diff options
author | Stephano Cetola <stephano.cetola@linux.intel.com> | 2016-05-31 13:59:54 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-06-01 12:38:43 +0100 |
commit | 79be110c1fdfd0affe6a310b96e7107c4549d23c (patch) | |
tree | 3dcc7cd383e22ae57b458db4e022fb21411b9ba5 | |
parent | cdd764c005dc4352fa7a7d627495ac4e92215772 (diff) | |
download | poky-79be110c1fdfd0affe6a310b96e7107c4549d23c.tar.gz |
systemd: allow add users as a rootfs postprocess cmd
Adding all the users / groups to systemd is only available for readonly
file systems. This change allows users to add them to read / write file
systems as well by specifying:
ROOTFS_POSTPROCESS_COMMAND += "systemd_create_users"
Also, add "--shell /sbin/nologin" to each user's add params.
[ YOCTO #9497 ]
(From OE-Core rev: 98a4c642444a524f547f5d978a28814d20c12354)
Signed-off-by: Stephano Cetola <stephano.cetola@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | meta/classes/rootfs-postcommands.bbclass | 43 |
1 files changed, 20 insertions, 23 deletions
diff --git a/meta/classes/rootfs-postcommands.bbclass b/meta/classes/rootfs-postcommands.bbclass index 95d28afa30..db8b551533 100644 --- a/meta/classes/rootfs-postcommands.bbclass +++ b/meta/classes/rootfs-postcommands.bbclass | |||
@@ -21,7 +21,7 @@ ROOTFS_POSTUNINSTALL_COMMAND =+ "write_image_manifest ; " | |||
21 | POSTINST_LOGFILE ?= "${localstatedir}/log/postinstall.log" | 21 | POSTINST_LOGFILE ?= "${localstatedir}/log/postinstall.log" |
22 | # Set default target for systemd images | 22 | # Set default target for systemd images |
23 | SYSTEMD_DEFAULT_TARGET ?= '${@bb.utils.contains("IMAGE_FEATURES", "x11-base", "graphical.target", "multi-user.target", d)}' | 23 | SYSTEMD_DEFAULT_TARGET ?= '${@bb.utils.contains("IMAGE_FEATURES", "x11-base", "graphical.target", "multi-user.target", d)}' |
24 | ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains("DISTRO_FEATURES", "systemd", "set_systemd_default_target; ", "", d)}' | 24 | ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains("DISTRO_FEATURES", "systemd", "set_systemd_default_target; systemd_create_users;", "", d)}' |
25 | 25 | ||
26 | ROOTFS_POSTPROCESS_COMMAND += 'empty_var_volatile;' | 26 | ROOTFS_POSTPROCESS_COMMAND += 'empty_var_volatile;' |
27 | 27 | ||
@@ -30,7 +30,25 @@ ROOTFS_POSTPROCESS_COMMAND += 'empty_var_volatile;' | |||
30 | SSH_DISABLE_DNS_LOOKUP ?= " ssh_disable_dns_lookup ; " | 30 | SSH_DISABLE_DNS_LOOKUP ?= " ssh_disable_dns_lookup ; " |
31 | ROOTFS_POSTPROCESS_COMMAND_append_qemuall = "${SSH_DISABLE_DNS_LOOKUP}" | 31 | ROOTFS_POSTPROCESS_COMMAND_append_qemuall = "${SSH_DISABLE_DNS_LOOKUP}" |
32 | 32 | ||
33 | 33 | systemd_create_users () { | |
34 | for conffile in ${IMAGE_ROOTFS}/usr/lib/sysusers.d/systemd.conf ${IMAGE_ROOTFS}/usr/lib/sysusers.d/systemd-remote.conf; do | ||
35 | [ -e $conffile ] || continue | ||
36 | grep -v "^#" $conffile | sed -e '/^$/d' | while read type name id comment; do | ||
37 | if [ "$type" = "u" ]; then | ||
38 | useradd_params="--shell /sbin/nologin" | ||
39 | [ "$id" != "-" ] && useradd_params="$useradd_params --uid $id" | ||
40 | [ "$comment" != "-" ] && useradd_params="$useradd_params --comment $comment" | ||
41 | useradd_params="$useradd_params --system $name" | ||
42 | eval useradd --root ${IMAGE_ROOTFS} $useradd_params || true | ||
43 | elif [ "$type" = "g" ]; then | ||
44 | groupadd_params="" | ||
45 | [ "$id" != "-" ] && groupadd_params="$groupadd_params --gid $id" | ||
46 | groupadd_params="$groupadd_params --system $name" | ||
47 | eval groupadd --root ${IMAGE_ROOTFS} $groupadd_params || true | ||
48 | fi | ||
49 | done | ||
50 | done | ||
51 | } | ||
34 | 52 | ||
35 | # | 53 | # |
36 | # A hook function to support read-only-rootfs IMAGE_FEATURES | 54 | # A hook function to support read-only-rootfs IMAGE_FEATURES |
@@ -73,27 +91,6 @@ read_only_rootfs_hook () { | |||
73 | ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh | 91 | ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh |
74 | fi | 92 | fi |
75 | fi | 93 | fi |
76 | |||
77 | if ${@bb.utils.contains("DISTRO_FEATURES", "systemd", "true", "false", d)}; then | ||
78 | # Update user database files so that services don't fail for a read-only systemd system | ||
79 | for conffile in ${IMAGE_ROOTFS}/usr/lib/sysusers.d/systemd.conf ${IMAGE_ROOTFS}/usr/lib/sysusers.d/systemd-remote.conf; do | ||
80 | [ -e $conffile ] || continue | ||
81 | grep -v "^#" $conffile | sed -e '/^$/d' | while read type name id comment; do | ||
82 | if [ "$type" = "u" ]; then | ||
83 | useradd_params="" | ||
84 | [ "$id" != "-" ] && useradd_params="$useradd_params --uid $id" | ||
85 | [ "$comment" != "-" ] && useradd_params="$useradd_params --comment $comment" | ||
86 | useradd_params="$useradd_params --system $name" | ||
87 | eval useradd --root ${IMAGE_ROOTFS} $useradd_params || true | ||
88 | elif [ "$type" = "g" ]; then | ||
89 | groupadd_params="" | ||
90 | [ "$id" != "-" ] && groupadd_params="$groupadd_params --gid $id" | ||
91 | groupadd_params="$groupadd_params --system $name" | ||
92 | eval groupadd --root ${IMAGE_ROOTFS} $groupadd_params || true | ||
93 | fi | ||
94 | done | ||
95 | done | ||
96 | fi | ||
97 | } | 94 | } |
98 | 95 | ||
99 | # | 96 | # |