@@ -1,4 +1,7 @@
-Disable use of syslog for shadow-native tools
+From 8b845fff891798a03bdf21354b52e4487c2c0200 Mon Sep 17 00:00:00 2001
+From: Richard Purdie <richard.purdie@linuxfoundation.org>
+Date: Thu, 14 Apr 2022 23:11:53 +0000
+Subject: [PATCH] Disable use of syslog for shadow-native tools
Disable use of syslog to prevent sysroot user and group additions from
writing entries to the host's syslog. This patch should only be used
@@ -6,17 +9,44 @@ with the shadow-native recipe.
Upstream-Status: Inappropriate [OE specific configuration]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
-Index: shadow-4.11.1/configure.ac
-===================================================================
---- shadow-4.11.1.orig/configure.ac
-+++ shadow-4.11.1/configure.ac
-@@ -204,7 +204,7 @@ AC_DEFINE_UNQUOTED(PASSWD_PROGRAM, "$sha
+---
+ configure.ac | 2 +-
+ src/login_nopam.c | 3 ++-
+ 2 files changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 5dcae19..b2c58f5 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -204,7 +204,7 @@ AC_DEFINE_UNQUOTED(PASSWD_PROGRAM, "$shadow_cv_passwd_dir/passwd",
[Path to passwd program.])
dnl XXX - quick hack, should disappear before anyone notices :).
-AC_DEFINE(USE_SYSLOG, 1, [Define to use syslog().])
-+AC_DEFINE(USE_SYSLOG, 0, [Define to use syslog().])
++#AC_DEFINE(USE_SYSLOG, 1, [Define to use syslog().])
if test "$ac_cv_func_ruserok" = "yes"; then
AC_DEFINE(RLOGIN, 1, [Define if login should support the -r flag for rlogind.])
AC_DEFINE(RUSEROK, 0, [Define to the ruserok() "success" return value (0 or 1).])
+diff --git a/src/login_nopam.c b/src/login_nopam.c
+index df6ba88..fc24e13 100644
+--- a/src/login_nopam.c
++++ b/src/login_nopam.c
+@@ -29,7 +29,6 @@
+ #ifndef USE_PAM
+ #ident "$Id$"
+
+-#include "prototypes.h"
+ /*
+ * This module implements a simple but effective form of login access
+ * control based on login names and on host (or domain) names, internet
+@@ -57,6 +56,8 @@
+ #include <netinet/in.h>
+ #include <arpa/inet.h> /* for inet_ntoa() */
+
++#include "prototypes.h"
++
+ #if !defined(MAXHOSTNAMELEN) || (MAXHOSTNAMELEN < 64)
+ #undef MAXHOSTNAMELEN
+ #define MAXHOSTNAMELEN 256
An attempt to disable the use of syslog() was made in commit 8f181686 (shadow-native: Simplify and fix syslog disable patch). However, because the code checks if USE_SYSLOG is defined rather than checking if it evaluates to TRUE the patch did not work as intended. Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> --- ...01-Disable-use-of-syslog-for-sysroot.patch | 44 ++++++++++++++++--- 1 file changed, 37 insertions(+), 7 deletions(-)