base-files: add gshadow entry in nsswitch.conf
We encountered a newgrp regression in shadow 4.17.3:
root@qemux86-64:~# groupadd g1
root@qemux86-64:~# useradd t1
root@qemux86-64:~# gpasswd g1
Changing the password for group g1
New Password:
Re-enter new password:
root@qemux86-64:~# sudo -u t1 newgrp g1
Password:
Invalid password.
root@qemux86-64:~#
In versions prior to shadow 4.17.3, shadow used an internal
implementation to support shadow group because it could not correctly
detect whether glibc supports shadow group in a cross-compilation
environment. In 4.17.3, it can correctly check whether glibc supports
shadow group even in a cross-compilation environment[1]. If supported,
shadow will use it instead of its own internal implementation.
Shadow group support in glibc requires adding a gshadow entry in
nsswitch.conf.
After the patch:
root@qemux86-64:~# groupadd g1
root@qemux86-64:~# useradd t1
root@qemux86-64:~# gpasswd g1
Changing the password for group g1
New Password:
Re-enter new password:
root@qemux86-64:~# sudo -u t1 newgrp g1
Password:
t1@qemux86-64:/home/root$
[1] https://github.com/shadow-maint/shadow/commit/
da6b9cff02d583ef169a0bc0c1014b19b5fad2fb
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
