Re: [blfs-dev] Default shell is not set by useradd in shadow 4.4

Sat, 18 Feb 2017 14:44:46 -0800 

On 18/02/2017 22:01, Bruce Dubbs wrote:

Pierre Labastie wrote:



On 18/02/2017 17:47, Bruce Dubbs wrote:

Pierre Labastie wrote:

Hi,
With shadow 4.4, when running:
-------------
useradd -m -c something somebody
-------------
The entry in /etc/passwd is:
-------------
somebody:x:1001:1001:something:/home/somebody:
-------------
Notice: the shell is not set, the entry should be:
-------------
somebody:x:1001:1001:something:/home/somebody:/bin/bash
-------------
at least if you have not modified /etc/default/useradd

This is a known bug, and has been fixed on master just a
few days after the release of 4.4 version [1].

Since the fix is to move a line, it is not easy to write
a sed command, and I'd suggest making a patch. That patch
could also include the security fix, whose sed
command is rather cryptic...



https://github.com/shadow-maint/shadow/commit/656424167451738b92ec75b0dc033df92cce98e2 





Not sure about the security fix.  Can you point me to it?

But the fix above is:

sed -e '2029 a get_defaults ();' \
    -e '2039 d' \
    -i src/useradd.c

It can be all on one line.  I think that is clear enough.

The fixes need to go into both LFS and BLFS.



For me, sed commands using line numbers _are_ cryptic.
Of course I understand them, but I am unable to figure out
what they do, without looking at the file itself, which
involves untarring the package somewhere and seeking the
modified line using its number (not easy with less for example).
In this case, a patch is clearer. Just read it...
The security fix is the sed with line numbers 47 and 60 or so...



I agree that line numbers are not particularly illuminating.  What do 
you think about a 'here' style document piped to patch for short patches?


$ echo '--- yyy 2017-02-18 14:52:59.438941716 -0600
+++ xxx 2017-02-18 14:53:08.891027531 -0600
@@ -1,4 +1,4 @@
 Line1
-Line 2
+Line2
 Line3
 Line4
' | patch -Np0 yyy

patching file yyy

If not overdone it could be educational.


It would also be easier to maintain.  Adding a patch to LFS requires 
changing up to 6 files and I'd like to avoid that too.


  -- Bruce


Let me try. That should do the trick for shadow.
Pierre

--
http://lists.linuxfromscratch.org/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page






















					Reply via email to