From b14e1b43942f1f61146d9c6e519bd09688731797 Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Tue, 9 May 2017 14:02:37 +0200 Subject: [PATCH] sysusers: make group shadow support configurable Some distros (openSUSE) don't have group shadow support enabled. This can lead to the following error: # systemd-sysusers Creating group foofoo with gid 478. # systemd-sysusers # groupdel foofoo # systemd-sysusers Creating group foofoo with gid 478. Failed to write files: File exists This patch adds --disable-gshadow option to configure. If used, systemd-sysvusers won't consider /etc/gshadow. --- configure.ac | 5 +++++ meson.build | 2 ++ meson_options.txt | 2 ++ src/sysusers/sysusers.c | 6 ++++++ 4 files changed, 15 insertions(+) diff --git a/configure.ac b/configure.ac index f59f3faf38..4851e5537d 100644 --- a/configure.ac +++ b/configure.ac @@ -1092,6 +1092,11 @@ if test "x$enable_sysusers" != "xno"; then fi AM_CONDITIONAL(ENABLE_SYSUSERS, [test "$have_sysusers" = "yes"]) +AC_ARG_ENABLE(gshadow, AS_HELP_STRING([--disable-gshadow], [disable shadow group support])) +AS_IF([test "x${enable_gshadow}" != "xno"], [ + AC_DEFINE(ENABLE_GSHADOW, 1, [shadow group support is enabled]) +]) + # ------------------------------------------------------------------------------ have_firstboot=no AC_ARG_ENABLE(firstboot, AS_HELP_STRING([--disable-firstboot], [disable firstboot support])) diff --git a/meson.build b/meson.build index 14a20530d4..1d842274f7 100644 --- a/meson.build +++ b/meson.build @@ -988,6 +988,7 @@ foreach pair : [['utmp', 'HAVE_UTMP'], ['tpm', 'SD_BOOT_LOG_TPM'], ['ima', 'HAVE_IMA'], ['smack', 'HAVE_SMACK'], + ['gshadow', 'ENABLE_GSHADOW'], ] if get_option(pair[0]) @@ -2473,6 +2474,7 @@ foreach tuple : [ ['hibernate'], ['adm group', get_option('adm-group')], ['wheel group', get_option('wheel-group')], + ['gshadow'], ['debug hashmap'], ['debug mmap cache'], ] diff --git a/meson_options.txt b/meson_options.txt index 4e99b25e63..3f55cdf1ff 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -146,6 +146,8 @@ option('dev-kvm-mode', type : 'string', value : '0660', description : '/dev/kvm access mode') option('default-kill-user-processes', type : 'boolean', description : 'the default value for KillUserProcesses= setting') +option('gshadow', type : 'boolean', + description : 'support for shadow group') option('default-dnssec', type : 'combo', description : 'default DNSSEC mode', diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c index 5423978fed..b8e8963feb 100644 --- a/src/sysusers/sysusers.c +++ b/src/sysusers/sysusers.c @@ -292,6 +292,7 @@ static int putgrent_with_members(const struct group *gr, FILE *group) { return 0; } +#ifdef ENABLE_GSHADOW static int putsgent_with_members(const struct sgrp *sg, FILE *gshadow) { char **a; @@ -341,6 +342,7 @@ static int putsgent_with_members(const struct sgrp *sg, FILE *gshadow) { return 0; } +#endif static int sync_rights(FILE *from, FILE *to) { struct stat st; @@ -659,6 +661,7 @@ fail: } static int write_temporary_gshadow(const char * gshadow_path, FILE **tmpfile, char **tmpfile_path) { +#ifdef ENABLE_GSHADOW _cleanup_fclose_ FILE *original = NULL, *gshadow = NULL; _cleanup_free_ char *gshadow_tmp = NULL; bool group_changed = false; @@ -740,6 +743,9 @@ static int write_temporary_gshadow(const char * gshadow_path, FILE **tmpfile, ch fail: unlink(gshadow_tmp); return r; +#else + return 0; +#endif } static int write_files(void) {