[PATCH 0/1] Fix for "useradd --root"

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH 0/1] Fix for "useradd --root"
@ 2014-09-12 15:04 Peter Kjellerstedt
  2014-09-12 15:05 ` [PATCH 1/1] shadow: Make useradd work correctly with --root again Peter Kjellerstedt
  0 siblings, 1 reply; 2+ messages in thread
From: Peter Kjellerstedt @ 2014-09-12 15:04 UTC (permalink / raw)
  To: openembedded-core

This fixes a problem with useradd where it used the /etc/login.defs
file from my host system rather than the one provided by Poky. The
patch has been reported to the pkg-shadow-devel mailing list as well.

//Peter

The following changes since commit 429802fe6691c8a70ec9735c0db4c6a4e1e1b038:

  classes/populate_sdk_base: enable adding custom commands to SDK install script (2014-09-11 18:02:55 +0100)

are available in the git repository at:

  git://git.yoctoproject.org/poky-contrib pkj/shadow
  http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=pkj/shadow

Peter Kjellerstedt (1):
  shadow: Make useradd work correctly with --root again

 ...o-not-read-login.defs-before-doing-chroot.patch | 46 ++++++++++++++++++++++
 meta/recipes-extended/shadow/shadow.inc            |  1 +
 2 files changed, 47 insertions(+)
 create mode 100644 meta/recipes-extended/shadow/files/0001-Do-not-read-login.defs-before-doing-chroot.patch

-- 
1.9.0



^ permalink raw reply	[flat|nested] 2+ messages in thread

* [PATCH 1/1] shadow: Make useradd work correctly with --root again
  2014-09-12 15:04 [PATCH 0/1] Fix for "useradd --root" Peter Kjellerstedt
@ 2014-09-12 15:05 ` Peter Kjellerstedt
  0 siblings, 0 replies; 2+ messages in thread
From: Peter Kjellerstedt @ 2014-09-12 15:05 UTC (permalink / raw)
  To: openembedded-core

Even if useradd --root <root> is used it would still read login.defs
before doing the chroot() and thus use the one provided by the host
rather than the sysroot.

Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
---
 ...o-not-read-login.defs-before-doing-chroot.patch | 46 ++++++++++++++++++++++
 meta/recipes-extended/shadow/shadow.inc            |  1 +
 2 files changed, 47 insertions(+)
 create mode 100644 meta/recipes-extended/shadow/files/0001-Do-not-read-login.defs-before-doing-chroot.patch

diff --git a/meta/recipes-extended/shadow/files/0001-Do-not-read-login.defs-before-doing-chroot.patch b/meta/recipes-extended/shadow/files/0001-Do-not-read-login.defs-before-doing-chroot.patch
new file mode 100644
index 0000000..828b95a
--- /dev/null
+++ b/meta/recipes-extended/shadow/files/0001-Do-not-read-login.defs-before-doing-chroot.patch
@@ -0,0 +1,46 @@
+From 170c25c8e0b5c3dc2615d1db94c8d24a13ff99bf Mon Sep 17 00:00:00 2001
+From: Peter Kjellerstedt <pkj@axis.com>
+Date: Thu, 11 Sep 2014 15:11:23 +0200
+Subject: [PATCH] Do not read login.defs before doing chroot()
+
+If "useradd --root <root> ..." was used, the login.defs file would still
+be read from /etc/login.defs instead of <root>/etc/login.defs. This was
+due to getdef_ulong() being called before process_root_flag().
+
+Upstream-Status: Submitted [http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/2014-September/010446.html]
+
+Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
+---
+ src/useradd.c | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/src/useradd.c b/src/useradd.c
+index a8a1f76..e1ebf50 100644
+--- a/src/useradd.c
++++ b/src/useradd.c
+@@ -1993,9 +1993,11 @@ int main (int argc, char **argv)
+ #endif				/* USE_PAM */
+ #endif				/* ACCT_TOOLS_SETUID */
+ 
++#ifdef ENABLE_SUBIDS
+ 	/* Needed for userns check */
+-	uid_t uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL);
+-	uid_t uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL);
++	uid_t uid_min;
++	uid_t uid_max;
++#endif
+ 
+ 	/*
+ 	 * Get my name so that I can use it to report errors.
+@@ -2026,6 +2028,8 @@ int main (int argc, char **argv)
+ 	is_shadow_grp = sgr_file_present ();
+ #endif
+ #ifdef ENABLE_SUBIDS
++	uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL);
++	uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL);
+ 	is_sub_uid = sub_uid_file_present () && !rflg &&
+ 	    (!user_id || (user_id <= uid_max && user_id >= uid_min));
+ 	is_sub_gid = sub_gid_file_present () && !rflg &&
+-- 
+1.9.0
+
diff --git a/meta/recipes-extended/shadow/shadow.inc b/meta/recipes-extended/shadow/shadow.inc
index 84d1f86..6a769df 100644
--- a/meta/recipes-extended/shadow/shadow.inc
+++ b/meta/recipes-extended/shadow/shadow.inc
@@ -15,6 +15,7 @@ SRC_URI = "http://pkg-shadow.alioth.debian.org/releases/${BPN}-${PV}.tar.xz \
            file://usermod-fix-compilation-failure-with-subids-disabled.patch \
            file://fix-installation-failure-with-subids-disabled.patch \
            file://0001-su.c-fix-to-exec-command-correctly.patch \
+           file://0001-Do-not-read-login.defs-before-doing-chroot.patch \
            ${@bb.utils.contains('PACKAGECONFIG', 'pam', '${PAM_SRC_URI}', '', d)} \
            "
 
-- 
1.9.0



^ permalink raw reply related	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2014-09-12 15:05 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-09-12 15:04 [PATCH 0/1] Fix for "useradd --root" Peter Kjellerstedt
2014-09-12 15:05 ` [PATCH 1/1] shadow: Make useradd work correctly with --root again Peter Kjellerstedt

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.