[TinyLogin] Patch for passwd.c

[Marcus Hall]

Since there hasn't been a release in quite some time, I don't know how actively
tinylogin is being maintained, but in the spirit of sharing patches, this
is a patch to address an issue I had with tinylogin's password personality.
We run an embedded system with a cramfs root filesystem.  So, some of the
configuration files exist in a jffs2 filesystem so that they are writable.
Thus, the /etc/passwd file is a symbolic link to a location in a writable
filesystem.

I would expect that this is a reasonably common arangement, so this patch
may be generally useful.

What this patch does is to look at the /etc/passwd or /etc/shadow (whichever
it is about to update), and if it is a symlink, then it uses the target of
the symlink instead of the original file.

Marcus Hall
LGS Innovations
------------------

diff tinylogin/passwd.c
@@ -187,11 +187,31 @@
 		snprintf(filename, sizeof filename, "%s", PASSWD_FILE);
 	}
 
-	if (((fp = fopen(filename, "r+")) == 0) || (fstat(fileno(fp), &sb))) {
+	if (lstat(filename, &sb) || (fp = fopen(filename, "r+")) == 0) {
 		/* return 0; */
 		return 1;
 	}
 
+	if (S_ISLNK(sb.st_mode)) {
+		int sz;
+		char *p;
+
+		/* If symbolic link, get true filename */
+		sz = readlink(filename, buf, sizeof buf);
+		if (sz <= 0 || sz >= sizeof filename) return 1;
+		buf[sz] = '\0';
+		/* If not absolute, append after last '/' */
+		if (buf[0] != '/') {
+			p = strrchr(filename, '/');
+			if (p) ++p;
+			else p = filename;
+		} else {
+			p = filename;
+		}
+		strncpy(p, buf, sizeof filename - (p-filename));
+		filename[sizeof filename - 1] = '\0';
+	}
+
 	/* Lock the password file before updating */
 	lock.l_type = F_WRLCK;
 	lock.l_whence = SEEK_SET;


----- End forwarded message -----