Age | Commit message (Collapse) | Author | Files |
|
[YOCTO #5436]
Automatic selection of static uid/gid is needed for a dynamically generated
passwd and group file to have a deterministic outcome.
When a package is installed and instructs the system to add a new user or
group, unless it selects a static uid/gid value, the next available uid/gid
will be used. The order in which packages are installed is dynamically
computed, and may change from one installation to the next. This results
in a non-deterministic set of uid/gid values.
Enabling this code by adding USERADDEXTENSION = "useradd-staticids", and
adding a preconfigured passwd/group file will allow the continued dynamic
generation of the rootfs passwd/group files, but will ensure a deterministic
outcome. (Dynamic generation is desired so that users and groups that have
no corresponding functionality are not present within the final system image.)
The rewrite params function will override each of the fields in the
useradd and groupadd calls with the values specified. Note, the password
field is ignored as is the member groups field in the group file. If the
field is empty, the value will not be overridden. (Note, there is no way
to 'blank' a field, as this would only generally affect the 'comment' field
and there really is no reason to blank it.)
Enabling USERADD_ERROR_DYNAMIC will cause packages without static uid/gid
to generate an error and be skipped for the purpose of building. This is
used to prevent non-deterministic behavior.
USERADD_UID_TABLES and USERADD_GID_TABLES may be used to specify the name
of the passwd and group files. By default they are assumed to be
'files/passwd' and 'files/group'. Layers are searched in BBPATH order.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When the system attempts to populate the sysroot's passwd/group files, it
does so in a single block. However, with the way it was previously
implemented, the system would always run through the code necessary to
populate the sysroot, even in the case of target packages. This had
the side effect that a cross-installed filesystem may not match a
target installed filesystem.
The code was slightly reorganized to ensure that the cross/target installed
pre-install script behavior is the same. It also moves the block that
configures the sysroot parameters to the sysroot specific section of
the code.
Also some minor validation was occuring even on nativesdk packages.
Nativesdk packages should be skipped when processing useradd ops.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Packages that use useradd.bbclass should have a dependency on base-files so that
the /etc/skel directory is populated. Without this dependency base-files may or
may not be installed when the postinst runs, and the skel content may or may not
be copied.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
If there is a package A (TUNE_PKGARCH) which is depended upon by B which
is MACHINE_ARCH and you build B for machine X, then Y, the user isn't
present in the sysroot for machine Y since the useradd code is never
triggered.
The change ensures the code does get triggered and the user is present.
[YOCTO 4739]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The preinst scripts are calling bbnote, bbwarn and bbfatal functions,
but these functions are not written to the preinst scripts.
This patch writes these missing functions to the preinst scripts to
avoid the 'not found' errors.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
USERADD_PARAM or GROUPADD_PARAM
Replaced bb.build.FuncFailed with bb.fatal
[YOCTO #4486]
Signed-off-by: Ionut Radu <ionutx.radu@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Add a new base class, useradd_base.bbclass, which is mainly a
collection of basic functions for user/group settings.
The useradd_base.bbclass is intended to be inherited by useradd.bbclass
and the extrausers.bbclass to avoid code cuplication.
[YOCTO #4074]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
useradd.bbclass supports adding new users and new groups. But it does not
support adding existing users to existing groups.
There is a need of adding users to some groups (e.g. audio). The class was
extended to call groupmems utility with arguments passed via GROUPMEMS_PARAM.
Signed-off-by: Mikhail Durnev <mikhail_durnev@mentor.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
dependencies
The do_package_setscene task needs to depend on fakeroot in order to correctly
install its files.
We can whitelist the dependency in the sstate handling code for some
performance improvements since we only need this if we're installing the
package from sstate.
Also use an append operator in base.bbclass for clarity.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
string.join() is deprecated syntax and doesn't work under python3
so use the modern sytax instead.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Modern expection rasing syntax is function call format, convert to this
to keep python 3 happy and model correct coding style in the core.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The overrides virtclass-native and virtclass-nativesdk are deprecated,
which should be replaced by class-native and class-nativesdk.
[YOCTO #3297]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The class adds a setscene dependency on base-passwd as well as adds this to DEPENDS.
The DEPENDS version will be auso-converted to include MLPREFIX whilst the setscene
dependency will not. This result in errors about non-existent tasks.
This patch ensures MLPREFIX is added when it is needed and fixes various
build failures. Whether we should have two base-passwd recipes in a multilib
system is a question which would need to be addressed by future changes.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
MLPREFIX is needed in RDEPENDS for multilib build
Signed-off-by: Zhai Edwin <edwin.zhai@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
A race condition can occur when adding users and groups to the
passwd and group files, causing errors like the following:
ERROR: Function 'useradd_sysroot' failed
Tried to access "/etc/group" but this was locked.
This fix will cause the useradd code to retry the useradd and
groupadd commands up to 10 times (with a 1s sleep in between
attempts) before failing.
This fixes [YOCTO #1794]
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix following error in multilib build:
"ERROR: Task do_package_setscene depends upon nonexistant task
poky/meta/recipes-extended/shadow/shadow-sysroot_4.1.4.3.bb:do_populate_sysroot_setscene"
>From richard.purdie@linuxfoundation.org
Signed-off-by: Zhai Edwin <edwin.zhai@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
packages
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
or nativesdk
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
ordering of setscene tasks
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In the do_populate_sysroot_setscene case, pseudo has been unloaded and we need
to reload it. This code change ensures all the pseudo options are specified
so pseudo loads correctly.
It also improves some of the comments so all the different contexts are listed.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
after do_populate_sysroot_setscene
The user addition needs to happen before the do_package files are extracted
by do_package_setscene since those are the ones we need to preserve the file
ownership information for. This patch ensures this happens.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Without this change, dbus-native can end up depending upon base-passwd
for example. This change mirrors the existing nativesdk code.
Based on a patch from Henning Heinold <heinold@inf.fu-berlin.de>
but with some additions from me.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is the result of running the following over the metadata:
sed \
-e 's:bb.data.\(setVar([^,()]*,[^,()]*\), *\([^ )]*\) *):\2.\1):g' \
-e 's:bb.data.\(setVarFlag([^,()]*,[^,()]*,[^,()]*\), *\([^) ]*\) *):\2.\1):g' \
-e 's:bb.data.\(getVar([^,()]*\), *\([^(), ]*\) *,\([^)]*\)):\2.\1,\3):g' \
-e 's:bb.data.\(getVarFlag([^,()]*,[^,()]*\), *\([^(), ]*\) *,\([^)]*\)):\2.\1,\3):g' \
-e 's:bb.data.\(getVarFlag([^,()]*,[^,()]*\), *\([^() ]*\) *):\2.\1):g' \
-e 's:bb.data.\(getVar([^,()]*\), *\([^) ]*\) *):\2.\1):g' \
-i `grep -ril bb.data *`
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Without this rootfs generation fails as an RDEPENDS is added
but the package might not have bneen built.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Exclude the addition of user/group code and RDEPENDS changes for
-nativesdk packages.
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
|
|
Previously we injected the user/group preinstall script into all
output packages. This fixes that so that only packages listed in
USERADD_PACKAGES get modified.
It also removes the USERADDPN variable, which is no longer needed.
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
|
|
* without this patch, building dbus-nativesdk leads to a missing
dependency on 'base-passwd-nativesdk'
This was added by commit 46e6c3fa8034b12d178d605f3f5d7efe69671a13
* this patch handle the nativesdk case in the class useradd
* close bug 1702 http://bugzilla.pokylinux.org/show_bug.cgi?id=1702
* v2 from Scott Garman with Richard Purdie's tricks
Signed-off-by: Eric Bénard <eric@eukrea.com>
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix bug where only packages named PN included base-passwd in
RDEPENDS.
This fixes [YOCTO #1727]
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
|
|
The use of groupadd -f makes much more difficult to figure when a
group is not add. This was the case of the class not working for our
usage and this being caused by the lack of '/etc/group' file but
unnoticed as groupadd wasn't failing according.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
|
This corrects the location of the password file used during package installation.
See http://lists.linuxtogo.org/pipermail/openembedded-core/2011-September/009183.html and subsequent discussion.
Signed-off-by: Phil Blundell <philb@gnu.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Otherwise the class doesn't work if ${bindir} is set to a different value;
likewise for /var vs ${localstatedir}.
Signed-off-by: Phil Blundell <philb@gnu.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This class is to be used by recipes that need to set up specific
user/group accounts and set custom file/directory permissions.
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
|