summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorScott Garman <scott.a.garman@intel.com>2011-06-28 15:15:39 -0700
committerRichard Purdie <richard.purdie@linuxfoundation.org>2011-06-30 20:56:18 +0100
commit7d4099a964ec79b1ac4cf5348cf9f4221c3d4908 (patch)
tree725e103d62ecbb749a87e762b0d927ddb2d78404
parentfd383ab8e0a8cc8098f557ffcb097190a495c45e (diff)
downloadopenembedded-core-7d4099a964ec79b1ac4cf5348cf9f4221c3d4908.tar.gz
openembedded-core-7d4099a964ec79b1ac4cf5348cf9f4221c3d4908.tar.bz2
openembedded-core-7d4099a964ec79b1ac4cf5348cf9f4221c3d4908.tar.xz
openembedded-core-7d4099a964ec79b1ac4cf5348cf9f4221c3d4908.zip
shadow-native: fix creation of home directories
Pseudo was recently changed so that when system() calls are made after a chroot(), the host binaries can no longer be found, breaking the system("mkdir -p") approach when useradd creates home directories. Instead, use mkdir(2) to create home directories with a helper function to ensure parent directories get created. Signed-off-by: Scott Garman <scott.a.garman@intel.com>
-rw-r--r--meta/recipes-extended/shadow/files/add_root_cmd_options.patch125
1 files changed, 98 insertions, 27 deletions
diff --git a/meta/recipes-extended/shadow/files/add_root_cmd_options.patch b/meta/recipes-extended/shadow/files/add_root_cmd_options.patch
index db969bbb6..c5f2bec56 100644
--- a/meta/recipes-extended/shadow/files/add_root_cmd_options.patch
+++ b/meta/recipes-extended/shadow/files/add_root_cmd_options.patch
@@ -27,7 +27,7 @@ Signed-off-by: Scott Garman <scott.a.garman@intel.com>
diff -urN shadow-4.1.4.3.orig//src/gpasswd.c shadow-4.1.4.3//src/gpasswd.c
--- shadow-4.1.4.3.orig//src/gpasswd.c 2011-02-13 09:58:16.000000000 -0800
-+++ shadow-4.1.4.3//src/gpasswd.c 2011-05-28 17:09:52.346013331 -0700
++++ shadow-4.1.4.3//src/gpasswd.c 2011-06-28 15:12:03.539504372 -0700
@@ -63,6 +63,7 @@
* (/etc/gshadow present) */
static bool is_shadowgrp;
@@ -146,7 +146,7 @@ diff -urN shadow-4.1.4.3.orig//src/gpasswd.c shadow-4.1.4.3//src/gpasswd.c
#endif
diff -urN shadow-4.1.4.3.orig//src/groupadd.c shadow-4.1.4.3//src/groupadd.c
--- shadow-4.1.4.3.orig//src/groupadd.c 2011-02-13 09:58:16.000000000 -0800
-+++ shadow-4.1.4.3//src/groupadd.c 2011-05-28 17:09:52.346013331 -0700
++++ shadow-4.1.4.3//src/groupadd.c 2011-06-28 15:12:03.539504372 -0700
@@ -76,6 +76,7 @@
static gid_t group_id;
static /*@null@*/char *group_passwd;
@@ -209,7 +209,7 @@ diff -urN shadow-4.1.4.3.orig//src/groupadd.c shadow-4.1.4.3//src/groupadd.c
break;
diff -urN shadow-4.1.4.3.orig//src/groupdel.c shadow-4.1.4.3//src/groupdel.c
--- shadow-4.1.4.3.orig//src/groupdel.c 2011-02-13 09:58:16.000000000 -0800
-+++ shadow-4.1.4.3//src/groupdel.c 2011-05-28 17:09:52.346013331 -0700
++++ shadow-4.1.4.3//src/groupdel.c 2011-06-28 15:12:03.539504372 -0700
@@ -36,6 +36,7 @@
#include <ctype.h>
@@ -341,7 +341,7 @@ diff -urN shadow-4.1.4.3.orig//src/groupdel.c shadow-4.1.4.3//src/groupdel.c
{
diff -urN shadow-4.1.4.3.orig//src/groupmod.c shadow-4.1.4.3//src/groupmod.c
--- shadow-4.1.4.3.orig//src/groupmod.c 2011-02-13 09:58:16.000000000 -0800
-+++ shadow-4.1.4.3//src/groupmod.c 2011-05-28 17:09:52.346013331 -0700
++++ shadow-4.1.4.3//src/groupmod.c 2011-06-28 15:12:03.539504372 -0700
@@ -79,6 +79,7 @@
static char *group_passwd;
static gid_t group_id;
@@ -402,7 +402,7 @@ diff -urN shadow-4.1.4.3.orig//src/groupmod.c shadow-4.1.4.3//src/groupmod.c
}
diff -urN shadow-4.1.4.3.orig//src/grpconv.c shadow-4.1.4.3//src/grpconv.c
--- shadow-4.1.4.3.orig//src/grpconv.c 2011-02-13 09:58:16.000000000 -0800
-+++ shadow-4.1.4.3//src/grpconv.c 2011-05-28 17:09:52.346013331 -0700
++++ shadow-4.1.4.3//src/grpconv.c 2011-06-28 15:12:03.539504372 -0700
@@ -39,6 +39,7 @@
#include <errno.h>
@@ -528,7 +528,7 @@ diff -urN shadow-4.1.4.3.orig//src/grpconv.c shadow-4.1.4.3//src/grpconv.c
_("%s: cannot lock %s; try again later.\n"),
diff -urN shadow-4.1.4.3.orig//src/grpunconv.c shadow-4.1.4.3//src/grpunconv.c
--- shadow-4.1.4.3.orig//src/grpunconv.c 2011-02-13 09:58:16.000000000 -0800
-+++ shadow-4.1.4.3//src/grpunconv.c 2011-05-28 17:09:52.346013331 -0700
++++ shadow-4.1.4.3//src/grpunconv.c 2011-06-28 15:12:03.539504372 -0700
@@ -43,6 +43,7 @@
#include <stdlib.h>
#include <string.h>
@@ -654,7 +654,7 @@ diff -urN shadow-4.1.4.3.orig//src/grpunconv.c shadow-4.1.4.3//src/grpunconv.c
}
diff -urN shadow-4.1.4.3.orig//src/passwd.c shadow-4.1.4.3//src/passwd.c
--- shadow-4.1.4.3.orig//src/passwd.c 2011-02-13 09:58:16.000000000 -0800
-+++ shadow-4.1.4.3//src/passwd.c 2011-05-28 17:09:52.346013331 -0700
++++ shadow-4.1.4.3//src/passwd.c 2011-06-28 15:12:03.539504372 -0700
@@ -75,6 +75,7 @@
static char *name; /* The name of user whose password is being changed */
static char *myname; /* The current user's name */
@@ -719,7 +719,7 @@ diff -urN shadow-4.1.4.3.orig//src/passwd.c shadow-4.1.4.3//src/passwd.c
/* only "files" supported for now */
diff -urN shadow-4.1.4.3.orig//src/pwconv.c shadow-4.1.4.3//src/pwconv.c
--- shadow-4.1.4.3.orig//src/pwconv.c 2011-02-13 09:58:16.000000000 -0800
-+++ shadow-4.1.4.3//src/pwconv.c 2011-05-28 17:09:52.346013331 -0700
++++ shadow-4.1.4.3//src/pwconv.c 2011-06-28 15:12:03.539504372 -0700
@@ -59,6 +59,7 @@
#include <errno.h>
@@ -848,7 +848,7 @@ diff -urN shadow-4.1.4.3.orig//src/pwconv.c shadow-4.1.4.3//src/pwconv.c
_("%s: cannot lock %s; try again later.\n"),
diff -urN shadow-4.1.4.3.orig//src/pwunconv.c shadow-4.1.4.3//src/pwunconv.c
--- shadow-4.1.4.3.orig//src/pwunconv.c 2011-02-13 09:58:16.000000000 -0800
-+++ shadow-4.1.4.3//src/pwunconv.c 2011-05-28 17:09:52.356013600 -0700
++++ shadow-4.1.4.3//src/pwunconv.c 2011-06-28 15:12:03.539504372 -0700
@@ -35,6 +35,7 @@
#ident "$Id: pwunconv.c 2852 2009-04-30 21:44:35Z nekral-guest $"
@@ -970,7 +970,7 @@ diff -urN shadow-4.1.4.3.orig//src/pwunconv.c shadow-4.1.4.3//src/pwunconv.c
exit (0);
diff -urN shadow-4.1.4.3.orig//src/useradd.c shadow-4.1.4.3//src/useradd.c
--- shadow-4.1.4.3.orig//src/useradd.c 2011-02-13 09:58:16.000000000 -0800
-+++ shadow-4.1.4.3//src/useradd.c 2011-05-28 17:10:25.446909971 -0700
++++ shadow-4.1.4.3//src/useradd.c 2011-06-28 15:12:14.608787030 -0700
@@ -112,6 +112,7 @@
#ifdef WITH_SELINUX
static const char *user_selinux = "";
@@ -1085,26 +1085,97 @@ diff -urN shadow-4.1.4.3.orig//src/useradd.c shadow-4.1.4.3//src/useradd.c
case 'r':
rflg = true;
break;
-@@ -1748,8 +1808,16 @@
+@@ -1735,6 +1795,36 @@
+ }
+ }
+ #endif
++
++/*
++ * mkdir_p - create directories, including parent directories when needed
++ *
++ * similar to mkdir -p
++ */
++void mkdir_p(const char *path) {
++ int len = strlen(path);
++ char newdir[len + 1];
++ mode_t mode = 0755;
++ int i = 0;
++
++ if (path[i] == '\0') {
++ return;
++ }
++
++ /* skip the leading '/' */
++ i++;
++
++ while(path[i] != '\0') {
++ if (path[i] == '/') {
++ strncpy(newdir, path, i);
++ newdir[i] = '\0';
++ mkdir(newdir, mode);
++ }
++ i++;
++ }
++ mkdir(path, mode);
++}
++
+ /*
+ * create_home - create the user's home directory
+ *
+@@ -1748,34 +1838,31 @@
#ifdef WITH_SELINUX
selinux_file_context (user_home);
#endif
- /* XXX - create missing parent directories. --marekm */
- if (mkdir (user_home, 0) != 0) {
-+ /* shell out to invoke mkdir -p
-+ * creating a subshell under pseudo's chroot() breaks the jail
-+ * (bug in pseudo), so make sure we include the full host path
-+ * to the sysroot when the --root option is in use.
-+ */
-+ int sysroot_path_len = strlen(newroot);
-+ int home_path_len = strlen(user_home);
-+ char cmd[sysroot_path_len + home_path_len + 10];
-+ sprintf(cmd, "mkdir -p %s%s", newroot, user_home);
-+ if (system (cmd) != 0) {
- fprintf (stderr,
- _("%s: cannot create directory %s\n"),
- Prog, user_home);
-@@ -1861,6 +1929,7 @@
+- fprintf (stderr,
+- _("%s: cannot create directory %s\n"),
+- Prog, user_home);
+-#ifdef WITH_AUDIT
+- audit_logger (AUDIT_ADD_USER, Prog,
+- "adding home directory",
+- user_name, (unsigned int) user_id,
+- SHADOW_AUDIT_FAILURE);
+-#endif
+- fail_exit (E_HOMEDIR);
+- }
+- chown (user_home, user_id, user_gid);
+- chmod (user_home,
+- 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
+- home_added = true;
++ mkdir_p(user_home);
++ }
++ if (access (user_home, F_OK) != 0) {
+ #ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding home directory",
+ user_name, (unsigned int) user_id,
+- SHADOW_AUDIT_SUCCESS);
++ SHADOW_AUDIT_FAILURE);
++#endif
++ fail_exit (E_HOMEDIR);
++ }
++ chown (user_home, user_id, user_gid);
++ chmod (user_home,
++ 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
++ home_added = true;
++#ifdef WITH_AUDIT
++ audit_logger (AUDIT_ADD_USER, Prog,
++ "adding home directory",
++ user_name, (unsigned int) user_id,
++ SHADOW_AUDIT_SUCCESS);
+ #endif
+ #ifdef WITH_SELINUX
+- /* Reset SELinux to create files with default contexts */
+- setfscreatecon (NULL);
++ /* Reset SELinux to create files with default contexts */
++ setfscreatecon (NULL);
+ #endif
+- }
+ }
+
+ /*
+@@ -1861,6 +1948,7 @@
*/
user_groups[0] = (char *) 0;
@@ -1114,7 +1185,7 @@ diff -urN shadow-4.1.4.3.orig//src/useradd.c shadow-4.1.4.3//src/useradd.c
#ifdef SHADOWGRP
diff -urN shadow-4.1.4.3.orig//src/userdel.c shadow-4.1.4.3//src/userdel.c
--- shadow-4.1.4.3.orig//src/userdel.c 2011-02-13 09:58:16.000000000 -0800
-+++ shadow-4.1.4.3//src/userdel.c 2011-05-28 17:09:52.356013600 -0700
++++ shadow-4.1.4.3//src/userdel.c 2011-06-28 15:12:03.549503721 -0700
@@ -79,6 +79,7 @@
static char *user_name;
static uid_t user_id;
@@ -1169,7 +1240,7 @@ diff -urN shadow-4.1.4.3.orig//src/userdel.c shadow-4.1.4.3//src/userdel.c
break;
diff -urN shadow-4.1.4.3.orig//src/usermod.c shadow-4.1.4.3//src/usermod.c
--- shadow-4.1.4.3.orig//src/usermod.c 2011-02-13 09:58:16.000000000 -0800
-+++ shadow-4.1.4.3//src/usermod.c 2011-05-28 17:09:52.356013600 -0700
++++ shadow-4.1.4.3//src/usermod.c 2011-06-28 15:12:03.549503721 -0700
@@ -110,6 +110,7 @@
static long user_newinactive;
static long sys_ngroups;