[Pkg-shadow-devel] [PATCH 1/2] Fix building without subordinate IDs support
Serge Hallyn
serge.hallyn at ubuntu.com
Fri Aug 29 19:23:30 UTC 2014
Quoting James Le Cuirot (chewi at aura-online.co.uk):
> On Fri, 29 Aug 2014 18:09:43 +0000
> Serge Hallyn <serge.hallyn at ubuntu.com> wrote:
>
> > One question - should newuidmap and newgidmap still also depend
> > on ACCT_TOOLS_SETUID ? (You are pulling them out of that #if
> > in Makefile.am)
> >
> > >
> > > diff --git a/src/Makefile.am b/src/Makefile.am
> > > index 25e288d..cebd415 100644
> > > --- a/src/Makefile.am
> > > +++ b/src/Makefile.am
> > > @@ -52,10 +52,13 @@ usbin_PROGRAMS = \
> > > noinst_PROGRAMS = id sulogin
> > >
> > > suidbins = su
> > > -suidubins = chage chfn chsh expiry gpasswd newgrp passwd newuidmap newgidmap
> > > +suidubins = chage chfn chsh expiry gpasswd newgrp passwd
> > > if ACCT_TOOLS_SETUID
> > > suidubins += chage chgpasswd chpasswd groupadd groupdel groupmod newusers useradd userdel usermod
> > > endif
> > > +if ENABLE_SUBIDS
> > > + suidubins += newgidmap newuidmap
> > > +endif
>
> I don't believe I am? They were on the suidubins line before that if
D'oh. Sorry, youre right.
> clause. I'm not sure what the rule is for whether a binary should be in
> ACCT_TOOLS_SETUID or not but I did notice that chage is actually
> included on both lines, which is almost certainly a mistake.
Yup, clearly it should be pulled out of one of them. looks
like it came from f8aef60 by nekral. it looks like chage should
compile either way, just without libpam i nthe !ACCT_TOOLS_SETUID case,
so ithink it can be removed from the suidubins += line.
-serge
More information about the Pkg-shadow-devel
mailing list