From 4c9ad98ae27e3590ab8d05b5145eed1bfb12a5e5 Mon Sep 17 00:00:00 2001
From: MilhouseVH <milhouseVH.github@nmacleod.com>
Date: Thu, 7 Dec 2017 20:12:29 +0000
Subject: [PATCH 1/4] /etc/shadow: fix file permissions

---
 packages/sysutils/busybox/package.mk               | 2 +-
 packages/sysutils/systemd/scripts/userconfig-setup | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/packages/sysutils/busybox/package.mk b/packages/sysutils/busybox/package.mk
index 58576883b7..f5cf42eb36 100644
--- a/packages/sysutils/busybox/package.mk
+++ b/packages/sysutils/busybox/package.mk
@@ -196,7 +196,7 @@ post_install() {
   ROOT_PWD="`$TOOLCHAIN/bin/cryptpw -m sha512 $ROOT_PASSWORD`"
 
   echo "chmod 4755 $INSTALL/usr/bin/busybox" >> $FAKEROOT_SCRIPT
-  echo "chmod 000 $INSTALL/etc/shadow" >> $FAKEROOT_SCRIPT
+  echo "chmod 000 $INSTALL/usr/config/shadow" >> $FAKEROOT_SCRIPT
 
   add_user root "$ROOT_PWD" 0 0 "Root User" "/storage" "/bin/sh"
   add_group root 0
diff --git a/packages/sysutils/systemd/scripts/userconfig-setup b/packages/sysutils/systemd/scripts/userconfig-setup
index 60992d6049..a2e0f842c1 100755
--- a/packages/sysutils/systemd/scripts/userconfig-setup
+++ b/packages/sysutils/systemd/scripts/userconfig-setup
@@ -24,3 +24,5 @@ done
 
 # Copy config files, but don't overwrite - this should replace our sample files
 false | cp -iRp /usr/config/* /storage/.config/ &>/dev/null
+
+[ -f /storage/.config/shadow ] && chmod 000 /storage/.config/shadow || true

From dcd653b5a4d75dbd27f3ab7bb6d795f6a63d5bfb Mon Sep 17 00:00:00 2001
From: MilhouseVH <milhouseVH.github@nmacleod.com>
Date: Thu, 7 Dec 2017 21:05:51 +0000
Subject: [PATCH 2/4] config/functions: match user only at beginning of line

---
 config/functions | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/config/functions b/config/functions
index a7c846789e..2c533c9e0b 100644
--- a/config/functions
+++ b/config/functions
@@ -365,7 +365,7 @@ add_user() {
   # Usage: add_user "username" "password" "userid" "groupid" "description" "home" "shell"
   mkdir -p ${INSTALL}/etc
   touch ${INSTALL}/etc/passwd
-  if [ -z "`grep "$1:" ${INSTALL}/etc/passwd`" ]; then
+  if ! grep -q "^$1:" ${INSTALL}/etc/passwd; then
     echo "$1:x:$3:$4:$5:$6:$7" >> ${INSTALL}/etc/passwd
   fi
 
@@ -376,7 +376,7 @@ add_user() {
   if [ "$PASSWORD" = "x" ]; then
     PASSWORD="*"
   fi
-  if [ -z "`grep "$1:" ${INSTALL}/usr/config/shadow`" ]; then
+  if ! grep -q "^$1:" ${INSTALL}/usr/config/shadow; then
     echo "$1:$PASSWORD:::::::" >> ${INSTALL}/usr/config/shadow
   fi
 }

From dc30a81d1c9d66f261e2f7d16eadbfbf014cedfd Mon Sep 17 00:00:00 2001
From: MilhouseVH <milhouseVH.github@nmacleod.com>
Date: Thu, 7 Dec 2017 21:40:45 +0000
Subject: [PATCH 3/4] shadow: move from .config to .cache

---
 config/functions                                   | 9 +++++----
 packages/sysutils/busybox/package.mk               | 2 +-
 packages/sysutils/systemd/scripts/userconfig-setup | 6 ++----
 3 files changed, 8 insertions(+), 9 deletions(-)

diff --git a/config/functions b/config/functions
index 2c533c9e0b..91636f7847 100644
--- a/config/functions
+++ b/config/functions
@@ -369,15 +369,16 @@ add_user() {
     echo "$1:x:$3:$4:$5:$6:$7" >> ${INSTALL}/etc/passwd
   fi
 
-  touch ${INSTALL}/usr/config/shadow
-  ln -sf /storage/.config/shadow ${INSTALL}/etc/shadow
+  mkdir -p ${INSTALL}/usr/cache
+  touch ${INSTALL}/usr/cache/shadow
+  ln -sf /storage/.cache/shadow ${INSTALL}/etc/shadow
 
   PASSWORD="$2"
   if [ "$PASSWORD" = "x" ]; then
     PASSWORD="*"
   fi
-  if ! grep -q "^$1:" ${INSTALL}/usr/config/shadow; then
-    echo "$1:$PASSWORD:::::::" >> ${INSTALL}/usr/config/shadow
+  if ! grep -q "^$1:" ${INSTALL}/usr/cache/shadow; then
+    echo "$1:$PASSWORD:::::::" >> ${INSTALL}/usr/cache/shadow
   fi
 }
 
diff --git a/packages/sysutils/busybox/package.mk b/packages/sysutils/busybox/package.mk
index f5cf42eb36..d20fca7f1e 100644
--- a/packages/sysutils/busybox/package.mk
+++ b/packages/sysutils/busybox/package.mk
@@ -196,7 +196,7 @@ post_install() {
   ROOT_PWD="`$TOOLCHAIN/bin/cryptpw -m sha512 $ROOT_PASSWORD`"
 
   echo "chmod 4755 $INSTALL/usr/bin/busybox" >> $FAKEROOT_SCRIPT
-  echo "chmod 000 $INSTALL/usr/config/shadow" >> $FAKEROOT_SCRIPT
+  echo "chmod 000 $INSTALL/usr/cache/shadow" >> $FAKEROOT_SCRIPT
 
   add_user root "$ROOT_PWD" 0 0 "Root User" "/storage" "/bin/sh"
   add_group root 0
diff --git a/packages/sysutils/systemd/scripts/userconfig-setup b/packages/sysutils/systemd/scripts/userconfig-setup
index a2e0f842c1..1f708b3eb0 100755
--- a/packages/sysutils/systemd/scripts/userconfig-setup
+++ b/packages/sysutils/systemd/scripts/userconfig-setup
@@ -1,7 +1,7 @@
 #!/bin/sh
 ################################################################################
-#      This file is part of LibreELEC - http://www.libreelec.tv
-#      Copyright (C) 2017 Team LibreELEC
+#      This file is part of LibreELEC - https://libreelec.tv
+#      Copyright (C) 2017-present Team LibreELEC
 #
 #  LibreELEC is free software: you can redistribute it and/or modify
 #  it under the terms of the GNU General Public License as published by
@@ -24,5 +24,3 @@ done
 
 # Copy config files, but don't overwrite - this should replace our sample files
 false | cp -iRp /usr/config/* /storage/.config/ &>/dev/null
-
-[ -f /storage/.config/shadow ] && chmod 000 /storage/.config/shadow || true

From 86530218420dd4518a494de4fb435c513f2a562a Mon Sep 17 00:00:00 2001
From: MilhouseVH <milhouseVH.github@nmacleod.com>
Date: Fri, 8 Dec 2017 03:17:36 +0000
Subject: [PATCH 4/4] shadow: add usercache-setup and usercache service

---
 packages/sysutils/systemd/package.mk          |  2 ++
 .../sysutils/systemd/scripts/usercache-setup  | 33 +++++++++++++++++++
 .../systemd/system.d/usercache.service        | 12 +++++++
 3 files changed, 47 insertions(+)
 create mode 100755 packages/sysutils/systemd/scripts/usercache-setup
 create mode 100644 packages/sysutils/systemd/system.d/usercache.service

diff --git a/packages/sysutils/systemd/package.mk b/packages/sysutils/systemd/package.mk
index 7cbbc42f03..6b8ebb6dbd 100644
--- a/packages/sysutils/systemd/package.mk
+++ b/packages/sysutils/systemd/package.mk
@@ -202,6 +202,7 @@ post_makeinstall_target() {
   mkdir -p $INSTALL/usr/bin
   cp $PKG_DIR/scripts/systemd-machine-id-setup $INSTALL/usr/bin
   cp $PKG_DIR/scripts/userconfig-setup $INSTALL/usr/bin
+  cp $PKG_DIR/scripts/usercache-setup $INSTALL/usr/bin
 
   mkdir -p $INSTALL/usr/sbin
   cp $PKG_DIR/scripts/kernel-overlays-setup $INSTALL/usr/sbin
@@ -255,6 +256,7 @@ post_install() {
   enable_service machine-id.service
   enable_service debugconfig.service
   enable_service userconfig.service
+  enable_service usercache.service
   enable_service kernel-overlays.service
   enable_service hwdb.service
 }
diff --git a/packages/sysutils/systemd/scripts/usercache-setup b/packages/sysutils/systemd/scripts/usercache-setup
new file mode 100755
index 0000000000..1f57204283
--- /dev/null
+++ b/packages/sysutils/systemd/scripts/usercache-setup
@@ -0,0 +1,33 @@
+#!/bin/sh
+################################################################################
+#      This file is part of LibreELEC - https://libreelec.tv
+#      Copyright (C) 2017-present Team LibreELEC
+#
+#  LibreELEC is free software: you can redistribute it and/or modify
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation, either version 2 of the License, or
+#  (at your option) any later version.
+#
+#  LibreELEC is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with LibreELEC.  If not, see <http://www.gnu.org/licenses/>.
+################################################################################
+
+# Copy cache files, but don't overwrite
+false | cp -iRp /usr/cache/* /storage/.cache/ &>/dev/null
+
+# Merge default and custom shadow file details
+if [ -f /storage/.cache/shadow -a -f /usr/cache/shadow ]; then
+  # Get existing root details (possibly user defined)
+  userroot="$(grep "^root:" /storage/.cache/shadow)"
+
+  # Overwrite users shadow file with default details, but replacing root with any existing value
+  [ -n "${userroot}" ] && sed -e "s ^root:.* ${userroot} " /usr/cache/shadow >/storage/.cache/shadow
+
+  # Make sure we have the correct permission
+  chmod 000 /storage/.cache/shadow
+fi
diff --git a/packages/sysutils/systemd/system.d/usercache.service b/packages/sysutils/systemd/system.d/usercache.service
new file mode 100644
index 0000000000..26e9b5836c
--- /dev/null
+++ b/packages/sysutils/systemd/system.d/usercache.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=Setup User cache dir
+DefaultDependencies=no
+After=systemd-tmpfiles-setup.service
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/usercache-setup
+RemainAfterExit=yes
+
+[Install]
+WantedBy=sysinit.target