summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMark Asselstine <mark.asselstine@windriver.com>2016-04-08 17:46:27 -0400
committerRichard Purdie <richard.purdie@linuxfoundation.org>2016-04-09 07:49:52 +0100
commitd80065642c5a1c95a298b235a8d575460147ede1 (patch)
treed8fc995f633ac465065e4e42653505f7eebe8b35
parent4ec99da681a6cd164ae177554b23c4fdf2194e2a (diff)
downloadopenembedded-core-contrib-d80065642c5a1c95a298b235a8d575460147ede1.tar.gz
openembedded-core-contrib-d80065642c5a1c95a298b235a8d575460147ede1.tar.bz2
openembedded-core-contrib-d80065642c5a1c95a298b235a8d575460147ede1.zip
useradd_base.bbclass: prevent variable expansion in $opts
Many user/group operations will involve hashes which will include '$' followed by a number or even possibly an env. variable name. Passing $opts to flock requires that we take additional precautions to prevent the unexpected expansion of these instances. This was found by an image which used usermod operations to set the password hash for root. The image could not be logged-in to and examining /etc/shadow clearly showed that $0 and other $* variables had been expanded unexpectedly. This change returnes the behavior to what existed prior to commit 2ebf697b46c42cee8bfa6d2e6087397f8cce385c [useradd_base.bbclass: replace retry logic with flock]. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/classes/useradd_base.bbclass14
1 files changed, 7 insertions, 7 deletions
diff --git a/meta/classes/useradd_base.bbclass b/meta/classes/useradd_base.bbclass
index 9b8f5c2207..e7081d98f0 100644
--- a/meta/classes/useradd_base.bbclass
+++ b/meta/classes/useradd_base.bbclass
@@ -18,7 +18,7 @@ perform_groupadd () {
local group_exists="`grep "^$groupname:" $rootdir/etc/group || true`"
if test "x$group_exists" = "x"; then
opts=`echo $opts | sed s/\'/\"/g`
- eval flock -x -w 100 $rootdir${sysconfdir} -c \'$PSEUDO groupadd $opts\' || true
+ eval flock -x -w 100 $rootdir${sysconfdir} -c \"$PSEUDO groupadd \$opts\" || true
group_exists="`grep "^$groupname:" $rootdir/etc/group || true`"
if test "x$group_exists" = "x"; then
bbfatal "${PN}: groupadd command did not succeed."
@@ -36,7 +36,7 @@ perform_useradd () {
local user_exists="`grep "^$username:" $rootdir/etc/passwd || true`"
if test "x$user_exists" = "x"; then
opts=`echo $opts | sed s/\'/\"/g`
- eval flock -x -w 100 $rootdir${sysconfdir} -c \'$PSEUDO useradd $opts\' || true
+ eval flock -x -w 100 $rootdir${sysconfdir} -c \"$PSEUDO useradd \$opts\" || true
user_exists="`grep "^$username:" $rootdir/etc/passwd || true`"
if test "x$user_exists" = "x"; then
bbfatal "${PN}: useradd command did not succeed."
@@ -63,7 +63,7 @@ perform_groupmems () {
fi
local mem_exists="`grep "^$groupname:[^:]*:[^:]*:\([^,]*,\)*$username\(,[^,]*\)*" $rootdir/etc/group || true`"
if test "x$mem_exists" = "x"; then
- eval flock -x -w 100 $rootdir${sysconfdir} -c \'$PSEUDO groupmems $opts\' || true
+ eval flock -x -w 100 $rootdir${sysconfdir} -c \"$PSEUDO groupmems \$opts\" || true
mem_exists="`grep "^$groupname:[^:]*:[^:]*:\([^,]*,\)*$username\(,[^,]*\)*" $rootdir/etc/group || true`"
if test "x$mem_exists" = "x"; then
bbfatal "${PN}: groupmems command did not succeed."
@@ -84,7 +84,7 @@ perform_groupdel () {
local groupname=`echo "$opts" | awk '{ print $NF }'`
local group_exists="`grep "^$groupname:" $rootdir/etc/group || true`"
if test "x$group_exists" != "x"; then
- eval flock -x -w 100 $rootdir${sysconfdir} -c \'$PSEUDO groupdel $opts\' || true
+ eval flock -x -w 100 $rootdir${sysconfdir} -c \"$PSEUDO groupdel \$opts\" || true
group_exists="`grep "^$groupname:" $rootdir/etc/group || true`"
if test "x$group_exists" != "x"; then
bbfatal "${PN}: groupdel command did not succeed."
@@ -101,7 +101,7 @@ perform_userdel () {
local username=`echo "$opts" | awk '{ print $NF }'`
local user_exists="`grep "^$username:" $rootdir/etc/passwd || true`"
if test "x$user_exists" != "x"; then
- eval flock -x -w 100 $rootdir${sysconfdir} -c \'$PSEUDO userdel $opts\' || true
+ eval flock -x -w 100 $rootdir${sysconfdir} -c \"$PSEUDO userdel \$opts\" || true
user_exists="`grep "^$username:" $rootdir/etc/passwd || true`"
if test "x$user_exists" != "x"; then
bbfatal "${PN}: userdel command did not succeed."
@@ -121,7 +121,7 @@ perform_groupmod () {
local groupname=`echo "$opts" | awk '{ print $NF }'`
local group_exists="`grep "^$groupname:" $rootdir/etc/group || true`"
if test "x$group_exists" != "x"; then
- eval flock -x -w 100 $rootdir${sysconfdir} -c \'$PSEUDO groupmod $opts\'
+ eval flock -x -w 100 $rootdir${sysconfdir} -c \"$PSEUDO groupmod \$opts\"
if test $? != 0; then
bbwarn "${PN}: groupmod command did not succeed."
fi
@@ -140,7 +140,7 @@ perform_usermod () {
local username=`echo "$opts" | awk '{ print $NF }'`
local user_exists="`grep "^$username:" $rootdir/etc/passwd || true`"
if test "x$user_exists" != "x"; then
- eval flock -x -w 100 $rootdir${sysconfdir} -c \'$PSEUDO usermod $opts\'
+ eval flock -x -w 100 $rootdir${sysconfdir} -c \"$PSEUDO usermod \$opts\"
if test $? != 0; then
bbfatal "${PN}: usermod command did not succeed."
fi