.c 2011-09-29 11:59:28.387000092 +0100 -@@ -79,6 +79,7 @@ - static char *group_passwd; - static gid_t group_id; - static gid_t group_newid; -+static char *newroot = ""; - - struct cleanup_info_mod info_passwd; - struct cleanup_info_mod info_group; -@@ -126,6 +127,7 @@ - (void) fputs (_(" -o, --non-unique allow to use a duplicate (non-unique) GID\n"), stderr); - (void) fputs (_(" -p, --password PASSWORD change the password to this (encrypted)\n" - " PASSWORD\n"), stderr); -+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), stderr); - (void) fputs ("\n", stderr); - exit (E_USAGE); - } -@@ -346,10 +348,11 @@ - {"new-name", required_argument, NULL, 'n'}, - {"non-unique", no_argument, NULL, 'o'}, - {"password", required_argument, NULL, 'p'}, -+ {"root", required_argument, NULL, 'R'}, - {NULL, 0, NULL, '\0'} - }; - while ((c = -- getopt_long (argc, argv, "g:hn:op:", -+ getopt_long (argc, argv, "g:hn:op:R:", - long_options, &option_index)) != -1) { - switch (c) { - case 'g': -@@ -373,6 +376,28 @@ - group_passwd = optarg; - pflg = true; - break; -+ case 'R': -+ if ('/' != optarg[0]) { -+ fprintf (stderr, -+ _("%s: invalid chroot path '%s'\n"), -+ Prog, optarg); -+ exit (E_BAD_ARG); -+ } -+ newroot = optarg; -+ -+ if (access (newroot, F_OK) != 0) { -+ fprintf(stderr, -+ _("%s: chroot directory %s does not exist\n"), -+ Prog, newroot); -+ exit (E_BAD_ARG); -+ } -+ if ( chroot(newroot) != 0 ) { -+ fprintf(stderr, -+ _("%s: unable to chroot to directory %s\n"), -+ Prog, newroot); -+ exit (E_BAD_ARG); -+ } -+ break; - default: - usage (); - } -diff -urN shadow-4.1.4.3.orig//src/grpconv.c shadow-4.1.4.3//src/grpconv.c ---- shadow-4.1.4.3.orig//src/grpconv.c 2011-09-29 12:00:45.213000091 +0100 -+++ shadow-4.1.4.3//src/grpconv.c 2011-09-29 11:59:28.387000092 +0100 -@@ -39,6 +39,7 @@ - - #include <errno.h> - #include <fcntl.h> -+#include <getopt.h> - #include <grp.h> - #include <stdio.h> - #include <stdlib.h> -@@ -50,6 +51,14 @@ - #ifdef SHADOWGRP - #include "groupio.h" - #include "sgroupio.h" -+ -+/* -+ * exit status values -+ */ -+/*@-exitarg@*/ -+#define E_USAGE 2 /* invalid command syntax */ -+#define E_BAD_ARG 3 /* invalid argument to option */ -+ - /* - * Global variables - */ -@@ -57,9 +66,12 @@ - - static bool gr_locked = false; - static bool sgr_locked = false; -+static const char *newroot = ""; - - /* local function prototypes */ - static void fail_exit (int status); -+static void usage (void); -+static void process_flags (int argc, char **argv); - - static void fail_exit (int status) - { -@@ -82,6 +94,77 @@ - exit (status); - } - -+/* -+ * usage - display usage message and exit -+ */ -+static void usage (void) -+{ -+ (void) fprintf (stderr, -+ _("Usage: grpconv [options]\n" -+ "\n" -+ "Options:\n"), -+ Prog); -+ (void) fputs (_(" -h, --help display this help message and exit\n"), stderr); -+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), stderr); -+ (void) fputs ("\n", stderr); -+ exit (E_USAGE); -+} -+ -+/* -+ * process_flags - perform command line argument setting -+ * -+ * process_flags() interprets the command line arguments and sets -+ * the values that the user will be created with accordingly. The -+ * values are checked for sanity. -+ */ -+static void process_flags (int argc, char **argv) -+{ -+ { -+ /* -+ * Parse the command line options. -+ */ -+ int c; -+ static struct option long_options[] = { -+ {"help", no_argument, NULL, 'h'}, -+ {"root", required_argument, NULL, 'R'}, -+ {NULL, 0, NULL, '\0'} -+ }; -+ while ((c = getopt_long (argc, argv, -+ "R:", -+ long_options, NULL)) != -1) { -+ switch (c) { -+ case 'h': -+ usage (); -+ break; -+ case 'R': -+ if ('/' != optarg[0]) { -+ fprintf (stderr, -+ _("%s: invalid chroot path '%s'\n"), -+ Prog, optarg); -+ exit (E_BAD_ARG); -+ } -+ newroot = optarg; -+ -+ if (access (newroot, F_OK) != 0) { -+ fprintf(stderr, -+ _("%s: chroot directory %s does not exist\n"), -+ Prog, newroot); -+ exit (E_BAD_ARG); -+ } -+ if ( chroot(newroot) != 0 ) { -+ fprintf(stderr, -+ _("%s: unable to chroot to directory %s\n"), -+ Prog, newroot); -+ exit (E_BAD_ARG); -+ } -+ break; -+ default: -+ usage (); -+ } -+ } -+ } -+} -+ - int main (int argc, char **argv) - { - const struct group *gr; -@@ -89,9 +172,6 @@ - const struct sgrp *sg; - struct sgrp sgent; - -- if (1 != argc) { -- (void) fputs (_("Usage: grpconv\n"), stderr); -- } - Prog = Basename (argv[0]); - - (void) setlocale (LC_ALL, ""); -@@ -100,6 +180,8 @@ - - OPENLOG ("grpconv"); - -+ process_flags (argc, argv); -+ - if (gr_lock () == 0) { - fprintf (stderr, - _("%s: cannot lock %s; try again later.\n"), -diff -urN shadow-4.1.4.3.orig//src/grpunconv.c shadow-4.1.4.3//src/grpunconv.c ---- shadow-4.1.4.3.orig//src/grpunconv.c 2011-09-29 12:00:45.213000091 +0100 -+++ shadow-4.1.4.3//src/grpunconv.c 2011-09-29 11:59:28.387000092 +0100 -@@ -43,6 +43,7 @@ - #include <stdlib.h> - #include <string.h> - #include <fcntl.h> -+#include <getopt.h> - #include <time.h> - #include <unistd.h> - #include <grp.h> -@@ -51,6 +52,14 @@ - #ifdef SHADOWGRP - #include "groupio.h" - #include "sgroupio.h" -+ -+/* -+ * exit status values -+ */ -+/*@-exitarg@*/ -+#define E_USAGE 2 /* invalid command syntax */ -+#define E_BAD_ARG 3 /* invalid argument to option */ -+ - /* - * Global variables - */ -@@ -58,9 +67,12 @@ - - static bool gr_locked = false; - static bool sgr_locked = false; -+static const char *newroot = ""; - - /* local function prototypes */ - static void fail_exit (int status); -+static void usage (void); -+static void process_flags (int argc, char **argv); - - static void fail_exit (int status) - { -@@ -83,6 +95,77 @@ - exit (status); - } - -+/* -+ * usage - display usage message and exit -+ */ -+static void usage (void) -+{ -+ (void) fprintf (stderr, -+ _("Usage: grpunconv [options]\n" -+ "\n" -+ "Options:\n"), -+ Prog); -+ (void) fputs (_(" -h, --help display this help message and exit\n"), stderr); -+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), stderr); -+ (void) fputs ("\n", stderr); -+ exit (E_USAGE); -+} -+ -+/* -+ * process_flags - perform command line argument setting -+ * -+ * process_flags() interprets the command line arguments and sets -+ * the values that the user will be created with accordingly. The -+ * values are checked for sanity. -+ */ -+static void process_flags (int argc, char **argv) -+{ -+ { -+ /* -+ * Parse the command line options. -+ */ -+ int c; -+ static struct option long_options[] = { -+ {"help", no_argument, NULL, 'h'}, -+ {"root", required_argument, NULL, 'R'}, -+ {NULL, 0, NULL, '\0'} -+ }; -+ while ((c = getopt_long (argc, argv, -+ "R:", -+ long_options, NULL)) != -1) { -+ switch (c) { -+ case 'h': -+ usage (); -+ break; -+ case 'R': -+ if ('/' != optarg[0]) { -+ fprintf (stderr, -+ _("%s: invalid chroot path '%s'\n"), -+ Prog, optarg); -+ exit (E_BAD_ARG); -+ } -+ newroot = optarg; -+ -+ if (access (newroot, F_OK) != 0) { -+ fprintf(stderr, -+ _("%s: chroot directory %s does not exist\n"), -+ Prog, newroot); -+ exit (E_BAD_ARG); -+ } -+ if ( chroot(newroot) != 0 ) { -+ fprintf(stderr, -+ _("%s: unable to chroot to directory %s\n"), -+ Prog, newroot); -+ exit (E_BAD_ARG); -+ } -+ break; -+ default: -+ usage (); -+ } -+ } -+ } -+} -+ - int main (int argc, char **argv) - { - const struct group *gr; -@@ -100,6 +183,8 @@ - - OPENLOG ("grpunconv"); - -+ process_flags (argc, argv); -+ - if (sgr_file_present () == 0) { - exit (0); /* no /etc/gshadow, nothing to do */ - } -diff -urN shadow-4.1.4.3.orig//src/passwd.c shadow-4.1.4.3//src/passwd.c ---- shadow-4.1.4.3.orig//src/passwd.c 2011-09-29 12:00:45.214000091 +0100 -+++ shadow-4.1.4.3//src/passwd.c 2011-09-29 11:59:28.388000092 +0100 -@@ -75,6 +75,7 @@ - static char *name; /* The name of user whose password is being changed */ - static char *myname; /* The current user's name */ - static bool amroot; /* The caller's real UID was 0 */ -+static const char *newroot = ""; - - static bool - aflg = false, /* -a - show status for all users */ -@@ -174,6 +175,7 @@ - " -n, --mindays MIN_DAYS set minimum number of days before password\n" - " change to MIN_DAYS\n" - " -q, --quiet quiet mode\n" -+ " -R, --root CHROOT_DIR directory to chroot into\n" - " -r, --repository REPOSITORY change password in REPOSITORY repository\n" - " -S, --status report password status on the named account\n" - " -u, --unlock unlock the password of the named account\n" -@@ -803,6 +805,7 @@ - {"lock", no_argument, NULL, 'l'}, - {"mindays", required_argument, NULL, 'n'}, - {"quiet", no_argument, NULL, 'q'}, -+ {"root", required_argument, NULL, 'R'}, - {"repository", required_argument, NULL, 'r'}, - {"status", no_argument, NULL, 'S'}, - {"unlock", no_argument, NULL, 'u'}, -@@ -811,7 +814,7 @@ - {NULL, 0, NULL, '\0'} - }; - -- while ((c = getopt_long (argc, argv, "adei:kln:qr:Suw:x:", -+ while ((c = getopt_long (argc, argv, "adei:kln:qR:r:Suw:x:", - long_options, &option_index)) != -1) { - switch (c) { - case 'a': -@@ -858,6 +861,28 @@ - case 'q': - qflg = true; /* ok for users */ - break; -+ case 'R': -+ if ('/' != optarg[0]) { -+ fprintf (stderr, -+ _("%s: invalid chroot path '%s'\n"), -+ Prog, optarg); -+ exit (E_BAD_ARG); -+ } -+ newroot = optarg; -+ -+ if (access (newroot, F_OK) != 0) { -+ fprintf(stderr, -+ _("%s: chroot directory %s does not exist\n"), -+ Prog, newroot); -+ exit (E_BAD_ARG); -+ } -+ if ( chroot(newroot) != 0 ) { -+ fprintf(stderr, -+ _("%s: unable to chroot to directory %s\n"), -+ Prog, newroot); -+ exit (E_BAD_ARG); -+ } -+ break; - case 'r': - /* -r repository (files|nis|nisplus) */ - /* only "files" supported for now */ -diff -urN shadow-4.1.4.3.orig//src/pwconv.c shadow-4.1.4.3//src/pwconv.c ---- shadow-4.1.4.3.orig//src/pwconv.c 2011-09-29 12:00:45.214000091 +0100 -+++ shadow-4.1.4.3//src/pwconv.c 2011-09-29 11:59:28.388000092 +0100 -@@ -59,6 +59,7 @@ - - #include <errno.h> - #include <fcntl.h> -+#include <getopt.h> - #include <pwd.h> - #include <stdio.h> - #include <stdlib.h> -@@ -79,6 +80,7 @@ - #define E_SUCCESS 0 /* success */ - #define E_NOPERM 1 /* permission denied */ - #define E_USAGE 2 /* invalid command syntax */ -+#define E_BAD_ARG 3 /* invalid argument to option */ - #define E_FAILURE 3 /* unexpected failure, nothing done */ - #define E_MISSING 4 /* unexpected failure, passwd file missing */ - #define E_PWDBUSY 5 /* passwd file(s) busy */ -@@ -90,9 +92,12 @@ - - static bool spw_locked = false; - static bool pw_locked = false; -+static const char *newroot = ""; - |