systemd: allow add users as a rootfs postprocess cmd
Adding all the users / groups to systemd is only available for readonly file systems. This change allows users to add them to read / write file systems as well by specifying: ROOTFS_POSTPROCESS_COMMAND += "systemd_create_users" Also, add "--shell /sbin/nologin" to each user's add params. [ YOCTO #9497 ] (From OE-Core rev: 98a4c642444a524f547f5d978a28814d20c12354) Signed-off-by: Stephano Cetola <stephano.cetola@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
parent
cdd764c005
commit
79be110c1f
|
@ -21,7 +21,7 @@ ROOTFS_POSTUNINSTALL_COMMAND =+ "write_image_manifest ; "
|
|||
POSTINST_LOGFILE ?= "${localstatedir}/log/postinstall.log"
|
||||
# Set default target for systemd images
|
||||
SYSTEMD_DEFAULT_TARGET ?= '${@bb.utils.contains("IMAGE_FEATURES", "x11-base", "graphical.target", "multi-user.target", d)}'
|
||||
ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains("DISTRO_FEATURES", "systemd", "set_systemd_default_target; ", "", d)}'
|
||||
ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains("DISTRO_FEATURES", "systemd", "set_systemd_default_target; systemd_create_users;", "", d)}'
|
||||
|
||||
ROOTFS_POSTPROCESS_COMMAND += 'empty_var_volatile;'
|
||||
|
||||
|
@ -30,7 +30,25 @@ ROOTFS_POSTPROCESS_COMMAND += 'empty_var_volatile;'
|
|||
SSH_DISABLE_DNS_LOOKUP ?= " ssh_disable_dns_lookup ; "
|
||||
ROOTFS_POSTPROCESS_COMMAND_append_qemuall = "${SSH_DISABLE_DNS_LOOKUP}"
|
||||
|
||||
|
||||
systemd_create_users () {
|
||||
for conffile in ${IMAGE_ROOTFS}/usr/lib/sysusers.d/systemd.conf ${IMAGE_ROOTFS}/usr/lib/sysusers.d/systemd-remote.conf; do
|
||||
[ -e $conffile ] || continue
|
||||
grep -v "^#" $conffile | sed -e '/^$/d' | while read type name id comment; do
|
||||
if [ "$type" = "u" ]; then
|
||||
useradd_params="--shell /sbin/nologin"
|
||||
[ "$id" != "-" ] && useradd_params="$useradd_params --uid $id"
|
||||
[ "$comment" != "-" ] && useradd_params="$useradd_params --comment $comment"
|
||||
useradd_params="$useradd_params --system $name"
|
||||
eval useradd --root ${IMAGE_ROOTFS} $useradd_params || true
|
||||
elif [ "$type" = "g" ]; then
|
||||
groupadd_params=""
|
||||
[ "$id" != "-" ] && groupadd_params="$groupadd_params --gid $id"
|
||||
groupadd_params="$groupadd_params --system $name"
|
||||
eval groupadd --root ${IMAGE_ROOTFS} $groupadd_params || true
|
||||
fi
|
||||
done
|
||||
done
|
||||
}
|
||||
|
||||
#
|
||||
# A hook function to support read-only-rootfs IMAGE_FEATURES
|
||||
|
@ -73,27 +91,6 @@ read_only_rootfs_hook () {
|
|||
${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh
|
||||
fi
|
||||
fi
|
||||
|
||||
if ${@bb.utils.contains("DISTRO_FEATURES", "systemd", "true", "false", d)}; then
|
||||
# Update user database files so that services don't fail for a read-only systemd system
|
||||
for conffile in ${IMAGE_ROOTFS}/usr/lib/sysusers.d/systemd.conf ${IMAGE_ROOTFS}/usr/lib/sysusers.d/systemd-remote.conf; do
|
||||
[ -e $conffile ] || continue
|
||||
grep -v "^#" $conffile | sed -e '/^$/d' | while read type name id comment; do
|
||||
if [ "$type" = "u" ]; then
|
||||
useradd_params=""
|
||||
[ "$id" != "-" ] && useradd_params="$useradd_params --uid $id"
|
||||
[ "$comment" != "-" ] && useradd_params="$useradd_params --comment $comment"
|
||||
useradd_params="$useradd_params --system $name"
|
||||
eval useradd --root ${IMAGE_ROOTFS} $useradd_params || true
|
||||
elif [ "$type" = "g" ]; then
|
||||
groupadd_params=""
|
||||
[ "$id" != "-" ] && groupadd_params="$groupadd_params --gid $id"
|
||||
groupadd_params="$groupadd_params --system $name"
|
||||
eval groupadd --root ${IMAGE_ROOTFS} $groupadd_params || true
|
||||
fi
|
||||
done
|
||||
done
|
||||
fi
|
||||
}
|
||||
|
||||
#
|
||||
|
|
Loading…
Reference in New Issue