[PATCH 0/1] Fix for "useradd --root"

Openembedded Core Discussions
 help / color / mirror / Atom feed

* [PATCH 0/1] Fix for "useradd --root"
@ 2014-09-12 15:04 Peter Kjellerstedt
  2014-09-12 15:05 ` [PATCH 1/1] shadow: Make useradd work correctly with --root again Peter Kjellerstedt
  0 siblings, 1 reply; 2+ messages in thread
From: Peter Kjellerstedt @ 2014-09-12 15:04 UTC (permalink / raw)
  To: openembedded-core

This fixes a problem with useradd where it used the /etc/login.defs
file from my host system rather than the one provided by Poky. The
patch has been reported to the pkg-shadow-devel mailing list as well.

//Peter

The following changes since commit 429802fe6691c8a70ec9735c0db4c6a4e1e1b038:

  classes/populate_sdk_base: enable adding custom commands to SDK install script (2014-09-11 18:02:55 +0100)

are available in the git repository at:

  git://git.yoctoproject.org/poky-contrib pkj/shadow
  http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=pkj/shadow

Peter Kjellerstedt (1):
  shadow: Make useradd work correctly with --root again

 ...o-not-read-login.defs-before-doing-chroot.patch | 46 ++++++++++++++++++++++
 meta/recipes-extended/shadow/shadow.inc            |  1 +
 2 files changed, 47 insertions(+)
 create mode 100644 meta/recipes-extended/shadow/files/0001-Do-not-read-login.defs-before-doing-chroot.patch

-- 
1.9.0



^ permalink raw reply	[flat|nested] 2+ messages in thread

* [PATCH 1/1] shadow: Make useradd work correctly with --root again
  2014-09-12 15:04 [PATCH 0/1] Fix for "useradd --root" Peter Kjellerstedt
@ 2014-09-12 15:05 ` Peter Kjellerstedt
  0 siblings, 0 replies; 2+ messages in thread
From: Peter Kjellerstedt @ 2014-09-12 15:05 UTC (permalink / raw)
  To: openembedded-core

Even if useradd --root <root> is used it would still read login.defs
before doing the chroot() and thus use the one provided by the host
rather than the sysroot.

Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
---
 ...o-not-read-login.defs-before-doing-chroot.patch | 46 ++++++++++++++++++++++
 meta/recipes-extended/shadow/shadow.inc            |  1 +
 2 files changed, 47 insertions(+)
 create mode 100644 meta/recipes-extended/shadow/files/0001-Do-not-read-login.defs-before-doing-chroot.patch

diff --git a/meta/recipes-extended/shadow/files/0001-Do-not-read-login.defs-before-doing-chroot.patch b/meta/recipes-extended/shadow/files/0001-Do-not-read-login.defs-before-doing-chroot.patch
new file mode 100644
index 0000000..828b95a
--- /dev/null
+++ b/meta/recipes-extended/shadow/files/0001-Do-not-read-login.defs-before-doing-chroot.patch
@@ -0,0 +1,46 @@
+From 170c25c8e0b5c3dc2615d1db94c8d24a13ff99bf Mon Sep 17 00:00:00 2001
+From: Peter Kjellerstedt <pkj@axis.com>
+Date: Thu, 11 Sep 2014 15:11:23 +0200
+Subject: [PATCH] Do not read login.defs before doing chroot()
+
+If "useradd --root <root> ..." was used, the login.defs file would still
+be read from /etc/login.defs instead of <root>/etc/login.defs. This was
+due to getdef_ulong() being called before process_root_flag().
+
+Upstream-Status: Submitted [http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/2014-September/010446.html]
+
+Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
+---
+ src/useradd.c | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/src/useradd.c b/src/useradd.c
+index a8a1f76..e1ebf50 100644
+--- a/src/useradd.c
++++ b/src/useradd.c
+@@ -1993,9 +1993,11 @@ int main (int argc, char **argv)
+ #endif				/* USE_PAM */
+ #endif				/* ACCT_TOOLS_SETUID */
+ 
++#ifdef ENABLE_SUBIDS
+ 	/* Needed for userns check */
+-	uid_t uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL);
+-	uid_t uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL);
++	uid_t uid_min;
++	uid_t uid_max;
++#endif
+ 
+ 	/*
+ 	 * Get my name so that I can use it to report errors.
+@@ -2026,6 +2028,8 @@ int main (int argc, char **argv)
+ 	is_shadow_grp = sgr_file_present ();
+ #endif
+ #ifdef ENABLE_SUBIDS
++	uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL);
++	uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL);
+ 	is_sub_uid = sub_uid_file_present () && !rflg &&
+ 	    (!user_id || (user_id <= uid_max && user_id >= uid_min));
+ 	is_sub_gid = sub_gid_file_present () && !rflg &&
+-- 
+1.9.0
+
diff --git a/meta/recipes-extended/shadow/shadow.inc b/meta/recipes-extended/shadow/shadow.inc
index 84d1f86..6a769df 100644
--- a/meta/recipes-extended/shadow/shadow.inc
+++ b/meta/recipes-extended/shadow/shadow.inc
@@ -15,6 +15,7 @@ SRC_URI = "http://pkg-shadow.alioth.debian.org/releases/${BPN}-${PV}.tar.xz \
            file://usermod-fix-compilation-failure-with-subids-disabled.patch \
            file://fix-installation-failure-with-subids-disabled.patch \
            file://0001-su.c-fix-to-exec-command-correctly.patch \
+           file://0001-Do-not-read-login.defs-before-doing-chroot.patch \
            ${@bb.utils.contains('PACKAGECONFIG', 'pam', '${PAM_SRC_URI}', '', d)} \
            "
 
-- 
1.9.0



^ permalink raw reply related	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2014-09-12 15:05 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-09-12 15:04 [PATCH 0/1] Fix for "useradd --root" Peter Kjellerstedt
2014-09-12 15:05 ` [PATCH 1/1] shadow: Make useradd work correctly with --root again Peter Kjellerstedt

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox