> -----Original Message-----
> From: Louis Rannou <[email protected]>
> Sent: den 29 juni 2023 15:04
> To: Peter Kjellerstedt <[email protected]>; openembedded-
> [email protected]
> Cc: [email protected]
> Subject: Re: [OE-core] [PATCH 2/3] systemd: replace the sysusers.d basic
> configuration
>
> Hello, please find an answer to the last comment
>
> On 19/06/2023 14:10, Louis Rannou wrote:
> > Hello,
> >
> > On 16/06/2023 18:51, Peter Kjellerstedt wrote:
> >>> -----Original Message-----
> >>> From: [email protected]
> >>> <[email protected]> On Behalf Of Louis Rannou
> >>> Sent: den 15 juni 2023 13:44
> >>> To: [email protected]
> >>> Cc: Louis Rannou <[email protected]>; [email protected]
> >>> Subject: [OE-core] [PATCH 2/3] systemd: replace the sysusers.d basic
> >>> configuration
> >>>
> >>> The default sysusers basic.conf.in file sets the root home directory
> >>> to `/root`
> >>> and does not permit its configuration. Replace the file delivered by
> >>> systemd so
> >>> the root home directory matches the `ROOT_HOME` variable.
> >>>
> >>> Signed-off-by: Louis Rannou <[email protected]>
> >>> ---
> >>> meta/recipes-core/systemd/systemd/basic.conf.in | 40
> >>> +++++++++++++++++++++++++
> >>> meta/recipes-core/systemd/systemd_253.3.bb | 5 ++++
> >>> 2 files changed, 45 insertions(+)
> >>>
> >>> diff --git a/meta/recipes-core/systemd/systemd/basic.conf.in
> >>> b/meta/recipes-core/systemd/systemd/basic.conf.in
> >>> new file mode 100644
> >>> index 0000000000..fac288f7fa
> >>> --- /dev/null
> >>> +++ b/meta/recipes-core/systemd/systemd/basic.conf.in
> >>> @@ -0,0 +1,40 @@
> >>> +# This file is part of systemd.
> >>> +#
> >>> +# systemd is free software; you can redistribute it and/or modify it
> >>> +# under the terms of the GNU Lesser General Public License as
> >>> published by
> >>> +# the Free Software Foundation; either version 2.1 of the License,
> or
> >>> +# (at your option) any later version.
> >>> +
> >>> +# The superuser
> >>> +u root 0 "root" :ROOT_HOME:
> >>> +
> >>> +# The nobody user/group for NFS file systems
> >>> +g {{NOBODY_GROUP_NAME}} 65534 - -
> >>> +u {{NOBODY_USER_NAME }} 65534:65534 "Nobody" -
> >>> +
> >>> +# Administrator group: can *see* more than normal users
> >>> +g adm {{ADM_GID }} - -
> >>> +
> >>> +# Administrator group: can *do* more than normal users
> >>> +g wheel {{WHEEL_GID }} - -
> >>> +
> >>> +# Access to shared database of users on the system
> >>> +g utmp {{UTMP_GID }} - -
> >>> +
> >>> +# Physical and virtual hardware access groups
> >>> +g audio {{AUDIO_GID }} - -
> >>> +g cdrom {{CDROM_GID }} - -
> >>> +g dialout {{DIALOUT_GID}} - -
> >>> +g disk {{DISK_GID }} - -
> >>> +g input {{INPUT_GID }} - -
> >>> +g kmem {{KMEM_GID }} - -
> >>> +g kvm {{KVM_GID }} - -
> >>> +g lp {{LP_GID }} - -
> >>> +g render {{RENDER_GID }} - -
> >>> +g sgx {{SGX_GID }} - -
> >>> +g tape {{TAPE_GID }} - -
> >>> +g tty {{TTY_GID }} - -
> >>> +g video {{VIDEO_GID }} - -
> >>> +
> >>> +# Default group for normal users
> >>> +g users {{USERS_GID }} - -
> >>> diff --git a/meta/recipes-core/systemd/systemd_253.3.bb
> >>> b/meta/recipes-core/systemd/systemd_253.3.bb
> >>> index 45dc6ab5bb..87fbf6f785 100644
> >>> --- a/meta/recipes-core/systemd/systemd_253.3.bb
> >>> +++ b/meta/recipes-core/systemd/systemd_253.3.bb
> >>> @@ -17,6 +17,7 @@ REQUIRED_DISTRO_FEATURES = "systemd"
> >>> SRC_URI += " \
> >>> file://touchscreen.rules \
> >>> file://00-create-volatile.conf \
> >>> + file://basic.conf.in \
> >>
> >> Instead of including a modified copy of the basic.conf.in file
> >> from systemd, include a patch that modifies the file that systemd
> >> provides. Otherwise this becomes a maintenance problem where it
> >> is easy to miss changes that upstream does to the file, and also
> >> hard to know what you have changed.
> >>
> > This came to my mind, but it seems to me it's a configuration and not a
> > patch. Some distribution as debian generate their own.
> >
> >>> ${@bb.utils.contains('PACKAGECONFIG',
> >>> 'polkit_hostnamed_fallback',
> >>> 'file://org.freedesktop.hostname1_no_polkit.conf', '', d)} \
> >>> ${@bb.utils.contains('PACKAGECONFIG',
> >>> 'polkit_hostnamed_fallback', 'file://00-hostnamed-network-user.conf', '',
> >>> d)} \
> >>> file://init \
> >>> @@ -252,6 +253,10 @@ EXTRA_OEMESON += "-Dkexec-path=${sbindir}/kexec \
> >>> # The 60 seconds is watchdog's default vaule.
> >>> WATCHDOG_TIMEOUT ??= "60"
> >>>
> >>> +do_configure:prepend() {
> >>> + sed s@:ROOT_HOME:@${ROOT_HOME}@g ${WORKDIR}/basic.conf.in >
> >>> ${S}/sysusers.d/basic.conf.in
> >>
> >> Please indent shell code using tabs, and change the command to:
> >>
> >> sed -i s@:ROOT_HOME:@${ROOT_HOME}@g ${S}/sysusers.d/basic.conf.in
> >>
> >> once you have added the patch as per above.
>
> That's incorrect as the source and destination are different. Perhaps I
> should call the initial file basic.conf.in.in if it's more clear.
Note the "once you have added the patch" part. I.e., once you have added a
patch to modify the basic.conf.in that systemd provides, the above command
should work. However, depending on whether systemd´s build system actually
uses the path provided in the basic.conf.in file (which I doubt), a better
way would be do run the sed above on the installed basic.conf file. I.e.,
use a patch to modify basic.conf.in to contain ":ROOT_HOME:" instead of
what path systemd upstream provides, and then use sed in do_install:append
to replace ":ROOT_HOME:" with "${ROOT_HOME}" in the installed basic.conf
file.
>
> >>
> >> However, I am wondering if this has to be done during do_configure()?
> >> It might become confusing if you ever `devtool modify systemd` (which
> >> we do). Wouldn't it be better to do it on the installed file in the
> >> do_install() below instead?
> This file is used at compilation to produce the basic.conf file. So it's
> needed after the configuration. What would go wrong with devtool ?
The change that sed makes would be seen as a change to the sources checked
out by devtool, and thus you risk someone accidentally committing it when
they make other changes to systemd using devtool modify.
>
> >>
> >>> +}
> >>> +
> >>> do_install() {
> >>> meson_do_install
> >>> install -d ${D}/${base_sbindir}
> >>>
>
> Louis
//Peter
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#184854):
https://lists.openembedded.org/g/openembedded-core/message/184854
Mute This Topic: https://lists.openembedded.org/mt/99546757/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
