All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH v2 0/1] libpam: Setting suid bit for unix_chkpwd
@ 2011-08-22  3:11 wenzong.fan
  2011-08-22  3:11 ` [PATCH v2 1/1] " wenzong.fan
  2011-08-24 22:48 ` [PATCH v2 0/1] " Saul Wold
  0 siblings, 2 replies; 3+ messages in thread
From: wenzong.fan @ 2011-08-22  3:11 UTC (permalink / raw)
  To: openembedded-core

From: Wenzong Fan <wenzong.fan@windriver.com>

v2 updates: with ${sbindir} to replace the hardcode '/usr/sbin'

The following changes since commit 36396b6ecb0c84c6752cdc8118c496e8ec05a388:
  Richard Purdie (1):
        xcb/libpthreads: Add BBCLASSEXTEND to resolve missing providers in world builds

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/1252
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/1252

Wenzong Fan (1):
  libpam: Setting suid bit for unix_chkpwd

 meta/recipes-extended/pam/libpam_1.1.4.bb |    8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)




^ permalink raw reply	[flat|nested] 3+ messages in thread
* [PATCH v2 1/1] libpam: Setting suid bit for unix_chkpwd
  2011-08-22  3:11 [PATCH v2 0/1] libpam: Setting suid bit for unix_chkpwd wenzong.fan
@ 2011-08-22  3:11 ` wenzong.fan
  2011-08-24 22:48 ` [PATCH v2 0/1] " Saul Wold
  1 sibling, 0 replies; 3+ messages in thread
From: wenzong.fan @ 2011-08-22  3:11 UTC (permalink / raw)
  To: openembedded-core

From: Wenzong Fan <wenzong.fan@windriver.com>

[YOCTO #1252]

While pam_unix.so required by an application on lsb image, it will need to
call the unix_chkpwd to get userinfo from shadow file. This fix get a normal
user could read shadow file via unix_chkpwd.

Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
---
 meta/recipes-extended/pam/libpam_1.1.4.bb |    8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)

diff --git a/meta/recipes-extended/pam/libpam_1.1.4.bb b/meta/recipes-extended/pam/libpam_1.1.4.bb
index ae20a97..d6f95b1 100644
--- a/meta/recipes-extended/pam/libpam_1.1.4.bb
+++ b/meta/recipes-extended/pam/libpam_1.1.4.bb
@@ -9,7 +9,7 @@ SECTION = "base"
 LICENSE = "GPLv2+ | BSD"
 LIC_FILES_CHKSUM = "file://COPYING;md5=ca0395de9a86191a078b8b79302e3083"
 
-PR = "r1"
+PR = "r2"
 
 DEPENDS = "bison flex cracklib"
 RDEPENDS_${PN}-runtime = "libpam pam-plugin-deny pam-plugin-permit pam-plugin-warn pam-plugin-unix"
@@ -85,3 +85,9 @@ do_install() {
 	install -d ${D}${sysconfdir}/pam.d/     
 	install -m 0644 ${WORKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/
 }
+
+pkg_postinst_pam-plugin-unix () {
+    # below is necessary to allow unix_chkpwd get user info from shadow file
+    # on lsb images
+    chmod 4755 ${sbindir}/unix_chkpwd
+}
-- 
1.7.0.4




^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH v2 0/1] libpam: Setting suid bit for unix_chkpwd
  2011-08-22  3:11 [PATCH v2 0/1] libpam: Setting suid bit for unix_chkpwd wenzong.fan
  2011-08-22  3:11 ` [PATCH v2 1/1] " wenzong.fan
@ 2011-08-24 22:48 ` Saul Wold
  1 sibling, 0 replies; 3+ messages in thread
From: Saul Wold @ 2011-08-24 22:48 UTC (permalink / raw)
  To: Patches and discussions about the oe-core layer

On 08/21/2011 08:11 PM, wenzong.fan@windriver.com wrote:
> From: Wenzong Fan<wenzong.fan@windriver.com>
>
> v2 updates: with ${sbindir} to replace the hardcode '/usr/sbin'
>
> The following changes since commit 36396b6ecb0c84c6752cdc8118c496e8ec05a388:
>    Richard Purdie (1):
>          xcb/libpthreads: Add BBCLASSEXTEND to resolve missing providers in world builds
>
> are available in the git repository at:
>
>    git://git.pokylinux.org/poky-contrib wenzong/1252
>    http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/1252
>
> Wenzong Fan (1):
>    libpam: Setting suid bit for unix_chkpwd
>
>   meta/recipes-extended/pam/libpam_1.1.4.bb |    8 +++++++-
>   1 files changed, 7 insertions(+), 1 deletions(-)
>
>
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
>

Merged into OE-Core

Thanks
	Sau!



^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2011-08-24 22:53 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-08-22  3:11 [PATCH v2 0/1] libpam: Setting suid bit for unix_chkpwd wenzong.fan
2011-08-22  3:11 ` [PATCH v2 1/1] " wenzong.fan
2011-08-24 22:48 ` [PATCH v2 0/1] " Saul Wold

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.