| 1 |
Attached is, hopefully, the final version of the chroot patch for |
| 2 |
shadow. In it, I've included chroot support for all relevant utilities. |
| 3 |
|
| 4 |
Given that most of the utilities that use PAM do so for authentication |
| 5 |
only, instead of disabling it when used with the --chroot flag, I've |
| 6 |
moved the relevant code to run before chroot is called. It appears less |
| 7 |
dependent on where it is called than I had first suspected. |
| 8 |
|
| 9 |
The exception to this is passwd, chpasswd, and newusers which use PAM to |
| 10 |
do the actual password encryption. I've altered these to fall back to |
| 11 |
using shadow functions (the default when not compiled with PAM support) |
| 12 |
while using --chroot. I'll admit it looks a little ugly, but it doesn't |
| 13 |
seem like it can be helped. I have tested these, and they work fine |
| 14 |
(though before using the --chroot flag, ideally, $ROOT/etc/login.defs |
| 15 |
file should define the same encryption method as |
| 16 |
$ROOT/etc/pam.d/system-auth). |
| 17 |
|
| 18 |
Instead of having a whole lot of "if (chroot_flg)" tests scattered |
| 19 |
throughout the source files, I've instead made ample use of the |
| 20 |
"--wrap=" ldflag to wrap calls to pertinent libc functions into a |
| 21 |
wrapper that checks if the chroot flag is set (still have to use the |
| 22 |
"if (chroot_flg)" tests in passwd, chpasswd, and newusers, though). |
| 23 |
|
| 24 |
Having examined how selinux is used in shadow, I had to disable its use |
| 25 |
in useradd, userdel, and usermod when using chroot. It calls on execve |
| 26 |
after alteration of the database files, which as far as i can tell, |
| 27 |
would fail. And even if it was hacked to succeed, it would likely |
| 28 |
either alter the build system or fail after trying load cross-compiled |
| 29 |
libs. In any event, --chroot with selinux could only benefit a selinux |
| 30 |
system cross-compiling a selinux system. |
| 31 |
|
| 32 |
I've tested all related utilities with various arguments and found them |
| 33 |
all functional, with and without the --chroot flag. |
| 34 |
|
| 35 |
-- Peter Levine |
Archives