libpam: Setting suid bit for unix_chkpwd
[YOCTO #1252] While pam_unix.so required by an application on lsb image, it will need to call the unix_chkpwd to get userinfo from shadow file. This fix get a normal user could read shadow file via unix_chkpwd. (From OE-Core rev: c23a3cd68385563a16d5bbc899e26f35cdc6c2cf) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
parent
45a0c38167
commit
6ba3b6ba9b
|
@ -9,7 +9,7 @@ SECTION = "base"
|
|||
LICENSE = "GPLv2+ | BSD"
|
||||
LIC_FILES_CHKSUM = "file://COPYING;md5=ca0395de9a86191a078b8b79302e3083"
|
||||
|
||||
PR = "r1"
|
||||
PR = "r2"
|
||||
|
||||
DEPENDS = "bison flex cracklib"
|
||||
RDEPENDS_${PN}-runtime = "libpam pam-plugin-deny pam-plugin-permit pam-plugin-warn pam-plugin-unix"
|
||||
|
@ -85,3 +85,9 @@ do_install() {
|
|||
install -d ${D}${sysconfdir}/pam.d/
|
||||
install -m 0644 ${WORKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/
|
||||
}
|
||||
|
||||
pkg_postinst_pam-plugin-unix () {
|
||||
# below is necessary to allow unix_chkpwd get user info from shadow file
|
||||
# on lsb images
|
||||
chmod 4755 ${sbindir}/unix_chkpwd
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue