Commits on Apr 9, 2024

1. passwd: create /etc/[g]shadow with mode 0 …

   Because of how our composes work, we need to manually inject
   passwd-related things before installing packages. A somewhat recent
   regression in that area made it so that the `/etc/shadow` and
   `/etc/gshadow` files were created with default permissions (0644), which
   meant they were world readable.
   
   Fix this by explicitly setting their modes to 0. Ideally, we would rely
   on the canonical permissions set in the `setup` package here, but it's
   tricky to fix that without reworking how we install `setup` and handle
   `passwd` treefile options.
   
   Fixes fdb879c ("passwd: sync `etc/{,g}shadow` according to
   `etc/{passwd,group}`").
   
   Fixes coreos#4401

   

   jlebon authored and travier committed Apr 9, 2024
   Configuration menu

   • View commit details
   • Copy full SHA for b1d88ce
   • Browse repository at this point

   Copy the full SHA

   b1d88ce View commit details

   Browse the repository at this point in the history

2. unit: chmod /etc/[g]shadow[-] to 0000 …

   fdb879c introduced a regression where /etc/[g]shadow[-] files where
   created with default permissions: 0644
   
   This unit chmods /etc/shadow, /etc/gshadow and backup copies to 0000
   before interactive login is allowed on a system.
   
   This will fix the systems that were deployed with the above issue.
   
   We keep the stamp in /etc to account for the case where a deployment
   with this unit is rolled back. If we used /var, the stamp would have
   stayed but the fix would not be re-applied on the next update.

   

   jbtrystram authored and travier committed Apr 9, 2024
   Configuration menu

   • View commit details
   • Copy full SHA for 26a3922
   • Browse repository at this point

   Copy the full SHA

   26a3922 View commit details

   Browse the repository at this point in the history