| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
(From OE-Core rev: e7f39f67977a3915290ce26a2a828eecc6dddda4)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch fixes the following error at do_rootfs:
update-alternatives: Error: not linking
/PATH/TO/rootfs/usr/share/man/man1/su.1
to /usr/share/man/man1/su.1.util-linux since
/PATH/TO/rootfs/usr/share/man/man1/su.1
exists and is not a link
update-alternatives: Error: not linking
/PATH/TO/rootfs/usr/share/man/man8/nologin.8
to /usr/share/man/man8/nologin.8.util-linux since
/PATH/TO/rootfs/usr/share/man/man8/nologin.8
exists and is not a link
The problem can be reproduced by adding the following lines to local.conf
and then building an image:
EXTRA_IMAGE_FEATURES:append = " doc-pkgs"
IMAGE_INSTALL:append = " shadow util-linux"
su.1 and nologin.8 are handled by update-alternatives in util-linux recipe, so
do it in shadow recipe too.
(From OE-Core rev: 198c4582c6391ac87c49e09882189235c44b60e9)
Signed-off-by: Sid-Ali Teir <sidali.teir@cysec.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch fixes the following error at do_rootfs:
update-alternatives: Error: not linking /PATH/TO/rootfs/usr/share
/man/man1/groups.1 to /usr/share/man/man1/groups.1.coreutils since
/PATH/TO/rootfs/usr/share/man/man1/groups.1 exists and is not a link
The problem can be reproduced by adding the following lines to local.conf
and then building an image:
EXTRA_IMAGE_FEATURES:append = " doc-pkgs"
IMAGE_INSTALL:append = " shadow coreutils"
groups.1 is handled by update-alternatives in coreutils recipe, so
do it in shadow recipe too.
(From OE-Core rev: 78c8eb60097df2e16c699464c39ff9142fc1ae69)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
Upgrade shadow from 4.15.1 to 4.16.0.
(From OE-Core rev: 3cbcd040f427ccd0de5f0db35061d378b369b285)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
0001-lib-copydir-copy_entry-use-temporary-stat-buffer.patch is dropped
as it has been merged and is in this new release.
(From OE-Core rev: 921b010e6e4b3a61779d8c10eb38966560f665f5)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Since we want to be able to stop unpacking to WORKDIR, correct the WORKDIR
references in recipe do_compile/do_install tasks to use UNPACKDIR in the
appropraite places instead.
(From OE-Core rev: d73595df69667fe9d12ecd407b77a0b8dae2109c)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Install the manpages for shadow, and also make the conflicting manpages
alternatives in util-linux.
(From OE-Core rev: 4b5a119ab36b2339b5469e5c7d34635090cc70f0)
Signed-off-by: Daniel McGregor <daniel.mcgregor@vecima.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
libcrack support was dropped.
(From OE-Core rev: c976d67cc73948eb09700be349d63a5d3840acdc)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes the following issue:
install: cannot stat '.../recipe-sysroot-native/usr/lib/libattr.so.*': No such file or directory
...
ERROR: Task (virtual:native:.../shadow_4.14.2.bb:do_install) failed with exit code '1'
(From OE-Core rev: b3afb80d07d97aaa786b6921fb6f61e316201367)
Signed-off-by: Sam Van Den Berge <sam.van.den.berge@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Calling 'useradd' through pseudo on (at least) Ubuntu 20 creates
filesystem objects (.bashrc, .profile) with invalid attributes. It
manifests as
| tar: ./home/.../.bashrc: Unknown file type; file ignored
or
| Copying files into the device: __populate_fs: ignoring entry ".bashrc"
| .bashrc: File not found by ext2_lookup while looking up ".bashrc"
when building the image.
This happens due to a bug in shadow which is caused by clobbering
fstatat() results.
(From OE-Core rev: 991f880e5cb3d30a1197711d44af2fdb1719ce82)
Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
This was causing host contamination in particular, where
libsystemd was installed on the host.
(From OE-Core rev: fda06b441655cfa4e5f93e8f5587f27aa3610bb8)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
and bundled with shadow
Despite our efforts to make static linking work, there have
been new reports of bizarre build failures:
https://lists.openembedded.org/g/openembedded-core/message/194006
https://lists.openembedded.org/g/openembedded-core/message/193907
This commit changes back to dynamic linking, but places
the libraries in a custom location, per RP's suggestion.
(From OE-Core rev: b93562937737e97dbc8cb7c874e9913f6a285a34)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
shadow 4.14.x adds a number of libraries it dynamically links with
(md, bsd, attr). This causes troubles in setscene tasks where
shadow executables are used (such as useradd), as pulling in
the needed dynamic libraries needs unpleasant special-casing.
(From OE-Core rev: 495ff95eae14a91c94187f78a0b30c7957c9b168)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
License-Update: formatting, spdx conversion
Drop:
0001-Disable-use-of-syslog-for-sysroot.patch
(issue fixed upstream)
0001-Fix-can-not-print-full-login.patch
0001-Overhaul-valid_field.patch
CVE-2023-29383.patch
(backports)
libbsd is a new native dependency, as otherwise glibc >= 2.38
is needed.
A similar fix is added to musl in order to define non-standard __BEGIN_DECLS/__END_DECLS.
(From OE-Core rev: e85069acf304fe0b68583cf79fe3ec4f775dca68)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
shadow-utils: possible password leak during passwd(1) change
CVE: CVE-2023-4641
Upstream-Status: Backport
[https://github.com/shadow-maint/shadow/commit/65c88a43a23c2391dcc90c0abda3e839e9c57904]
(From OE-Core rev: 7942df17d9dfcf690106b8b86506d496e6251327)
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This item has been deprecated in pam 1.5.3 and is no longer
built by default:
https://github.com/linux-pam/linux-pam/blob/master/NEWS
(From OE-Core rev: 04f3c3e335bf5e7c3a12ccc97fda9a8c214135d0)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit c6198e1b1c3e3a3413b6ff9f014b40114f1850db.
This reverts commit 167c2c9f15c1bfe401c0512e420a76fa1379c012.
This reverts commit 65532fc751dc00e5568e256166f7b259d3a3c06c.
The dependencies should not be a -native in the target case. Revert
these whilst the proper patch is worked out.
(From OE-Core rev: 54eccb76eb8ba2086a56a30dfbb8aba06b02865a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
crypt.h is otherwise taken from the host machine
(From OE-Core rev: 65532fc751dc00e5568e256166f7b259d3a3c06c)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The fix of CVE-2023-29383.patch contains a bug that it rejects all
characters that are not control ones, so backup another patch named
"0001-Overhaul-valid_field.patch" from upstream to fix it.
(From OE-Core rev: c5da9027cc73484936f4f82a37c32348cee1e229)
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When we do not enter password during login, it is expected to display message "Login timed out after 60 seconds". But it prints only first few bytes(like "Login t") when write is immediately followed by exit.
Fix - Calling exit from new handler provides enough time to display full message.
Upstream-Status: Accepted [https://github.com/shadow-maint/shadow/commit/670cae834827a8f794e6f7464fa57790d911b63c]
(From OE-Core rev: 644cfe9dcf351bfa6c67f4b4d1e7dec416a59021)
Signed-off-by: Soumya <soumya.sambu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Drop
0001-Drop-nsswitch.conf-message-when-not-in-place-eg.-musl.patch
(issue fixed upstream)
0001-shadow-use-relaxed-usernames.patch
(merged upstream)
(From OE-Core rev: 03917700e4bba2c979e055b5f0939f14ebe09525)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 5b9fc88d06f79e8dbd2375172689f2fbf3e2a8a3)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: b04316bdd28b7945c2c91b4e43c007b650eedc14)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The libnss configuration file is only installed when glibc is used. The
inexistence of it on a musl-based rootfs, will make shadow complain
about it:
Failed opening /etc/nsswitch.conf
This is because shadow will try to use nsswich when dealing with
subordinate IDs and the message is just a warning as the tool will still
generate them correctly in subuid/subgid files.
We drop this log message for class native to avoid an error when rootfs
logs are checked ('Failed' will match the regex bitbake is using to
check for rootfs generation errors).
(From OE-Core rev: 3000840a271534fa907ce0684b81a6d278e64a44)
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
shadow utils are used when creating users at image creation time. The
useradd/usermod tools will only try to add a default configuration for
subid files if they exist.
(From OE-Core rev: 364a6f408c9feb5b9472ddabbc352d8b432bfffd)
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Combine two username relaxing patches into one, rebase, and submit upstream.
(From OE-Core rev: 6f0042be60582669d317b9ff2e1b8034ab2a01d3)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
License-Update: license clarified to BSD-3-Clause only
(From OE-Core rev: 79201206b5f7867ad7ffd462705f34179b33c0d7)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
0001-Fix-out-of-tree-builds-with-respect-to-libsubid-incl.patch
0001-libmisc-fix-default-value-in-SHA_get_salt_rounds.patch
0001-libsubid-link-to-PAM-libraries.patch
removed since they're included in 4.10
License-Update: Delete the space at the end of the sentence.
Changelog:
==========
* libsubid fixes
* Rename the test program list_subid_ranges to getsubids, write
a manpage, so distros can ship it. (Iker Pedrosa)
* Add libeconf dep for new*idmap
* Allow all group types with usermod -G
* Avoid useradd generating empty subid range
* Handle NULL pw_passwd
* Fix default value SHA_get_salt_rounds
* Use https where possible in README
* Update content and format of README
* Translation updates
* Switch from xml2po to itstool in 'make dist'
* Fix double frees
* Add LOG_INIT configurable to useradd
* Add CREATE_MAIL_SPOOL documentation
* Create a security.md
* Fix su never being SIGKILLd when trapping TERM
* Fix wrong SELinux labels in several possible cases
* Fix missing chmod in chadowtb_move
* Handle malformed hushlogins entries
* Fix groupdel segv when passwd does not exist
* Fix covscan-found newgrp segfault
* Remove trailing slash on hoedir
* Fix passwd -l message - it does not change expirey
* Fix SIGCHLD handling bugs in su and vipw
* Remove special case for "" in usermod
* Implement usermod -rG to remove a specific group
* call pam_end() after fork in child path for su and login
* useradd: In absence of /etc/passwd, assume 0 == root
* lib: check NULL before freeing data
* Fix pwck segfault
(From OE-Core rev: b7215993cf00f668d7e33b7fbc98fb4d8636edac)
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Make the license more accurate by specifying the specific variant of BSD
license instead of the generic one. This helps with SPDX license
attribution as "BSD" is not a valid SPDX license.
(From OE-Core rev: 65e3b23e1b266653fd30c90222e953f7e37fba0c)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The shadow 4.9 stops shiping /etc/default/useradd[1] and uses built-in
settings by default. Some settings are not consistent with previous
shadow 4.8.1 in oe-core. e.g. The default shell is /bin/bash rather than
/bin/sh. Per shadow 4.8.1 settings, add /etc/default/useradd back.
[1] https://github.com/shadow-maint/shadow/commit/bbf4b79bc49fd1826eb41f6629669ef0b647267b
(From OE-Core rev: 736d0b29c6246658a925ea9036ccfe6216d12837)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Backport a patch [1] to fix chpasswd, gpasswd and passwd "hang" for
several minutes (10-20min) at 100% cpu usage though they finally
terminate successfully.
[1] https://github.com/shadow-maint/shadow/issues/393
(From OE-Core rev: ad8c62f988017e1e4da1f5ed7fb6f4a5ce44844e)
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Add PACKAGECONFIG for audit and selinux rather than disable them
directly. This is useful for selinux distro feature.
(From OE-Core rev: 0a0c6cfc5a17ed442aad9e71e627e0fa39e60ead)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a couple backports to fix builds.
Drop 0002-Allow-for-setting-password-in-clear-text.patch;
what it adds is horribly insecure and AB testing didn't reveal any
regressions or use cases for it.
Drop /etc/default/ tweaks as files are no longer installed there.
Drop manpage alternatives as manpages are no longer installed.
(From OE-Core rev: 759df7395908f18b3b68f28d043ac9ebd42dd0c8)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This is the result of automated script conversion:
scripts/contrib/convert-overrides.py <oe-core directory>
converting the metadata to use ":" as the override character instead of "_".
(From OE-Core rev: 42344347be29f0997cc2f7636d9603b1fe1875ae)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
These can be provided by util-linux, so add alternative links for them.
(From OE-Core rev: 953a91bd258dcb825df3837635ce7561331c049e)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Added HOMEPAGE and DESCRIPTION for recipes with missing decriptions or homepage
[YOCTO #13471]
(From OE-Core rev: cc6c7af900ae0196a62b7fa1375c55bbcd8e68b4)
Signed-off-by: Dorinda Bassey <dorindabassey@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
lastlog needs logwtmp which musl does not provide
(From OE-Core rev: f2b826fe5384dde4aa52ce862cd3098acb4feea2)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
0001-Do-not-check-for-validity-of-shell-executable.patch
CVE-2019-19882.patch
Removed since they are included in 4.8.1.
(From OE-Core rev: de9cceb13e264434eb0b8393c3b0c0217b8d505e)
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Backport patch from <https://github.com/shadow-maint/shadow/pull/199/
commits/66b7bc0dcfda12d7f58eba993bd02872cae1d713> to solve
CVE-2019-19882.
(From OE-Core rev: a0de64cab692562d4bbd64f8bdcaa3fc6bc694bb)
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Drop two backports.
Remove 0001-useradd.c-create-parent-directories-when-necessary.patch
as upstream has addressed the issue:
https://github.com/shadow-maint/shadow/commit/b3b6d9d77c1d18b98670b97157777bb74092cd69
Rebase the rest of the paches.
Add a patch to remove the check for validity of login shells
which does not work in our environment.
Disable sssd cache support as that needs Fedora-specific tooling.
(From OE-Core rev: fee6c063dfb80425caa7080083c61d1544d929c6)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
The previous homepage and issue tracker is no longer available.
Remove some trailing whitespace
(From OE-Core rev: 1c60c5744b02c5c4eefb240923db5c4cd7959606)
Signed-off-by: Maxime Roussin-Bélanger <maxime.roussinbelanger@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The previous commit <shadow: use relaxed usernames> works only for
target. When test with configuration:
INHERIT += 'extrausers'
EXTRA_USERS_PARAMS += "useradd -p '' aBcD; "
and run "bitbake core-image-minimal", error occurs:
NOTE: core-image-minimal: Performing useradd with [
-R .../build/tmp-glibc/work/qemux86_64-wrs-linux/core-image-minimal/1.0-r0/rootfs -p '' aBcD]
useradd: invalid user name 'aBcD'
Here move the patch for using relaxed usernames from class_target to
the source code for all.
(From OE-Core rev: 8adf98e63fefeaf2c841a038a4497f9845bc7b04)
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
BSD license files must include the copyright notice.
(From OE-Core rev: b57f10c08bef1005b4bb195b84e39cab0e251420)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
This fixed a potential security vulnerability on musl and made
the patch obsolete.
(From OE-Core rev: 30b6ae3084f63df437a4d6dd859bca674ca01e12)
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
A configure error occurs when /bin/sh -> dash:
checking for is_selinux_enabled in -lselinux... yes
checking for semanage_connect in -lsemanage... yes
configure: 16322: test: yesyes: unexpected operator
Use "=" instead of "==" since dash doesn't support the latter.
(From OE-Core rev: a86da25d620aa9a2fd832ffe12816e7670b43633)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The third field in the /etc/shadow file (sp_lstchg) contains the date of
the last password change expressed as the number of days since Jan 1,
1970.
Backport the upstream changes to honour SOURCE_DATE_EPOCH for build
reproducibility.
(From OE-Core rev: 4ad2cf5054618f2dd14fe40dac9aede66f2c0dd3)
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The 0001-useradd-copy-extended-attributes-of-home.patch (oe-core commit:
eed66e85af5ca6bbdd80cc3d5cf8453e8d8880bc) introduced a runtime failure
when enable SELinux.
When enable SELinux, The directory /home/user will get the extended
attributes of /etc/skel. However, the SELinux lable for /etc/skel is
etc_t which is also copied to /home/user. It will cause the user can not
write their home directory because the SELinux lable for /home/user
should be user_home_dir_t.
See discussion: http://lists.openembedded.org/pipermail/openembedded-core/2018-January/146039.html
The solution at the moment is to drop this patch.
(From OE-Core rev: 2a8b35226edde4cd49cb5ba68c5b47aa8379eca1)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
After eglibc was merged into glibc, Kconfig support was also dropped so
these libc features therefore are not effective anymore and can be
removed
(From OE-Core rev: c62b1cc06613a4cdddf53290e6203559f43fc62d)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The shadow configure script tries really hard to detect the running
shell to make sure it doesn't do unsupported calls.
On my system the shell is detected as /bin/sh, while a build in an
ubuntu docker it resolves to /bin/bash. And since the shell path is
baked into the target binaries through config.h, the build becomes
inreproducible.
Fix reproducibility by hard-coding the shell to be /bin/sh
(From OE-Core rev: 5e3e30446b6abd98d1d3e9bee818203a6a206634)
Signed-off-by: Martin Hundebøll <martin@geanix.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following patches are removed because problems have been fixed in this version.
0001-shadow-CVE-2017-12424
fix-installation-failure-with-subids-disabled.patch
usermod-fix-compilation-failure-with-subids-disabled.patch
CVE-2017-2616.patch
check_size_of_uid_t_and_gid_t_using_AC_CHECK_SIZEOF.patch
0001-Do-not-read-login.defs-before-doing-chroot.patch
The following patches are rebased.
0001-Disable-use-of-syslog-for-sysroot.patch
0001-useradd-copy-extended-attributes-of-home.patch
0001-useradd.c-create-parent-directories-when-necessary.patch
allow-for-setting-password-in-clear-text.patch
(From OE-Core rev: 79dd22729d5b8a2f2cf4294ff6b261c9d6ecd977)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
