teknoraver / rpms / systemd

Forked from rpms/systemd 3 months ago
Clone

Blame SOURCES/0081-sysusers-do-not-reject-users-with-already-present-et.patch

923a60
From 169e74d772eac561a24f461ac65118d3d83a5980 Mon Sep 17 00:00:00 2001
923a60
From: Ivan Shapovalov <intelfx100@gmail.com>
923a60
Date: Sat, 7 Mar 2015 18:11:32 +0300
923a60
Subject: [PATCH] sysusers: do not reject users with already present
923a60
 /etc/shadow entries
923a60
923a60
This is needed to interoperate firstboot and sysusers. The former one is started
923a60
first, and it writes only /etc/shadow when it is told to set the root password.
923a60
It's better to relax checks here than to duplicate functionality in firstboot.
923a60
923a60
(cherry picked from commit c5abf22514b3925aa6f0d4a3f36f76799bf1911b)
923a60
---
923a60
 src/sysusers/sysusers.c | 23 +++++++++--------------
923a60
 1 file changed, 9 insertions(+), 14 deletions(-)
923a60
923a60
diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c
923a60
index e47bcb4dca..76b5962c51 100644
923a60
--- a/src/sysusers/sysusers.c
923a60
+++ b/src/sysusers/sysusers.c
923a60
@@ -605,6 +605,8 @@ static int write_files(void) {
923a60
                 if (r < 0)
923a60
                         goto finish;
923a60
 
923a60
+                lstchg = (long) (now(CLOCK_REALTIME) / USEC_PER_DAY);
923a60
+
923a60
                 original = fopen(shadow_path, "re");
923a60
                 if (original) {
923a60
                         struct spwd *sp;
923a60
@@ -618,8 +620,13 @@ static int write_files(void) {
923a60
 
923a60
                                 i = hashmap_get(users, sp->sp_namp);
923a60
                                 if (i && i->todo_user) {
923a60
-                                        r = -EEXIST;
923a60
-                                        goto finish;
923a60
+                                        /* we will update the existing entry */
923a60
+                                        sp->sp_lstchg = lstchg;
923a60
+
923a60
+                                        /* only the /etc/shadow stage is left, so we can
923a60
+                                         * safely remove the item from the todo set */
923a60
+                                        i->todo_user = false;
923a60
+                                        hashmap_remove(todo_uids, UID_TO_PTR(i->uid));
923a60
                                 }
923a60
 
923a60
                                 errno = 0;
923a60
@@ -642,7 +649,6 @@ static int write_files(void) {
923a60
                         goto finish;
923a60
                 }
923a60
 
923a60
-                lstchg = (long) (now(CLOCK_REALTIME) / USEC_PER_DAY);
923a60
                 HASHMAP_FOREACH(i, todo_uids, iterator) {
923a60
                         struct spwd n = {
923a60
                                 .sp_namp = i->name,
923a60
@@ -879,7 +885,6 @@ static int add_user(Item *i) {
923a60
 
923a60
         if (!arg_root) {
923a60
                 struct passwd *p;
923a60
-                struct spwd *sp;
923a60
 
923a60
                 /* Also check NSS */
923a60
                 errno = 0;
923a60
@@ -895,16 +900,6 @@ static int add_user(Item *i) {
923a60
                 }
923a60
                 if (!IN_SET(errno, 0, ENOENT))
923a60
                         return log_error_errno(errno, "Failed to check if user %s already exists: %m", i->name);
923a60
-
923a60
-                /* And shadow too, just to be sure */
923a60
-                errno = 0;
923a60
-                sp = getspnam(i->name);
923a60
-                if (sp) {
923a60
-                        log_error("User %s already exists in shadow database, but not in user database.", i->name);
923a60
-                        return -EBADMSG;
923a60
-                }
923a60
-                if (!IN_SET(errno, 0, ENOENT))
923a60
-                        return log_error_errno(errno, "Failed to check if user %s already exists in shadow database: %m", i->name);
923a60
         }
923a60
 
923a60
         /* Try to use the suggested numeric uid */