poky/meta/recipes-extended/shadow/files/allow-for-setting-password-in-clear-text.patch

Subject: [PATCH] Allow for setting password in clear text

Upstream-Status: Inappropriate [OE specific]

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
 src/Makefile.am |  8 ++++----
 src/groupadd.c  | 20 +++++++++++++++-----
 src/groupmod.c  | 20 +++++++++++++++-----
 src/useradd.c   | 21 +++++++++++++++------
 src/usermod.c   | 20 +++++++++++++++-----
 5 files changed, 64 insertions(+), 25 deletions(-)

diff --git a/src/Makefile.am b/src/Makefile.am
index 3c98a8d..b8093d5 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -93,10 +93,10 @@ chgpasswd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBSELINUX) $(LIBCRYPT)
 chsh_LDADD     = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD)
 chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT)
 gpasswd_LDADD  = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT)
-groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
+groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT)
 groupdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
 groupmems_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX)
-groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
+groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT)
 grpck_LDADD    = $(LDADD) $(LIBSELINUX)
 grpconv_LDADD  = $(LDADD) $(LIBSELINUX)
 grpunconv_LDADD = $(LDADD) $(LIBSELINUX)
@@ -117,9 +117,9 @@ su_SOURCES     = \
 	suauth.c
 su_LDADD       = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD)
 sulogin_LDADD  = $(LDADD) $(LIBCRYPT)
-useradd_LDADD  = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR)
+useradd_LDADD  = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBCRYPT)
 userdel_LDADD  = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE)
-usermod_LDADD  = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR)
+usermod_LDADD  = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBCRYPT)
 vipw_LDADD     = $(LDADD) $(LIBSELINUX)
 
 install-am: all-am
diff --git a/src/groupadd.c b/src/groupadd.c
index b57006c..63e1c48 100644
--- a/src/groupadd.c
+++ b/src/groupadd.c
@@ -123,9 +123,10 @@ static /*@noreturn@*/void usage (int status)
 	(void) fputs (_("  -o, --non-unique              allow to create groups with duplicate\n"
 	                "                                (non-unique) GID\n"), usageout);
 	(void) fputs (_("  -p, --password PASSWORD       use this encrypted password for the new group\n"), usageout);
+	(void) fputs (_("  -P, --clear-password PASSWORD use this clear password for the new group\n"), usageout);
 	(void) fputs (_("  -r, --system                  create a system account\n"), usageout);
 	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
-	(void) fputs (_("  -P, --prefix PREFIX_DIR       directory prefix\n"), usageout);
+	(void) fputs (_("  -A, --prefix PREFIX_DIR       directory prefix\n"), usageout);
 	(void) fputs ("\n", usageout);
 	exit (status);
 }
@@ -387,13 +388,14 @@ static void process_flags (int argc, char **argv)
 		{"key",        required_argument, NULL, 'K'},
 		{"non-unique", no_argument,       NULL, 'o'},
 		{"password",   required_argument, NULL, 'p'},
+		{"clear-password", required_argument, NULL, 'P'},
 		{"system",     no_argument,       NULL, 'r'},
 		{"root",       required_argument, NULL, 'R'},
-		{"prefix",     required_argument, NULL, 'P'},
+		{"prefix",     required_argument, NULL, 'A'},
 		{NULL, 0, NULL, '\0'}
 	};
 
-	while ((c = getopt_long (argc, argv, "fg:hK:op:rR:P:",
+	while ((c = getopt_long (argc, argv, "fg:hK:op:P:rR:A:",
 		                 long_options, NULL)) != -1) {
 		switch (c) {
 		case 'f':
@@ -445,12 +447,20 @@ static void process_flags (int argc, char **argv)
 			pflg = true;
 			group_passwd = optarg;
 			break;
+		case 'P':
+			pflg = true;
+			group_passwd = pw_encrypt (optarg, crypt_make_salt (NULL, NULL));
+			break;
 		case 'r':
 			rflg = true;
 			break;
 		case 'R': /* no-op, handled in process_root_flag () */
 			break;
-		case 'P': /* no-op, handled in process_prefix_flag () */
+		case 'A': /* no-op, handled in process_prefix_flag () */
+			fprintf (stderr,
+				 _("%s: -A is deliberately not supported \n"),
+				 Prog);
+			exit (E_BAD_ARG);
 			break;
 		default:
 			usage (E_USAGE);
@@ -584,7 +594,7 @@ int main (int argc, char **argv)
 	(void) textdomain (PACKAGE);
 
 	process_root_flag ("-R", argc, argv);
-	prefix = process_prefix_flag ("-P", argc, argv);
+	prefix = process_prefix_flag ("-A", argc, argv);
 
 	OPENLOG ("groupadd");
 #ifdef WITH_AUDIT
diff --git a/src/groupmod.c b/src/groupmod.c
index b293b98..72daf2c 100644
--- a/src/groupmod.c
+++ b/src/groupmod.c
@@ -134,8 +134,9 @@ static void usage (int status)
 	(void) fputs (_("  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"), usageout);
 	(void) fputs (_("  -p, --password PASSWORD       change the password to this (encrypted)\n"
 	                "                                PASSWORD\n"), usageout);
+	(void) fputs (_("  -P, --clear-password PASSWORD change the password to this clear PASSWORD\n"), usageout);
 	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
-	(void) fputs (_("  -P, --prefix PREFIX_DIR       prefix directory where are located the /etc/* files\n"), usageout);
+	(void) fputs (_("  -A, --prefix PREFIX_DIR       prefix directory where are located the /etc/* files\n"), usageout);
 	(void) fputs ("\n", usageout);
 	exit (status);
 }
@@ -383,11 +384,12 @@ static void process_flags (int argc, char **argv)
 		{"new-name",   required_argument, NULL, 'n'},
 		{"non-unique", no_argument,       NULL, 'o'},
 		{"password",   required_argument, NULL, 'p'},
+		{"clear-password", required_argument, NULL, 'P'},
 		{"root",       required_argument, NULL, 'R'},
-		{"prefix",     required_argument, NULL, 'P'},
+		{"prefix",     required_argument, NULL, 'A'},
 		{NULL, 0, NULL, '\0'}
 	};
-	while ((c = getopt_long (argc, argv, "g:hn:op:R:P:",
+	while ((c = getopt_long (argc, argv, "g:hn:op:P:R:A:",
 		                 long_options, NULL)) != -1) {
 		switch (c) {
 		case 'g':
@@ -414,9 +416,17 @@ static void process_flags (int argc, char **argv)
 			group_passwd = optarg;
 			pflg = true;
 			break;
+		case 'P':
+			group_passwd = pw_encrypt (optarg, crypt_make_salt (NULL, NULL));
+			pflg = true;
+			break;
 		case 'R': /* no-op, handled in process_root_flag () */
 			break;
-		case 'P': /* no-op, handled in process_prefix_flag () */
+		case 'A': /* no-op, handled in process_prefix_flag () */
+			fprintf (stderr,
+				 _("%s: -A is deliberately not supported \n"),
+				 Prog);
+			exit (E_BAD_ARG);
 			break;
 		default:
 			usage (E_USAGE);
@@ -757,7 +767,7 @@ int main (int argc, char **argv)
 	(void) textdomain (PACKAGE);
 
 	process_root_flag ("-R", argc, argv);
-	prefix = process_prefix_flag ("-P", argc, argv);
+	prefix = process_prefix_flag ("-A", argc, argv);
 
 	OPENLOG ("groupmod");
 #ifdef WITH_AUDIT
diff --git a/src/useradd.c b/src/useradd.c
index c74e491..7214e72 100644
--- a/src/useradd.c
+++ b/src/useradd.c
@@ -829,9 +829,10 @@ static void usage (int status)
 	(void) fputs (_("  -o, --non-unique              allow to create users with duplicate\n"
 	                "                                (non-unique) UID\n"), usageout);
 	(void) fputs (_("  -p, --password PASSWORD       encrypted password of the new account\n"), usageout);
+	(void) fputs (_("  -P, --clear-password PASSWORD clear password of the new account\n"), usageout);
 	(void) fputs (_("  -r, --system                  create a system account\n"), usageout);
 	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
-	(void) fputs (_("  -P, --prefix PREFIX_DIR       prefix directory where are located the /etc/* files\n"), usageout);
+	(void) fputs (_("  -A, --prefix PREFIX_DIR       prefix directory where are located the /etc/* files\n"), usageout);
 	(void) fputs (_("  -s, --shell SHELL             login shell of the new account\n"), usageout);
 	(void) fputs (_("  -u, --uid UID                 user ID of the new account\n"), usageout);
 	(void) fputs (_("  -U, --user-group              create a group with the same name as the user\n"), usageout);
@@ -1104,9 +1105,10 @@ static void process_flags (int argc, char **argv)
 			{"no-user-group",  no_argument,       NULL, 'N'},
 			{"non-unique",     no_argument,       NULL, 'o'},
 			{"password",       required_argument, NULL, 'p'},
+			{"clear-password", required_argument, NULL, 'P'},
 			{"system",         no_argument,       NULL, 'r'},
 			{"root",           required_argument, NULL, 'R'},
-			{"prefix",         required_argument, NULL, 'P'},
+			{"prefix",         required_argument, NULL, 'A'},
 			{"shell",          required_argument, NULL, 's'},
 			{"uid",            required_argument, NULL, 'u'},
 			{"user-group",     no_argument,       NULL, 'U'},
@@ -1117,9 +1119,9 @@ static void process_flags (int argc, char **argv)
 		};
 		while ((c = getopt_long (argc, argv,
 #ifdef WITH_SELINUX
-		                         "b:c:d:De:f:g:G:hk:K:lmMNop:rR:P:s:u:UZ:",
+		                         "b:c:d:De:f:g:G:hk:K:lmMNop:P:rR:A:s:u:UZ:",
 #else				/* !WITH_SELINUX */
-		                         "b:c:d:De:f:g:G:hk:K:lmMNop:rR:P:s:u:U",
+		                         "b:c:d:De:f:g:G:hk:K:lmMNop:P:rR:A:s:u:U",
 #endif				/* !WITH_SELINUX */
 		                         long_options, NULL)) != -1) {
 			switch (c) {
@@ -1285,12 +1287,19 @@ static void process_flags (int argc, char **argv)
 				}
 				user_pass = optarg;
 				break;
+			case 'P': /* set clear text password */
+				user_pass = pw_encrypt (optarg, crypt_make_salt (NULL, NULL));
+				break;
 			case 'r':
 				rflg = true;
 				break;
 			case 'R': /* no-op, handled in process_root_flag () */
 				break;
-			case 'P': /* no-op, handled in process_prefix_flag () */
+			case 'A': /* no-op, handled in process_prefix_flag () */
+				fprintf (stderr,
+					 _("%s: -A is deliberately not supported \n"),
+					 Prog);
+				exit (E_BAD_ARG);
 				break;
 			case 's':
 				if (   ( !VALID (optarg) )
@@ -2148,7 +2157,7 @@ int main (int argc, char **argv)
 
 	process_root_flag ("-R", argc, argv);
 
-	prefix = process_prefix_flag("-P", argc, argv);
+	prefix = process_prefix_flag("-A", argc, argv);
 
 	OPENLOG ("useradd");
 #ifdef WITH_AUDIT
diff --git a/src/usermod.c b/src/usermod.c
index e571426..ccfbb99 100644
--- a/src/usermod.c
+++ b/src/usermod.c
@@ -424,8 +424,9 @@ static /*@noreturn@*/void usage (int status)
 	                "                                new location (use only with -d)\n"), usageout);
 	(void) fputs (_("  -o, --non-unique              allow using duplicate (non-unique) UID\n"), usageout);
 	(void) fputs (_("  -p, --password PASSWORD       use encrypted password for the new password\n"), usageout);
+	(void) fputs (_("  -P, --clear-password PASSWORD use clear password for the new password\n"), usageout);
 	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
-	(void) fputs (_("  -P, --prefix PREFIX_DIR       prefix directory where are located the /etc/* files\n"), usageout);
+	(void) fputs (_("  -A, --prefix PREFIX_DIR       prefix directory where are located the /etc/* files\n"), usageout);
 	(void) fputs (_("  -s, --shell SHELL             new login shell for the user account\n"), usageout);
 	(void) fputs (_("  -u, --uid UID                 new UID for the user account\n"), usageout);
 	(void) fputs (_("  -U, --unlock                  unlock the user account\n"), usageout);
@@ -1002,8 +1003,9 @@ static void process_flags (int argc, char **argv)
 			{"move-home",    no_argument,       NULL, 'm'},
 			{"non-unique",   no_argument,       NULL, 'o'},
 			{"password",     required_argument, NULL, 'p'},
+			{"clear-password", required_argument, NULL, 'P'},
 			{"root",         required_argument, NULL, 'R'},
-			{"prefix",       required_argument, NULL, 'P'},
+			{"prefix",       required_argument, NULL, 'A'},
 			{"shell",        required_argument, NULL, 's'},
 			{"uid",          required_argument, NULL, 'u'},
 			{"unlock",       no_argument,       NULL, 'U'},
@@ -1019,7 +1021,7 @@ static void process_flags (int argc, char **argv)
 			{NULL, 0, NULL, '\0'}
 		};
 		while ((c = getopt_long (argc, argv,
-		                         "ac:d:e:f:g:G:hl:Lmop:R:s:u:UP:"
+		                         "ac:d:e:f:g:G:hl:Lmop:P:R:s:u:UA:"
 #ifdef ENABLE_SUBIDS
 		                         "v:w:V:W:"
 #endif				/* ENABLE_SUBIDS */
@@ -1119,9 +1121,17 @@ static void process_flags (int argc, char **argv)
 				user_pass = optarg;
 				pflg = true;
 				break;
+			case 'P':
+				user_pass = pw_encrypt (optarg, crypt_make_salt (NULL, NULL));
+				pflg = true;
+				break;
 			case 'R': /* no-op, handled in process_root_flag () */
 				break;
-			case 'P': /* no-op, handled in process_prefix_flag () */
+			case 'A': /* no-op, handled in process_prefix_flag () */
+				fprintf (stderr,
+					 _("%s: -A is deliberately not supported \n"),
+					 Prog);
+				exit (E_BAD_ARG);
 				break;
 			case 's':
 				if (!VALID (optarg)) {
@@ -2098,7 +2108,7 @@ int main (int argc, char **argv)
 	(void) textdomain (PACKAGE);
 
 	process_root_flag ("-R", argc, argv);
-	prefix = process_prefix_flag ("-P", argc, argv);
+	prefix = process_prefix_flag ("-A", argc, argv);
 
 	OPENLOG ("usermod");
 #ifdef WITH_AUDIT
-- 
2.11.0