diff options
Diffstat (limited to 'abs/core/shadow/shadow.install')
| -rw-r--r-- | abs/core/shadow/shadow.install | 27 |
1 files changed, 20 insertions, 7 deletions
diff --git a/abs/core/shadow/shadow.install b/abs/core/shadow/shadow.install index 14384c3..83d9ab7 100644 --- a/abs/core/shadow/shadow.install +++ b/abs/core/shadow/shadow.install @@ -1,9 +1,22 @@ +setcaps() { + _setcap() { + if filecap "$1" "$2"; then + chmod -s "$1" + fi + } + + # shadow ships these as setuid, but if we can apply file caps, use those instead. + # 'filecap' insists on absolute paths + _setcap /usr/bin/newuidmap setuid + _setcap /usr/bin/newgidmap setgid +} + +post_install() { + setcaps +} + post_upgrade() { - grpck -r >/dev/null 2>&1 - if [ $? -eq 2 ]; then - printf '%s\n' \ - "==> Warning: /etc/group or /etc/gshadow are inconsistent." \ - " Run 'grpck' to correct this." - fi - return 0 + setcaps } + +# vim:set ts=2 sw=2 et: |