From: Michael Ho <[email protected]> Pseudo will calculate the search paths used for passwd operations such as lckpwdf and ulckpwdf using build_passwd_paths when it initiates. This takes into account the chroot at the time.
The problem is that after a chroot is performed, pseudo continues to use the search paths calculated from the start for lckpwdf and ulckpwdf. This makes it write the pwd.lock files to a different sysroot if a chroot is called during runtime. This commit resolves that by calling build_passwd_paths again after intercepting chroot calls so the search paths are up to date. This bug manifests in Yocto when shadow is installed into an SDK target rootfs. The postinst triggered will call shadow-native with -R to point to the SDK target rootfs which in turn makes shadow call chroot to the SDK target rootfs before it perform its actions including lckpwdf() and ulckpwdf(). The lock files however will write instead to the normal image target rootfs because it was specified in PSEUDO_PASSWD and was the first path set when the pseudo environment was initiated. By rebuilding the search path after chroot is applied, the lockfiles appear in the correct rootfs. Signed-off-by: Michael Ho <[email protected]> --- pseudo_client.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pseudo_client.c b/pseudo_client.c index 478e450..60cd0d1 100644 --- a/pseudo_client.c +++ b/pseudo_client.c @@ -822,6 +822,8 @@ pseudo_client_chroot(const char *path) { } memcpy(pseudo_chroot, path, pseudo_chroot_len + 1); pseudo_set_value("PSEUDO_CHROOT", pseudo_chroot); + /* Rebuild passwd paths since we've done a chroot */ + build_passwd_paths(); return 0; } -- 2.7.4
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#147245): https://lists.openembedded.org/g/openembedded-core/message/147245 Mute This Topic: https://lists.openembedded.org/mt/80126389/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
