Many user/group operations will involve hashes which will include '$' followed by a number or even possibly an env. variable name. Passing $opts to flock requires that we take additional precautions to prevent the unexpected expansion of these instances.
This was found by an image which used usermod operations to set the password hash for root. The image could not be logged-in to and examining /etc/shadow clearly showed that $0 and other $* variables had been expanded unexpectedly. This change returnes the behavior to what existed prior to commit 2ebf697b46c42cee8bfa6d2e6087397f8cce385c [useradd_base.bbclass: replace retry logic with flock]. Signed-off-by: Mark Asselstine <[email protected]> --- meta/classes/useradd_base.bbclass | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/meta/classes/useradd_base.bbclass b/meta/classes/useradd_base.bbclass index 9b8f5c2..e7081d9 100644 --- a/meta/classes/useradd_base.bbclass +++ b/meta/classes/useradd_base.bbclass @@ -18,7 +18,7 @@ perform_groupadd () { local group_exists="`grep "^$groupname:" $rootdir/etc/group || true`" if test "x$group_exists" = "x"; then opts=`echo $opts | sed s/\'/\"/g` - eval flock -x -w 100 $rootdir${sysconfdir} -c \'$PSEUDO groupadd $opts\' || true + eval flock -x -w 100 $rootdir${sysconfdir} -c \"$PSEUDO groupadd \$opts\" || true group_exists="`grep "^$groupname:" $rootdir/etc/group || true`" if test "x$group_exists" = "x"; then bbfatal "${PN}: groupadd command did not succeed." @@ -36,7 +36,7 @@ perform_useradd () { local user_exists="`grep "^$username:" $rootdir/etc/passwd || true`" if test "x$user_exists" = "x"; then opts=`echo $opts | sed s/\'/\"/g` - eval flock -x -w 100 $rootdir${sysconfdir} -c \'$PSEUDO useradd $opts\' || true + eval flock -x -w 100 $rootdir${sysconfdir} -c \"$PSEUDO useradd \$opts\" || true user_exists="`grep "^$username:" $rootdir/etc/passwd || true`" if test "x$user_exists" = "x"; then bbfatal "${PN}: useradd command did not succeed." @@ -63,7 +63,7 @@ perform_groupmems () { fi local mem_exists="`grep "^$groupname:[^:]*:[^:]*:\([^,]*,\)*$username\(,[^,]*\)*" $rootdir/etc/group || true`" if test "x$mem_exists" = "x"; then - eval flock -x -w 100 $rootdir${sysconfdir} -c \'$PSEUDO groupmems $opts\' || true + eval flock -x -w 100 $rootdir${sysconfdir} -c \"$PSEUDO groupmems \$opts\" || true mem_exists="`grep "^$groupname:[^:]*:[^:]*:\([^,]*,\)*$username\(,[^,]*\)*" $rootdir/etc/group || true`" if test "x$mem_exists" = "x"; then bbfatal "${PN}: groupmems command did not succeed." @@ -84,7 +84,7 @@ perform_groupdel () { local groupname=`echo "$opts" | awk '{ print $NF }'` local group_exists="`grep "^$groupname:" $rootdir/etc/group || true`" if test "x$group_exists" != "x"; then - eval flock -x -w 100 $rootdir${sysconfdir} -c \'$PSEUDO groupdel $opts\' || true + eval flock -x -w 100 $rootdir${sysconfdir} -c \"$PSEUDO groupdel \$opts\" || true group_exists="`grep "^$groupname:" $rootdir/etc/group || true`" if test "x$group_exists" != "x"; then bbfatal "${PN}: groupdel command did not succeed." @@ -101,7 +101,7 @@ perform_userdel () { local username=`echo "$opts" | awk '{ print $NF }'` local user_exists="`grep "^$username:" $rootdir/etc/passwd || true`" if test "x$user_exists" != "x"; then - eval flock -x -w 100 $rootdir${sysconfdir} -c \'$PSEUDO userdel $opts\' || true + eval flock -x -w 100 $rootdir${sysconfdir} -c \"$PSEUDO userdel \$opts\" || true user_exists="`grep "^$username:" $rootdir/etc/passwd || true`" if test "x$user_exists" != "x"; then bbfatal "${PN}: userdel command did not succeed." @@ -121,7 +121,7 @@ perform_groupmod () { local groupname=`echo "$opts" | awk '{ print $NF }'` local group_exists="`grep "^$groupname:" $rootdir/etc/group || true`" if test "x$group_exists" != "x"; then - eval flock -x -w 100 $rootdir${sysconfdir} -c \'$PSEUDO groupmod $opts\' + eval flock -x -w 100 $rootdir${sysconfdir} -c \"$PSEUDO groupmod \$opts\" if test $? != 0; then bbwarn "${PN}: groupmod command did not succeed." fi @@ -140,7 +140,7 @@ perform_usermod () { local username=`echo "$opts" | awk '{ print $NF }'` local user_exists="`grep "^$username:" $rootdir/etc/passwd || true`" if test "x$user_exists" != "x"; then - eval flock -x -w 100 $rootdir${sysconfdir} -c \'$PSEUDO usermod $opts\' + eval flock -x -w 100 $rootdir${sysconfdir} -c \"$PSEUDO usermod \$opts\" if test $? != 0; then bbfatal "${PN}: usermod command did not succeed." fi -- 2.1.4 -- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
