From 23ed226a4b4b7c1cac2c52e6808631d9f0d6f652 Mon Sep 17 00:00:00 2001 From: Matei Valeanu Date: Fri, 19 Feb 2021 19:17:20 +0100 Subject: Set the users and groups statically Cannot set USERADD_ERROR_DYNAMIC to error as it breaks the build. We need to be carefull when adding new users/groups, to also add them to files/{groups,passwd} Change-Id: I7ecfa9936af6319ced946e243cbe3bbcd23e8e4c Signed-off-by: Matei Valeanu --- conf/template.xeon-d-debug/local.conf.sample | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) (limited to 'conf/template.xeon-d-debug/local.conf.sample') diff --git a/conf/template.xeon-d-debug/local.conf.sample b/conf/template.xeon-d-debug/local.conf.sample index e898db6..6474a37 100644 --- a/conf/template.xeon-d-debug/local.conf.sample +++ b/conf/template.xeon-d-debug/local.conf.sample @@ -251,3 +251,29 @@ SOTA_MACHINE ?= "${MACHINE}" DISTRO_FEATURES_append = " sota" DISTRO_FEATURES_NATIVE_append = " sota" INHERIT += " sota" + +# Various packages dynamically add users and groups to the system at package +# install time. For programs that do not care what the uid/gid is of the +# resulting users/groups, the order of the install will determine the final +# uid/gid. This can lead to non-deterministic uid/gid values from one build +# to another. Use the following settings to specify that all user/group adds +# should be created based on a static passwd/group file. +# +# Note, if you enable or disable the useradd-staticids in a configured system, +# the TMPDIR may contain incorrect uid/gid values. Clearing the TMPDIR +# will correct this condition. +# +# By default the system looks in the BBPATH for files/passwd and files/group +# the default can be overriden by spefying USERADD_UID/GID_TABLES. +# +USERADDEXTENSION = "useradd-staticids" +USERADD_UID_TABLES = "files/passwd" +USERADD_GID_TABLES = "files/group" +# +# In order to prevent generating a system where a dynamicly assigned uid/gid +# can exist, you should enable the following setting. This will force the +# system to error out if the user/group name is not defined in the +# files/passwd or files/group (or specified replacements.) +# Unfortunately, setting the variable below breaks the build, so do not set it +# for now +# USERADD_ERROR_DYNAMIC = "1" -- cgit v1.2.3-54-g00ecf