Recipe references 'login.defs' in LIC_FILES_CHKSUM. This causes some
problems:
- file does not contain a single word which is related with its license
- changing this file (here: increasing SYS_UID_MIN) invalidates
LIC_FILES_CHKSUM
Add 'SPDX-License-Identifier' to the file and limit the checksum to
this part.
(From OE-Core rev: c9ab17b51834bff96657712a6741eb3e3647b063)
Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8c6f2e3feeb26abefb4136c56db6f3c0349acefb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The fix of CVE-2023-29383.patch contains a bug that it rejects all
characters that are not control ones, so backup another patch named
"0001-Overhaul-valid_field.patch" from upstream to fix it.
(From OE-Core rev: ab48ab23de6f6bb1f05689c97724140d4bef8faa)
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This recently got an updated CPE which matches this recipe, but the issue
is related to an entirely different shadow project so ignore it.
(From OE-Core rev: d0b1f61eb1fadf44b2e4fba13b6a94140cf029db)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 2331e98abb09cbcd56625d65c4e5d258dc29dd04)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The libnss configuration file is only installed when glibc is used. The
inexistence of it on a musl-based rootfs, will make shadow complain
about it:
Failed opening /etc/nsswitch.conf
This is because shadow will try to use nsswich when dealing with
subordinate IDs and the message is just a warning as the tool will still
generate them correctly in subuid/subgid files.
We drop this log message for class native to avoid an error when rootfs
logs are checked ('Failed' will match the regex bitbake is using to
check for rootfs generation errors).
(From OE-Core rev: e5ce33228858fcc12051548399c71ce10346bf5b)
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
shadow utils are used when creating users at image creation time. The
useradd/usermod tools will only try to add a default configuration for
subid files if they exist.
(From OE-Core rev: 5cdc9c1809ef169b8af7ce3085f316d1e68eb7ec)
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
An attempt to disable the use of syslog() was made in commit 8f181686
(shadow-native: Simplify and fix syslog disable patch). However,
because the code checks if USE_SYSLOG is defined rather than checking
if it evaluates to TRUE the patch did not work as intended.
(From OE-Core rev: e1f21d0d3385f9d9f4316bf0039b287fd4b37fc8)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Shadow is happily spamming the host syslog with messages and shouldn't be
which suggests the patch isn't working. Redo it to work at the configure
level which is simpler and hopefully more effective.
(From OE-Core rev: 8f1816862b884f226c0ce7f5c89fd75b6791c007)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
License-Update: license clarified to BSD-3-Clause only
(From OE-Core rev: 79201206b5f7867ad7ffd462705f34179b33c0d7)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
0001-Fix-out-of-tree-builds-with-respect-to-libsubid-incl.patch
0001-libmisc-fix-default-value-in-SHA_get_salt_rounds.patch
0001-libsubid-link-to-PAM-libraries.patch
removed since they're included in 4.10
License-Update: Delete the space at the end of the sentence.
Changelog:
==========
* libsubid fixes
* Rename the test program list_subid_ranges to getsubids, write
a manpage, so distros can ship it. (Iker Pedrosa)
* Add libeconf dep for new*idmap
* Allow all group types with usermod -G
* Avoid useradd generating empty subid range
* Handle NULL pw_passwd
* Fix default value SHA_get_salt_rounds
* Use https where possible in README
* Update content and format of README
* Translation updates
* Switch from xml2po to itstool in 'make dist'
* Fix double frees
* Add LOG_INIT configurable to useradd
* Add CREATE_MAIL_SPOOL documentation
* Create a security.md
* Fix su never being SIGKILLd when trapping TERM
* Fix wrong SELinux labels in several possible cases
* Fix missing chmod in chadowtb_move
* Handle malformed hushlogins entries
* Fix groupdel segv when passwd does not exist
* Fix covscan-found newgrp segfault
* Remove trailing slash on hoedir
* Fix passwd -l message - it does not change expirey
* Fix SIGCHLD handling bugs in su and vipw
* Remove special case for "" in usermod
* Implement usermod -rG to remove a specific group
* call pam_end() after fork in child path for su and login
* useradd: In absence of /etc/passwd, assume 0 == root
* lib: check NULL before freeing data
* Fix pwck segfault
(From OE-Core rev: b7215993cf00f668d7e33b7fbc98fb4d8636edac)
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This recipe is just a single data file from shadow, but as we can't
easily tell what license that specific file is under just copy the full
license statement.
(From OE-Core rev: f0e2f3b1f855ea6e184bd1d8d796279fedcbfa33)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Make the license more accurate by specifying the specific variant of BSD
license instead of the generic one. This helps with SPDX license
attribution as "BSD" is not a valid SPDX license.
(From OE-Core rev: 65e3b23e1b266653fd30c90222e953f7e37fba0c)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The shadow 4.9 stops shiping /etc/default/useradd[1] and uses built-in
settings by default. Some settings are not consistent with previous
shadow 4.8.1 in oe-core. e.g. The default shell is /bin/bash rather than
/bin/sh. Per shadow 4.8.1 settings, add /etc/default/useradd back.
[1] bbf4b79bc4
(From OE-Core rev: 736d0b29c6246658a925ea9036ccfe6216d12837)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add PACKAGECONFIG for audit and selinux rather than disable them
directly. This is useful for selinux distro feature.
(From OE-Core rev: 0a0c6cfc5a17ed442aad9e71e627e0fa39e60ead)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a couple backports to fix builds.
Drop 0002-Allow-for-setting-password-in-clear-text.patch;
what it adds is horribly insecure and AB testing didn't reveal any
regressions or use cases for it.
Drop /etc/default/ tweaks as files are no longer installed there.
Drop manpage alternatives as manpages are no longer installed.
(From OE-Core rev: 759df7395908f18b3b68f28d043ac9ebd42dd0c8)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is the result of automated script conversion:
scripts/contrib/convert-overrides.py <oe-core directory>
converting the metadata to use ":" as the override character instead of "_".
(From OE-Core rev: 42344347be29f0997cc2f7636d9603b1fe1875ae)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
These can be provided by util-linux, so add alternative links for them.
(From OE-Core rev: 953a91bd258dcb825df3837635ce7561331c049e)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Added HOMEPAGE and DESCRIPTION for recipes with missing decriptions or homepage
[YOCTO #13471]
(From OE-Core rev: cc6c7af900ae0196a62b7fa1375c55bbcd8e68b4)
Signed-off-by: Dorinda Bassey <dorindabassey@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This CVE is about TOCTOU (time-of-check time-of-use)
race condition when copying and removing directory trees
which had very low severity problem and marked as closed
and won't fix. Therefore whitelisted CVE-2013-4235.
Master, gatesgarth and dunfell all have shadow version 4.81.
Hence, this is applicable for master, gatesgarth and dunfell.
Link: https://bugzilla.redhat.com/show_bug.cgi?id=884658
(From OE-Core rev: b1c6cd87bee6b019619dc5728fd6c36bc87ed696)
Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
lastlog needs logwtmp which musl does not provide
(From OE-Core rev: f2b826fe5384dde4aa52ce862cd3098acb4feea2)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When testing pseudo changes I realised these recipes have packaging tasks
but don't generate packages. Drop the packages tasks for cleanliness.
(From OE-Core rev: ef9c11797b5d626bdb40b4509d8b2b0d461ff9ea)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This recipe only fetches local files, so there's no need for a checksum.
These have been present for some time and nobody noticed.
(From OE-Core rev: 100bbc264cb54275ed2912d96f1fea9f6fd41fbf)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
0001-Do-not-check-for-validity-of-shell-executable.patch
CVE-2019-19882.patch
Removed since they are included in 4.8.1.
(From OE-Core rev: de9cceb13e264434eb0b8393c3b0c0217b8d505e)
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop two backports.
Remove 0001-useradd.c-create-parent-directories-when-necessary.patch
as upstream has addressed the issue:
b3b6d9d77c
Rebase the rest of the paches.
Add a patch to remove the check for validity of login shells
which does not work in our environment.
Disable sssd cache support as that needs Fedora-specific tooling.
(From OE-Core rev: fee6c063dfb80425caa7080083c61d1544d929c6)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The previous homepage and issue tracker is no longer available.
Remove some trailing whitespace
(From OE-Core rev: 1c60c5744b02c5c4eefb240923db5c4cd7959606)
Signed-off-by: Maxime Roussin-Bélanger <maxime.roussinbelanger@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The previous commit <shadow: use relaxed usernames> works only for
target. When test with configuration:
INHERIT += 'extrausers'
EXTRA_USERS_PARAMS += "useradd -p '' aBcD; "
and run "bitbake core-image-minimal", error occurs:
NOTE: core-image-minimal: Performing useradd with [
-R .../build/tmp-glibc/work/qemux86_64-wrs-linux/core-image-minimal/1.0-r0/rootfs -p '' aBcD]
useradd: invalid user name 'aBcD'
Here move the patch for using relaxed usernames from class_target to
the source code for all.
(From OE-Core rev: 8adf98e63fefeaf2c841a038a4497f9845bc7b04)
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
BSD license files must include the copyright notice.
(From OE-Core rev: b57f10c08bef1005b4bb195b84e39cab0e251420)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This fixed a potential security vulnerability on musl and made
the patch obsolete.
(From OE-Core rev: 30b6ae3084f63df437a4d6dd859bca674ca01e12)
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
A configure error occurs when /bin/sh -> dash:
checking for is_selinux_enabled in -lselinux... yes
checking for semanage_connect in -lsemanage... yes
configure: 16322: test: yesyes: unexpected operator
Use "=" instead of "==" since dash doesn't support the latter.
(From OE-Core rev: a86da25d620aa9a2fd832ffe12816e7670b43633)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The third field in the /etc/shadow file (sp_lstchg) contains the date of
the last password change expressed as the number of days since Jan 1,
1970.
Backport the upstream changes to honour SOURCE_DATE_EPOCH for build
reproducibility.
(From OE-Core rev: 4ad2cf5054618f2dd14fe40dac9aede66f2c0dd3)
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The 0001-useradd-copy-extended-attributes-of-home.patch (oe-core commit:
eed66e85af5ca6bbdd80cc3d5cf8453e8d8880bc) introduced a runtime failure
when enable SELinux.
When enable SELinux, The directory /home/user will get the extended
attributes of /etc/skel. However, the SELinux lable for /etc/skel is
etc_t which is also copied to /home/user. It will cause the user can not
write their home directory because the SELinux lable for /home/user
should be user_home_dir_t.
See discussion: http://lists.openembedded.org/pipermail/openembedded-core/2018-January/146039.html
The solution at the moment is to drop this patch.
(From OE-Core rev: 2a8b35226edde4cd49cb5ba68c5b47aa8379eca1)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
After eglibc was merged into glibc, Kconfig support was also dropped so
these libc features therefore are not effective anymore and can be
removed
(From OE-Core rev: c62b1cc06613a4cdddf53290e6203559f43fc62d)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The shadow configure script tries really hard to detect the running
shell to make sure it doesn't do unsupported calls.
On my system the shell is detected as /bin/sh, while a build in an
ubuntu docker it resolves to /bin/bash. And since the shell path is
baked into the target binaries through config.h, the build becomes
inreproducible.
Fix reproducibility by hard-coding the shell to be /bin/sh
(From OE-Core rev: 5e3e30446b6abd98d1d3e9bee818203a6a206634)
Signed-off-by: Martin Hundebøll <martin@geanix.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The following patches are removed because problems have been fixed in this version.
0001-shadow-CVE-2017-12424
fix-installation-failure-with-subids-disabled.patch
usermod-fix-compilation-failure-with-subids-disabled.patch
CVE-2017-2616.patch
check_size_of_uid_t_and_gid_t_using_AC_CHECK_SIZEOF.patch
0001-Do-not-read-login.defs-before-doing-chroot.patch
The following patches are rebased.
0001-Disable-use-of-syslog-for-sysroot.patch
0001-useradd-copy-extended-attributes-of-home.patch
0001-useradd.c-create-parent-directories-when-necessary.patch
allow-for-setting-password-in-clear-text.patch
(From OE-Core rev: 79dd22729d5b8a2f2cf4294ff6b261c9d6ecd977)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Alioth is dead so we can't use it for SRC_URI anymore. There is a shadow
repository on GitHub which is the new upstream, but for some reason it is
missing the 4.2.1 tag and tarball that we use. Also 4.2.1 was never uploaded
into Debian itself, so we can't use their mirror network either.
For now point SRC_URI at the Yocto Project source mirror and set
UPSTREAM_CHECK_URI so that we get nagged to upgrade to 4.6.
(From OE-Core rev: b3e246fef166030f327b5a852718ea907ada1759)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix below errors while pam is enabled on target:
root@qemux86:~# newusers
newusers: PAM: Authentication failure
root@qemux86:~# chpasswd
chpasswd: PAM: Authentication failure
The configs copied from "chgpasswd" which command works with pam.
(From OE-Core rev: f6efc1dbd1f3a0f68ee731ff2b5a5d798ecf2cf8)
Signed-off-by: Hu <yadi.hu@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Update shadow to change ownership of /var/spool/mail from root:root to
root:mail and permission from 0755 to 0775 just as in most popular
distributions such as fedora and debian(It also set setgid bit in debian
but we don't need it).
(From OE-Core rev: b3ab5fe359c38cdd5cd86cb8ffe076d7a2baac18)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fedora28[1] has decided to go ahead and use libxcrypt to replace libcrypt from glibc
despite the change not having merged into glibc upstream yet. This breaks the use of
uninative in OE on fedora28 since binaries there are now using new symbols only found
in libxcrypt. libxcrypt is meant to be backwards compatible with libcrypt but not the
reverse.
Since this will impact OE in the next release cycle, this changes nativesdk only
to use this new model and adds libxcrypt to work in that case. This allows us to
build a uninative which is compatible with fedora28 and previous other OSes.
In order to work, recipes will now need to depend on virtual/crypt where they use
libcrypt since its now a separate library and we can't depend on it from glibc to
preseve backwards compatibility since glibc needs to build first. For now, only the
problematic nativesdk recipes have been fixed up. For target use, the default
provider remains glibc for now. Assuming this change is merged into upstream glibc,
we will need to roll this change out for the target but we will do this in the next
release cycle when we can better deal with the resulting bugs.
[1] https://fedoraproject.org/wiki/Changes/Replace_glibc_libcrypt_with_libxcrypt
Original patch from Charles-Antoine Couret <charles-antoine.couret@essensium.com>,
tweaked by RP to add virtual provides, SkipRecipe for libxcrypt and other minor
tweaks.
(From OE-Core rev: c1573cb7faeb296fe7077a60d02443d5ed5bded0)
Signed-off-by: Charles-Antoine Couret <charles-antoine.couret@essensium.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* fails for nativesdk-shadow with:
pwconv: /etc/passwd.29063: No such file or directory
pwconv: cannot lock /etc/passwd; try again later.
(From OE-Core rev: c292945611d9f825051ac4938bb22a7d42fff994)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport a patch to fix CVE-2017-12424.
In shadow before 4.5, the newusers tool could be made to manipulate
internal data structures in ways unintended by the authors.
Reference link: https://nvd.nist.gov/vuln/detail/CVE-2017-12424
CVE: CVE-2017-12424
(From OE-Core rev: 896495d4d2a9751e6e013a3498293b2443d7d809)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
uclibc support was removed a while ago and musl works much better. Start to
remove the various overrides and patches related to uclibc which are no longer
needed.
uclibc support in a layer would still be possible. I have strong reasons to
believe nobody is still using uclibc since patches are missing and I doubt
the metadata even parses anymore.
(From OE-Core rev: 653704e9cf325cb494eb23facca19e9f05132ffd)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Both shadow and util-linux packages provides 'nologin' binary in ${base_sbindir}
and ${sbindir} respectively, this leads to conflict when 'usrmerge' feature is
enabled, where ${sbindir} == ${base_sbindir}. Hance, handle this to alternative
system to resolve the conflict.
(From OE-Core rev: 07d6d0fb4dc689008bb0022d7d2ecc890c9159e5)
Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The copy of extended attributes is interesting for
Smack systems because it allows to set the security
template of the user's home directories without
modifying the tools (useradd here). But the version
of useradd that copies the extended attributes doesn't
copy the extended attributes of the root. This can make
use of homes impossible! This patch corrects the issue
by copying the extended attributes of the root directory:
/home/user will get the extended attributes of /etc/skel.
The patch is submitted upstream (see
http://lists.alioth.debian.org/pipermail/pkg-shadow-commits/2017-March/003804.html)
The existing patch specific to open-embedded is updated:
0001-useradd.c-create-parent-directories-when-necessary.patch
Also, attr are activated for native tools.
This is needed when users are created during image creation.
(From OE-Core rev: eed66e85af5ca6bbdd80cc3d5cf8453e8d8880bc)
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When DISTRO_FEATURES has 'xattr' the shadow package
now automatically activates its config 'attr'.
(From OE-Core rev: 860c941741ca57bdc6fdbb67ea3ad94bb8d08c16)
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
pwconv and grpconv are used in the postinstall script.
(From OE-Core rev: 5a59e292d1382ea6858f6ccb532e48a9f1f4bea6)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
