base-files: merge /etc/passwd support more than just /rom based installs

Message ID	CAA21KT-qhPSQzjkOKyK2rdwn0UgVgMZWq+Z_R8gbAj4raj3pOQ@mail.gmail.com
State	Accepted
Delegated to:	Daniel Golle
Headers	show Return-Path: <openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org> MIME-Version: 1.0 From: Imran K <gururug@gmail.com> Date: Fri, 27 Nov 2020 06:19:02 +0000 Message-ID: <CAA21KT-qhPSQzjkOKyK2rdwn0UgVgMZWq+Z_R8gbAj4raj3pOQ@mail.gmail.com> Subject: base-files: merge /etc/passwd support more than just /rom based installs To: openwrt-devel@lists.openwrt.org summary: Content analysis details: (-0.2 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:d34 listed in] [list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [gururug[at]gmail.com] -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "openwrt-devel" <openwrt-devel-bounces@lists.openwrt.org> Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org
Series	base-files: merge /etc/passwd support more than just /rom based installs \| expand base-files: merge /etc/passwd support more than just /rom based installs

Message ID

CAA21KT-qhPSQzjkOKyK2rdwn0UgVgMZWq+Z_R8gbAj4raj3pOQ@mail.gmail.com

State

Accepted

Delegated to:

Daniel Golle

Headers

MIME-Version: 1.0
From: Imran K <gururug@gmail.com>
Date: Fri, 27 Nov 2020 06:19:02 +0000
Message-ID: 
 <CAA21KT-qhPSQzjkOKyK2rdwn0UgVgMZWq+Z_R8gbAj4raj3pOQ@mail.gmail.com>
Subject: base-files: merge /etc/passwd support more than just /rom based
 installs
To: openwrt-devel@lists.openwrt.org
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "openwrt-devel" <openwrt-devel-bounces@lists.openwrt.org>
Errors-To: 
 openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org

Series

base-files: merge /etc/passwd support more than just /rom based installs | expand

Comments

Henrique de Moraes Holschuh Nov. 27, 2020, 2:13 p.m. UTC | #1

On 27/11/2020 03:19, Imran K wrote:
> Support more than /rom only when migrating user accounts

This is the kind of thing you must do safely (e.g. using mktemp -dt && 
chmod 0700 <the-mktemp-created-dir> && { ... }), unless you can prove 
there is no way someone might have messed with /tmp before or during the 
script's execution.

And if you can prove it is safe (which it might well be), that 
explanation ought to be in the commit log...

Also, cp -f and rm -f might be better choices.

> diff --git a/package/base-files/files/lib/preinit/80_mount_root
> b/package/base-files/files/lib/preinit/80_mount_root
> index 56d3fa3797..1c5bdbc9d8 100644
> --- a/package/base-files/files/lib/preinit/80_mount_root
> +++ b/package/base-files/files/lib/preinit/80_mount_root
> @@ -20,11 +20,17 @@ do_mount_root() {
>    boot_run_hook preinit_mount_root
>    [ -f /sysupgrade.tgz ] && {
>    echo "- config restore -"
> - cd /
> +         cp /etc/passwd /tmp/
> + cp /etc/group /tmp/
> + cp /etc/shadow /tmp/
> +        cd /
>    tar xzf /sysupgrade.tgz
> - missing_lines /rom/etc/passwd /etc/passwd >> /etc/passwd
> - missing_lines /rom/etc/group /etc/group >> /etc/group
> - missing_lines /rom/etc/shadow /etc/shadow >> /etc/shadow
> + missing_lines /tmp/passwd /etc/passwd >> /etc/passwd
> + missing_lines /tmp/group /etc/group >> /etc/group
> + missing_lines /tmp/shadow /etc/shadow >> /etc/shadow
> +        rm /tmp/shadow 2>/dev/null
> +        rm /tmp/passwd 2>/dev/null
> +        rm /tmp/group 2>/dev/null
>    # Prevent configuration corruption on a power loss
>    sync
>    }

diff --git a/package/base-files/files/lib/preinit/80_mount_root
b/package/base-files/files/lib/preinit/80_mount_root
index 56d3fa3797..1c5bdbc9d8 100644
--- a/package/base-files/files/lib/preinit/80_mount_root
+++ b/package/base-files/files/lib/preinit/80_mount_root
@@ -20,11 +20,17 @@  do_mount_root() {
  boot_run_hook preinit_mount_root
  [ -f /sysupgrade.tgz ] && {
  echo "- config restore -"
- cd /
+         cp /etc/passwd /tmp/
+ cp /etc/group /tmp/
+ cp /etc/shadow /tmp/
+        cd /
  tar xzf /sysupgrade.tgz
- missing_lines /rom/etc/passwd /etc/passwd >> /etc/passwd
- missing_lines /rom/etc/group /etc/group >> /etc/group
- missing_lines /rom/etc/shadow /etc/shadow >> /etc/shadow
+ missing_lines /tmp/passwd /etc/passwd >> /etc/passwd
+ missing_lines /tmp/group /etc/group >> /etc/group
+ missing_lines /tmp/shadow /etc/shadow >> /etc/shadow
+        rm /tmp/shadow 2>/dev/null
+        rm /tmp/passwd 2>/dev/null
+        rm /tmp/group 2>/dev/null
  # Prevent configuration corruption on a power loss
  sync
  }

base-files: merge /etc/passwd support more than just /rom based installs

Commit Message

Comments

Patch