diff mbox series

shadow: fix copydir operation with 'pseudo'

Message ID 20240318135826.419294-1-enrico.scholz@sigma-chemnitz.de
State Accepted, archived
Commit 991f880e5cb3d30a1197711d44af2fdb1719ce82
Headers show
Series shadow: fix copydir operation with 'pseudo' | expand

Commit Message

Enrico Scholz March 18, 2024, 1:58 p.m. UTC 
From: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>

Calling 'useradd' through pseudo on (at least) Ubuntu 20 creates
filesystem objects (.bashrc, .profile) with invalid attributes.  It
manifests as

| tar: ./home/.../.bashrc: Unknown file type; file ignored

or

| Copying files into the device: __populate_fs: ignoring entry ".bashrc"
| .bashrc: File not found by ext2_lookup while looking up ".bashrc"

when building the image.

This happens due to a bug in shadow which is caused by clobbering
fstatat() results.

Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
---
 ...copy_entry-use-temporary-stat-buffer.patch | 39 +++++++++++++++++++
 meta/recipes-extended/shadow/shadow.inc       |  1 +
 2 files changed, 40 insertions(+)
 create mode 100644 meta/recipes-extended/shadow/files/0001-lib-copydir-copy_entry-use-temporary-stat-buffer.patch
diff mbox series

Patch

diff --git a/meta/recipes-extended/shadow/files/0001-lib-copydir-copy_entry-use-temporary-stat-buffer.patch b/meta/recipes-extended/shadow/files/0001-lib-copydir-copy_entry-use-temporary-stat-buffer.patch
new file mode 100644
index 000000000000..d278a4cda3ff
--- /dev/null
+++ b/meta/recipes-extended/shadow/files/0001-lib-copydir-copy_entry-use-temporary-stat-buffer.patch
@@ -0,0 +1,39 @@ 
+From af4b8cb780587aa736692a3baa76b60474f19c5d Mon Sep 17 00:00:00 2001
+From: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
+Date: Mon, 18 Mar 2024 12:14:21 +0100
+Subject: [PATCH] lib/copydir:copy_entry(): use temporary stat buffer
+
+There are no guarantees that fstatat() does not clobber the stat
+buffer on errors.
+
+Use a temporary buffer so that the following code sees correct
+attributes of the source entry.
+
+Upstream-Status: Submitted [https://github.com/shadow-maint/shadow/pull/974]
+
+Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
+---
+ lib/copydir.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+Index: shadow-4.14.2/lib/copydir.c
+===================================================================
+--- shadow-4.14.2.orig/lib/copydir.c
++++ shadow-4.14.2/lib/copydir.c
+@@ -415,6 +415,7 @@ static int copy_entry (const struct path
+ {
+ 	int err = 0;
+ 	struct stat sb;
++	struct stat tmp_sb;
+ 	struct link_name *lp;
+ 	struct timespec mt[2];
+ 
+@@ -436,7 +437,7 @@ static int copy_entry (const struct path
+ 		 * If the destination already exists do nothing.
+ 		 * This is after the copy_dir above to still iterate into subdirectories.
+ 		 */
+-		if (fstatat(dst->dirfd, dst->name, &sb, AT_SYMLINK_NOFOLLOW) != -1) {
++		if (fstatat(dst->dirfd, dst->name, &tmp_sb, AT_SYMLINK_NOFOLLOW) != -1) {
+ 			return 0;
+ 		}
+ 
diff --git a/meta/recipes-extended/shadow/shadow.inc b/meta/recipes-extended/shadow/shadow.inc
index 16b99a0b60e8..a164b8347f8c 100644
--- a/meta/recipes-extended/shadow/shadow.inc
+++ b/meta/recipes-extended/shadow/shadow.inc
@@ -12,6 +12,7 @@  DEPENDS = "virtual/crypt"
 
 GITHUB_BASE_URI = "https://github.com/shadow-maint/shadow/releases"
 SRC_URI = "${GITHUB_BASE_URI}/download/${PV}/${BP}.tar.gz \
+           file://0001-lib-copydir-copy_entry-use-temporary-stat-buffer.patch \
            ${@bb.utils.contains('PACKAGECONFIG', 'pam', '${PAM_SRC_URI}', '', d)} \
            file://useradd \
            "