Message ID | 20170831201450.32463-1-ebiggers3@gmail.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
On Thu, Aug 31, 2017 at 01:14:50PM -0700, Eric Biggers wrote: > From: Eric Biggers <ebiggers@google.com> > > create_chroot() is now supposed to add $CHROOT_USER to /etc/passwd in > the chroot. However, due to a bad grep pattern, it would add multiple > entries if $CHROOT_USER happened to be a suffix of another username. > Also the passwd record is not guaranteed to actually be in the file > /etc/passwd. Fix it by using 'getent passwd $CHROOT_USER' instead. > > A similar problem existed for the group entry, but also the > $CHROOT_USER's primary group is not guaranteed to have the same name as > the user. Fix that by using 'id -g' to look up the primary group. > Ted, can you apply this patch? Thanks! Eric -- To unsubscribe from this list: send the line "unsubscribe fstests" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Fri, Sep 15, 2017 at 08:59:14PM -0700, Eric Biggers wrote: > On Thu, Aug 31, 2017 at 01:14:50PM -0700, Eric Biggers wrote: > > From: Eric Biggers <ebiggers@google.com> > > > > create_chroot() is now supposed to add $CHROOT_USER to /etc/passwd in > > the chroot. However, due to a bad grep pattern, it would add multiple > > entries if $CHROOT_USER happened to be a suffix of another username. > > Also the passwd record is not guaranteed to actually be in the file > > /etc/passwd. Fix it by using 'getent passwd $CHROOT_USER' instead. > > > > A similar problem existed for the group entry, but also the > > $CHROOT_USER's primary group is not guaranteed to have the same name as > > the user. Fix that by using 'id -g' to look up the primary group. > > > > Ted, can you apply this patch? Thanks! Oops, missed this earlier; thanks for the ping. I've applied it. - Ted -- To unsubscribe from this list: send the line "unsubscribe fstests" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/setup-buildchroot b/setup-buildchroot index 2340eb5..992a87c 100755 --- a/setup-buildchroot +++ b/setup-buildchroot @@ -524,8 +524,8 @@ EOF chmod 1777 "$CHROOT_DIR/run/shm" fi if [ -n "$CHROOT_USER" ]; then - grep "$CHROOT_USER": /etc/passwd >> "$CHROOT_DIR/etc/passwd" - grep "$CHROOT_USER": /etc/group >> "$CHROOT_DIR/etc/group" + getent passwd "$CHROOT_USER" >> "$CHROOT_DIR/etc/passwd" + getent group "$(id -g "$CHROOT_USER")" >> "$CHROOT_DIR/etc/group" run_in_chroot "adduser $CHROOT_USER sudo" fi }