From 5ede30e1a37eb79454a73d5e78047f048d25e4ad Mon Sep 17 00:00:00 2001 From: Alexandru Avadanii Date: Wed, 6 Jul 2022 20:18:18 +0200 Subject: images: Work around broken systemd_create_users Since we use static UID/GID for all users and groups on the platform, we run into the issue described in [1] (upstream on "master" branch), since [2] started to generate the users/groups dynamically at build time based on all sysusers.d framents (not only "systemd.conf" like in previous releases). So "systemd_create_users": - is completly redundant for Enea Edge Runtime since we populate all users and groups statically; - breaks the build; - won't be fixed upstream since Hardknott is already EOL; - can't be omitted by pinning poky to a previous commit (lots of CVE fixes are newer than [2] + some recipe SRC_URI were updated after [2] was merged); - is easy to just disable for the machines where we know we have static UID/GID (this is why we apply the change in local.conf); [1] https://git.yoctoproject.org/poky/commit/meta/classes/\ rootfs-postcommands.bbclass?id=a559a2cba9284a1531fbc402c6fda1c5a51259c1 [2] https://git.yoctoproject.org/poky/commit/meta/classes/\ rootfs-postcommands.bbclass?id=8eee0062a7a036d0594dff193995ac7914c6124b Signed-off-by: Alexandru Avadanii Change-Id: Iac50346ced5aec29cda4561da85f2d4f50560f38 (cherry picked from commit 36676c77186d9681b0c0d263d2a880e3e5bc9080) --- conf/template.atom-c3000-debug/local.conf.sample | 1 + conf/template.atom-c3000/local.conf.sample | 1 + conf/template.xeon-d-debug/local.conf.sample | 1 + conf/template.xeon-d/local.conf.sample | 1 + 4 files changed, 4 insertions(+) diff --git a/conf/template.atom-c3000-debug/local.conf.sample b/conf/template.atom-c3000-debug/local.conf.sample index b96bf48..1c5fbb2 100644 --- a/conf/template.atom-c3000-debug/local.conf.sample +++ b/conf/template.atom-c3000-debug/local.conf.sample @@ -259,6 +259,7 @@ SKIP_META_VIRT_SANITY_CHECK = "1" USERADDEXTENSION = "useradd-staticids" USERADD_UID_TABLES = "files/passwd" USERADD_GID_TABLES = "files/group" +ROOTFS_POSTPROCESS_COMMAND_remove = "systemd_create_users;" # # In order to prevent generating a system where a dynamicly assigned uid/gid # can exist, you should enable the following setting. This will force the diff --git a/conf/template.atom-c3000/local.conf.sample b/conf/template.atom-c3000/local.conf.sample index c6cbdba..54d065c 100644 --- a/conf/template.atom-c3000/local.conf.sample +++ b/conf/template.atom-c3000/local.conf.sample @@ -256,6 +256,7 @@ SKIP_META_VIRT_SANITY_CHECK = "1" USERADDEXTENSION = "useradd-staticids" USERADD_UID_TABLES = "files/passwd" USERADD_GID_TABLES = "files/group" +ROOTFS_POSTPROCESS_COMMAND_remove = "systemd_create_users;" # # In order to prevent generating a system where a dynamicly assigned uid/gid # can exist, you should enable the following setting. This will force the diff --git a/conf/template.xeon-d-debug/local.conf.sample b/conf/template.xeon-d-debug/local.conf.sample index 4be1706..3f8ef4a 100644 --- a/conf/template.xeon-d-debug/local.conf.sample +++ b/conf/template.xeon-d-debug/local.conf.sample @@ -260,6 +260,7 @@ SKIP_META_VIRT_SANITY_CHECK = "1" USERADDEXTENSION = "useradd-staticids" USERADD_UID_TABLES = "files/passwd" USERADD_GID_TABLES = "files/group" +ROOTFS_POSTPROCESS_COMMAND_remove = "systemd_create_users;" # # In order to prevent generating a system where a dynamicly assigned uid/gid # can exist, you should enable the following setting. This will force the diff --git a/conf/template.xeon-d/local.conf.sample b/conf/template.xeon-d/local.conf.sample index a1a874d..ace57dd 100644 --- a/conf/template.xeon-d/local.conf.sample +++ b/conf/template.xeon-d/local.conf.sample @@ -257,6 +257,7 @@ SKIP_META_VIRT_SANITY_CHECK = "1" USERADDEXTENSION = "useradd-staticids" USERADD_UID_TABLES = "files/passwd" USERADD_GID_TABLES = "files/group" +ROOTFS_POSTPROCESS_COMMAND_remove = "systemd_create_users;" # # In order to prevent generating a system where a dynamicly assigned uid/gid # can exist, you should enable the following setting. This will force the -- cgit v1.2.3-54-g00ecf