summaryrefslogtreecommitdiff
path: root/src/firstboot/firstboot.c
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2014-07-07 18:57:09 +0200
committerLennart Poettering <lennart@poettering.net>2014-07-07 18:57:09 +0200
commit45035609fcfc3fe09324988c4929a3c147171c23 (patch)
tree17968a9f24515cef3f744eda4cb933778029f2ce /src/firstboot/firstboot.c
parent30f10abf42f9e4d251a0b45b07812aafdef6be7c (diff)
firstboot: follow lock protocol when changing /etc/shadow
Diffstat (limited to 'src/firstboot/firstboot.c')
-rw-r--r--src/firstboot/firstboot.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c
index 57173a5669..6abffc528f 100644
--- a/src/firstboot/firstboot.c
+++ b/src/firstboot/firstboot.c
@@ -530,7 +530,6 @@ static int write_root_shadow(const char *path, const struct spwd *p) {
assert(path);
assert(p);
- mkdir_parents(path, 0755);
RUN_WITH_UMASK(0777)
f = fopen(path, "wex");
if (!f)
@@ -560,6 +559,8 @@ static int process_root_password(void) {
.sp_expire = -1,
.sp_flag = (unsigned long) -1, /* this appears to be what everybody does ... */
};
+
+ _cleanup_close_ int lock = -1;
char salt[3+16+1+1];
uint8_t raw[16];
unsigned i;
@@ -572,6 +573,12 @@ static int process_root_password(void) {
if (faccessat(AT_FDCWD, etc_shadow, F_OK, AT_SYMLINK_NOFOLLOW) >= 0)
return 0;
+ mkdir_parents(etc_shadow, 0755);
+
+ lock = take_password_lock(arg_root);
+ if (lock < 0)
+ return lock;
+
if (arg_copy_root_password && arg_root) {
struct spwd *p;