libpam: Setting suid bit for unix_chkpwd

[YOCTO #1252] While pam_unix.so required by an application on lsb image, it will need to call the unix_chkpwd to get userinfo from shadow file. This fix get a normal user could read shadow file via unix_chkpwd. (From OE-Core rev: c23a3cd68385563a16d5bbc899e26f35cdc6c2cf) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2011-08-20 15:30:32 +08:00 · 2011-08-20 15:30:32 +08:00 · 6ba3b6ba9b
parent 45a0c38167
commit 6ba3b6ba9b
1 changed files with 7 additions and 1 deletions
--- a/meta/recipes-extended/pam/libpam_1.1.4.bb
+++ b/meta/recipes-extended/pam/libpam_1.1.4.bb
@ -9,7 +9,7 @@ SECTION = "base"
 LICENSE = "GPLv2+ | BSD"
 LIC_FILES_CHKSUM = "file://COPYING;md5=ca0395de9a86191a078b8b79302e3083"

-PR = "r1"
+PR = "r2"

 DEPENDS = "bison flex cracklib"
 RDEPENDS_${PN}-runtime = "libpam pam-plugin-deny pam-plugin-permit pam-plugin-warn pam-plugin-unix"
@ -85,3 +85,9 @@ do_install() {
 	install -d ${D}${sysconfdir}/pam.d/     
 	install -m 0644 ${WORKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/
 }
+
+pkg_postinst_pam-plugin-unix () {
+    # below is necessary to allow unix_chkpwd get user info from shadow file
+    # on lsb images
+    chmod 4755 ${sbindir}/unix_chkpwd
+}