The copy of extended attributes is interesting for Smack systems because it allows to set the security template of the user's home directories without modifying the tools (useradd here). But the version of useradd that copies the extended attributes doesn't copy the extended attributes of the root. This can make use of homes impossible! This patch corrects the issue by copying the extended attributes of the root directory: /home/user will get the extended attributes of /etc/skel. The patch is submitted upstream (see http://lists.alioth.debian.org/pipermail/pkg-shadow-commits/2017-March/003804.html) The existing patch specific to open-embedded is updated: 0001-useradd.c-create-parent-directories-when-necessary.patch Also, attr are activated for native tools. This is needed when users are created during image creation. (From OE-Core rev: eed66e85af5ca6bbdd80cc3d5cf8453e8d8880bc) Signed-off-by: José Bollo <jose.bollo@iot.bzh> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
116 lines
2.8 KiB
Diff
116 lines
2.8 KiB
Diff
Upstream-Status: Inappropriate [OE specific]
|
|
|
|
Subject: useradd.c: create parent directories when necessary
|
|
|
|
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
|
|
---
|
|
src/useradd.c | 72 +++++++++++++++++++++++++++++++++++++++------------------
|
|
1 file changed, 49 insertions(+), 23 deletions(-)
|
|
|
|
diff --git a/src/useradd.c b/src/useradd.c
|
|
index 4bd969d..cb5dd6c 100644
|
|
--- a/src/useradd.c
|
|
+++ b/src/useradd.c
|
|
@@ -1896,6 +1896,35 @@ static void usr_update (void)
|
|
}
|
|
|
|
/*
|
|
+ * mkdir_p - create directories, including parent directories when needed
|
|
+ *
|
|
+ * similar to `mkdir -p'
|
|
+ */
|
|
+void mkdir_p(const char *path) {
|
|
+ int len = strlen(path);
|
|
+ char newdir[len + 1];
|
|
+ mode_t mode = 0755;
|
|
+ int i = 0;
|
|
+
|
|
+ if (path[i] == '\0') {
|
|
+ return;
|
|
+ }
|
|
+
|
|
+ /* skip the leading '/' */
|
|
+ i++;
|
|
+
|
|
+ while(path[i] != '\0') {
|
|
+ if (path[i] == '/') {
|
|
+ strncpy(newdir, path, i);
|
|
+ newdir[i] = '\0';
|
|
+ mkdir(newdir, mode);
|
|
+ }
|
|
+ i++;
|
|
+ }
|
|
+ mkdir(path, mode);
|
|
+}
|
|
+
|
|
+/*
|
|
* create_home - create the user's home directory
|
|
*
|
|
* create_home() creates the user's home directory if it does not
|
|
@@ -1910,39 +1939,36 @@ static void create_home (void)
|
|
fail_exit (E_HOMEDIR);
|
|
}
|
|
#endif
|
|
- /* XXX - create missing parent directories. --marekm */
|
|
- if (mkdir (user_home, 0) != 0) {
|
|
- fprintf (stderr,
|
|
- _("%s: cannot create directory %s\n"),
|
|
- Prog, user_home);
|
|
-#ifdef WITH_AUDIT
|
|
- audit_logger (AUDIT_ADD_USER, Prog,
|
|
- "adding home directory",
|
|
- user_name, (unsigned int) user_id,
|
|
- SHADOW_AUDIT_FAILURE);
|
|
-#endif
|
|
- fail_exit (E_HOMEDIR);
|
|
- }
|
|
- chown (user_home, user_id, user_gid);
|
|
- chmod (user_home,
|
|
- 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
|
|
-#ifdef WITH_ATTR
|
|
- attr_copy_file (def_template, user_home, NULL, NULL);
|
|
-#endif
|
|
- home_added = true;
|
|
+ mkdir_p(user_home);
|
|
+ }
|
|
+ if (access (user_home, F_OK) != 0) {
|
|
#ifdef WITH_AUDIT
|
|
audit_logger (AUDIT_ADD_USER, Prog,
|
|
"adding home directory",
|
|
user_name, (unsigned int) user_id,
|
|
- SHADOW_AUDIT_SUCCESS);
|
|
+ SHADOW_AUDIT_FAILURE);
|
|
#endif
|
|
-#ifdef WITH_SELINUX
|
|
- /* Reset SELinux to create files with default contexts */
|
|
- if (reset_selinux_file_context () != 0) {
|
|
- fail_exit (E_HOMEDIR);
|
|
- }
|
|
+ fail_exit (E_HOMEDIR);
|
|
+ }
|
|
+ chown (user_home, user_id, user_gid);
|
|
+ chmod (user_home,
|
|
+ 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
|
|
+#ifdef WITH_ATTR
|
|
+ attr_copy_file (def_template, user_home, NULL, NULL);
|
|
+#endif
|
|
+ home_added = true;
|
|
+#ifdef WITH_AUDIT
|
|
+ audit_logger (AUDIT_ADD_USER, Prog,
|
|
+ "adding home directory",
|
|
+ user_name, (unsigned int) user_id,
|
|
+ SHADOW_AUDIT_SUCCESS);
|
|
#endif
|
|
+#ifdef WITH_SELINUX
|
|
+ /* Reset SELinux to create files with default contexts */
|
|
+ if (reset_selinux_file_context () != 0) {
|
|
+ fail_exit (E_HOMEDIR);
|
|
}
|
|
+#endif
|
|
}
|
|
|
|
/*
|
|
--
|
|
1.7.9.5
|
|
|