On Sat, Oct 22, 2011 at 12:54 PM, Nicolas François <[email protected]> wrote: > Hello, > > I'm the upstream maintainer of the shadow utilities. > > I was informed of the OpenEmbedded's add_root_cmd_options patch and would > like to integrate it upstream. > > First of all, thanks a lot for implementing this feature. I was asked > multiple times for it or something similar, but never found time to work > on it. > > I did not review it completely yet, but would have a question. > What is the expected behavior when the utility authenticates the caller? > 1] authenticate the caller in the caller's chroot > 2] authenticate the caller in the target's chroot > 3] both > > I currently think that 3] would be the right behavior: the caller needs to > be authenticated to make sure it is allowed to use the tool, then it > should be authenticated on the target to make sure the operation is > allowed. > ...But this is much more complex. > > If this is fine for you, I would prefer to disable this feature when the > utility is setuid and not executed by root. > > Best Regards,
Hi Nicolas, I'm affraid this patch does not do what you think it does. The --root option does not apply to login, but only to the various administrative tools that comes with it (gpasswd, groupadd, groupdel, groupmod, grpconv, grpunconv, passwd, pwconv, pwunconv, useradd, userdel). It allows OE to manipulate passwd and group files that are located in a sysroot by chrooting into it, because all these programs have their path to /etc/passwd and friends hardcoded. This way, when OE builds a package which needs a special user to be present at run-time, it can create the user off-line at build-time instead of beeing required to create post-install scripts which does the same job but has to be executed at run-time. -- Julian _______________________________________________ Openembedded-core mailing list [email protected] http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
