shadow-native: fix creation of home directories
Pseudo was recently changed so that when system() calls are made after a chroot(), the host binaries can no longer be found, breaking the system("mkdir -p") approach when useradd creates home directories. Instead, use mkdir(2) to create home directories with a helper function to ensure parent directories get created. (From OE-Core rev: 7d4099a964ec79b1ac4cf5348cf9f4221c3d4908) Signed-off-by: Scott Garman <scott.a.garman@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
parent
b2a047d8db
commit
5c7d37c51c
|
@ -27,7 +27,7 @@ Signed-off-by: Scott Garman <scott.a.garman@intel.com>
|
|||
|
||||
diff -urN shadow-4.1.4.3.orig//src/gpasswd.c shadow-4.1.4.3//src/gpasswd.c
|
||||
--- shadow-4.1.4.3.orig//src/gpasswd.c 2011-02-13 09:58:16.000000000 -0800
|
||||
+++ shadow-4.1.4.3//src/gpasswd.c 2011-05-28 17:09:52.346013331 -0700
|
||||
+++ shadow-4.1.4.3//src/gpasswd.c 2011-06-28 15:12:03.539504372 -0700
|
||||
@@ -63,6 +63,7 @@
|
||||
* (/etc/gshadow present) */
|
||||
static bool is_shadowgrp;
|
||||
|
@ -146,7 +146,7 @@ diff -urN shadow-4.1.4.3.orig//src/gpasswd.c shadow-4.1.4.3//src/gpasswd.c
|
|||
#endif
|
||||
diff -urN shadow-4.1.4.3.orig//src/groupadd.c shadow-4.1.4.3//src/groupadd.c
|
||||
--- shadow-4.1.4.3.orig//src/groupadd.c 2011-02-13 09:58:16.000000000 -0800
|
||||
+++ shadow-4.1.4.3//src/groupadd.c 2011-05-28 17:09:52.346013331 -0700
|
||||
+++ shadow-4.1.4.3//src/groupadd.c 2011-06-28 15:12:03.539504372 -0700
|
||||
@@ -76,6 +76,7 @@
|
||||
static gid_t group_id;
|
||||
static /*@null@*/char *group_passwd;
|
||||
|
@ -209,7 +209,7 @@ diff -urN shadow-4.1.4.3.orig//src/groupadd.c shadow-4.1.4.3//src/groupadd.c
|
|||
break;
|
||||
diff -urN shadow-4.1.4.3.orig//src/groupdel.c shadow-4.1.4.3//src/groupdel.c
|
||||
--- shadow-4.1.4.3.orig//src/groupdel.c 2011-02-13 09:58:16.000000000 -0800
|
||||
+++ shadow-4.1.4.3//src/groupdel.c 2011-05-28 17:09:52.346013331 -0700
|
||||
+++ shadow-4.1.4.3//src/groupdel.c 2011-06-28 15:12:03.539504372 -0700
|
||||
@@ -36,6 +36,7 @@
|
||||
|
||||
#include <ctype.h>
|
||||
|
@ -341,7 +341,7 @@ diff -urN shadow-4.1.4.3.orig//src/groupdel.c shadow-4.1.4.3//src/groupdel.c
|
|||
{
|
||||
diff -urN shadow-4.1.4.3.orig//src/groupmod.c shadow-4.1.4.3//src/groupmod.c
|
||||
--- shadow-4.1.4.3.orig//src/groupmod.c 2011-02-13 09:58:16.000000000 -0800
|
||||
+++ shadow-4.1.4.3//src/groupmod.c 2011-05-28 17:09:52.346013331 -0700
|
||||
+++ shadow-4.1.4.3//src/groupmod.c 2011-06-28 15:12:03.539504372 -0700
|
||||
@@ -79,6 +79,7 @@
|
||||
static char *group_passwd;
|
||||
static gid_t group_id;
|
||||
|
@ -402,7 +402,7 @@ diff -urN shadow-4.1.4.3.orig//src/groupmod.c shadow-4.1.4.3//src/groupmod.c
|
|||
}
|
||||
diff -urN shadow-4.1.4.3.orig//src/grpconv.c shadow-4.1.4.3//src/grpconv.c
|
||||
--- shadow-4.1.4.3.orig//src/grpconv.c 2011-02-13 09:58:16.000000000 -0800
|
||||
+++ shadow-4.1.4.3//src/grpconv.c 2011-05-28 17:09:52.346013331 -0700
|
||||
+++ shadow-4.1.4.3//src/grpconv.c 2011-06-28 15:12:03.539504372 -0700
|
||||
@@ -39,6 +39,7 @@
|
||||
|
||||
#include <errno.h>
|
||||
|
@ -528,7 +528,7 @@ diff -urN shadow-4.1.4.3.orig//src/grpconv.c shadow-4.1.4.3//src/grpconv.c
|
|||
_("%s: cannot lock %s; try again later.\n"),
|
||||
diff -urN shadow-4.1.4.3.orig//src/grpunconv.c shadow-4.1.4.3//src/grpunconv.c
|
||||
--- shadow-4.1.4.3.orig//src/grpunconv.c 2011-02-13 09:58:16.000000000 -0800
|
||||
+++ shadow-4.1.4.3//src/grpunconv.c 2011-05-28 17:09:52.346013331 -0700
|
||||
+++ shadow-4.1.4.3//src/grpunconv.c 2011-06-28 15:12:03.539504372 -0700
|
||||
@@ -43,6 +43,7 @@
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
@ -654,7 +654,7 @@ diff -urN shadow-4.1.4.3.orig//src/grpunconv.c shadow-4.1.4.3//src/grpunconv.c
|
|||
}
|
||||
diff -urN shadow-4.1.4.3.orig//src/passwd.c shadow-4.1.4.3//src/passwd.c
|
||||
--- shadow-4.1.4.3.orig//src/passwd.c 2011-02-13 09:58:16.000000000 -0800
|
||||
+++ shadow-4.1.4.3//src/passwd.c 2011-05-28 17:09:52.346013331 -0700
|
||||
+++ shadow-4.1.4.3//src/passwd.c 2011-06-28 15:12:03.539504372 -0700
|
||||
@@ -75,6 +75,7 @@
|
||||
static char *name; /* The name of user whose password is being changed */
|
||||
static char *myname; /* The current user's name */
|
||||
|
@ -719,7 +719,7 @@ diff -urN shadow-4.1.4.3.orig//src/passwd.c shadow-4.1.4.3//src/passwd.c
|
|||
/* only "files" supported for now */
|
||||
diff -urN shadow-4.1.4.3.orig//src/pwconv.c shadow-4.1.4.3//src/pwconv.c
|
||||
--- shadow-4.1.4.3.orig//src/pwconv.c 2011-02-13 09:58:16.000000000 -0800
|
||||
+++ shadow-4.1.4.3//src/pwconv.c 2011-05-28 17:09:52.346013331 -0700
|
||||
+++ shadow-4.1.4.3//src/pwconv.c 2011-06-28 15:12:03.539504372 -0700
|
||||
@@ -59,6 +59,7 @@
|
||||
|
||||
#include <errno.h>
|
||||
|
@ -848,7 +848,7 @@ diff -urN shadow-4.1.4.3.orig//src/pwconv.c shadow-4.1.4.3//src/pwconv.c
|
|||
_("%s: cannot lock %s; try again later.\n"),
|
||||
diff -urN shadow-4.1.4.3.orig//src/pwunconv.c shadow-4.1.4.3//src/pwunconv.c
|
||||
--- shadow-4.1.4.3.orig//src/pwunconv.c 2011-02-13 09:58:16.000000000 -0800
|
||||
+++ shadow-4.1.4.3//src/pwunconv.c 2011-05-28 17:09:52.356013600 -0700
|
||||
+++ shadow-4.1.4.3//src/pwunconv.c 2011-06-28 15:12:03.539504372 -0700
|
||||
@@ -35,6 +35,7 @@
|
||||
#ident "$Id: pwunconv.c 2852 2009-04-30 21:44:35Z nekral-guest $"
|
||||
|
||||
|
@ -970,7 +970,7 @@ diff -urN shadow-4.1.4.3.orig//src/pwunconv.c shadow-4.1.4.3//src/pwunconv.c
|
|||
exit (0);
|
||||
diff -urN shadow-4.1.4.3.orig//src/useradd.c shadow-4.1.4.3//src/useradd.c
|
||||
--- shadow-4.1.4.3.orig//src/useradd.c 2011-02-13 09:58:16.000000000 -0800
|
||||
+++ shadow-4.1.4.3//src/useradd.c 2011-05-28 17:10:25.446909971 -0700
|
||||
+++ shadow-4.1.4.3//src/useradd.c 2011-06-28 15:12:14.608787030 -0700
|
||||
@@ -112,6 +112,7 @@
|
||||
#ifdef WITH_SELINUX
|
||||
static const char *user_selinux = "";
|
||||
|
@ -1085,26 +1085,97 @@ diff -urN shadow-4.1.4.3.orig//src/useradd.c shadow-4.1.4.3//src/useradd.c
|
|||
case 'r':
|
||||
rflg = true;
|
||||
break;
|
||||
@@ -1748,8 +1808,16 @@
|
||||
@@ -1735,6 +1795,36 @@
|
||||
}
|
||||
}
|
||||
#endif
|
||||
+
|
||||
+/*
|
||||
+ * mkdir_p - create directories, including parent directories when needed
|
||||
+ *
|
||||
+ * similar to mkdir -p
|
||||
+ */
|
||||
+void mkdir_p(const char *path) {
|
||||
+ int len = strlen(path);
|
||||
+ char newdir[len + 1];
|
||||
+ mode_t mode = 0755;
|
||||
+ int i = 0;
|
||||
+
|
||||
+ if (path[i] == '\0') {
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ /* skip the leading '/' */
|
||||
+ i++;
|
||||
+
|
||||
+ while(path[i] != '\0') {
|
||||
+ if (path[i] == '/') {
|
||||
+ strncpy(newdir, path, i);
|
||||
+ newdir[i] = '\0';
|
||||
+ mkdir(newdir, mode);
|
||||
+ }
|
||||
+ i++;
|
||||
+ }
|
||||
+ mkdir(path, mode);
|
||||
+}
|
||||
+
|
||||
/*
|
||||
* create_home - create the user's home directory
|
||||
*
|
||||
@@ -1748,34 +1838,31 @@
|
||||
#ifdef WITH_SELINUX
|
||||
selinux_file_context (user_home);
|
||||
#endif
|
||||
- /* XXX - create missing parent directories. --marekm */
|
||||
- if (mkdir (user_home, 0) != 0) {
|
||||
+ /* shell out to invoke mkdir -p
|
||||
+ * creating a subshell under pseudo's chroot() breaks the jail
|
||||
+ * (bug in pseudo), so make sure we include the full host path
|
||||
+ * to the sysroot when the --root option is in use.
|
||||
+ */
|
||||
+ int sysroot_path_len = strlen(newroot);
|
||||
+ int home_path_len = strlen(user_home);
|
||||
+ char cmd[sysroot_path_len + home_path_len + 10];
|
||||
+ sprintf(cmd, "mkdir -p %s%s", newroot, user_home);
|
||||
+ if (system (cmd) != 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot create directory %s\n"),
|
||||
Prog, user_home);
|
||||
@@ -1861,6 +1929,7 @@
|
||||
- fprintf (stderr,
|
||||
- _("%s: cannot create directory %s\n"),
|
||||
- Prog, user_home);
|
||||
-#ifdef WITH_AUDIT
|
||||
- audit_logger (AUDIT_ADD_USER, Prog,
|
||||
- "adding home directory",
|
||||
- user_name, (unsigned int) user_id,
|
||||
- SHADOW_AUDIT_FAILURE);
|
||||
-#endif
|
||||
- fail_exit (E_HOMEDIR);
|
||||
- }
|
||||
- chown (user_home, user_id, user_gid);
|
||||
- chmod (user_home,
|
||||
- 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
|
||||
- home_added = true;
|
||||
+ mkdir_p(user_home);
|
||||
+ }
|
||||
+ if (access (user_home, F_OK) != 0) {
|
||||
#ifdef WITH_AUDIT
|
||||
audit_logger (AUDIT_ADD_USER, Prog,
|
||||
"adding home directory",
|
||||
user_name, (unsigned int) user_id,
|
||||
- SHADOW_AUDIT_SUCCESS);
|
||||
+ SHADOW_AUDIT_FAILURE);
|
||||
+#endif
|
||||
+ fail_exit (E_HOMEDIR);
|
||||
+ }
|
||||
+ chown (user_home, user_id, user_gid);
|
||||
+ chmod (user_home,
|
||||
+ 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
|
||||
+ home_added = true;
|
||||
+#ifdef WITH_AUDIT
|
||||
+ audit_logger (AUDIT_ADD_USER, Prog,
|
||||
+ "adding home directory",
|
||||
+ user_name, (unsigned int) user_id,
|
||||
+ SHADOW_AUDIT_SUCCESS);
|
||||
#endif
|
||||
#ifdef WITH_SELINUX
|
||||
- /* Reset SELinux to create files with default contexts */
|
||||
- setfscreatecon (NULL);
|
||||
+ /* Reset SELinux to create files with default contexts */
|
||||
+ setfscreatecon (NULL);
|
||||
#endif
|
||||
- }
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -1861,6 +1948,7 @@
|
||||
*/
|
||||
user_groups[0] = (char *) 0;
|
||||
|
||||
|
@ -1114,7 +1185,7 @@ diff -urN shadow-4.1.4.3.orig//src/useradd.c shadow-4.1.4.3//src/useradd.c
|
|||
#ifdef SHADOWGRP
|
||||
diff -urN shadow-4.1.4.3.orig//src/userdel.c shadow-4.1.4.3//src/userdel.c
|
||||
--- shadow-4.1.4.3.orig//src/userdel.c 2011-02-13 09:58:16.000000000 -0800
|
||||
+++ shadow-4.1.4.3//src/userdel.c 2011-05-28 17:09:52.356013600 -0700
|
||||
+++ shadow-4.1.4.3//src/userdel.c 2011-06-28 15:12:03.549503721 -0700
|
||||
@@ -79,6 +79,7 @@
|
||||
static char *user_name;
|
||||
static uid_t user_id;
|
||||
|
@ -1169,7 +1240,7 @@ diff -urN shadow-4.1.4.3.orig//src/userdel.c shadow-4.1.4.3//src/userdel.c
|
|||
break;
|
||||
diff -urN shadow-4.1.4.3.orig//src/usermod.c shadow-4.1.4.3//src/usermod.c
|
||||
--- shadow-4.1.4.3.orig//src/usermod.c 2011-02-13 09:58:16.000000000 -0800
|
||||
+++ shadow-4.1.4.3//src/usermod.c 2011-05-28 17:09:52.356013600 -0700
|
||||
+++ shadow-4.1.4.3//src/usermod.c 2011-06-28 15:12:03.549503721 -0700
|
||||
@@ -110,6 +110,7 @@
|
||||
static long user_newinactive;
|
||||
static long sys_ngroups;
|
||||
|
|
Loading…
Reference in New Issue