firstboot: follow lock protocol when changing /etc/shadow

author: Lennart Poettering <lennart@poettering.net> 2014-07-07 18:57:09 +0200
committer: Lennart Poettering <lennart@poettering.net> 2014-07-07 18:57:09 +0200
commit: 45035609fcfc3fe09324988c4929a3c147171c23 (patch)
tree: 17968a9f24515cef3f744eda4cb933778029f2ce /src/firstboot
parent: 30f10abf42f9e4d251a0b45b07812aafdef6be7c (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c
index 57173a5669..6abffc528f 100644
--- a/src/firstboot/firstboot.c
+++ b/src/firstboot/firstboot.c
@@ -530,7 +530,6 @@ static int write_root_shadow(const char *path, const struct spwd *p) {
         assert(path);
         assert(p);
 
-        mkdir_parents(path, 0755);
         RUN_WITH_UMASK(0777)
                 f = fopen(path, "wex");
         if (!f)
@@ -560,6 +559,8 @@ static int process_root_password(void) {
                 .sp_expire = -1,
                 .sp_flag = (unsigned long) -1, /* this appears to be what everybody does ... */
         };
+
+        _cleanup_close_ int lock = -1;
         char salt[3+16+1+1];
         uint8_t raw[16];
         unsigned i;
@@ -572,6 +573,12 @@ static int process_root_password(void) {
         if (faccessat(AT_FDCWD, etc_shadow, F_OK, AT_SYMLINK_NOFOLLOW) >= 0)
                 return 0;
 
+        mkdir_parents(etc_shadow, 0755);
+
+        lock = take_password_lock(arg_root);
+        if (lock < 0)
+                return lock;
+
         if (arg_copy_root_password && arg_root) {
                 struct spwd *p;
author	Lennart Poettering <lennart@poettering.net>	2014-07-07 18:57:09 +0200
committer	Lennart Poettering <lennart@poettering.net>	2014-07-07 18:57:09 +0200
commit	45035609fcfc3fe09324988c4929a3c147171c23 (patch)
tree	17968a9f24515cef3f744eda4cb933778029f2ce /src/firstboot
parent	30f10abf42f9e4d251a0b45b07812aafdef6be7c (diff)