perform_groupdel() tries to delete a group irrespective if other
users have it as their primary group, thus the call to groupdel will
fail with the following error error:
groupdel: cannot remove the primary group of user '<user>'
Add a check to perform_groupdel() to determine if there are other
users and keep the group, printing a warning. This is called right
after a user is deleted to delete it's group. If the last user is
deleted, only then the group is also deleted.
(From OE-Core rev: bba1f02cb6d80279c6fed34bb18f010aa921fc1e)
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Previously, if the gshadow file did not exist in the sysroot when
perform_groupmems() was run, it would be temporarily created and
removed again afterwards. This was supposedly due to groupmems failing
if it does not exist.
However, based on empirical testing and examination of the source code
for groupmems, it should not fail if the gshadow file does not exist
when groupmems is started. But it WILL fail if the file is removed
sometime after its existence has been check at the beginning of the
execution, but before it needs to be modified. And this is exactly
what the previous code in perform_groupmems() could cause if multiple
tasks simultaneously modified users or groups. It could cause any of
the useradd, groupadd and groupmems commands to fail as long as at
least one other recipe invoked perform_groupmems().
(From OE-Core rev: 4fcaa484a2e8046cf3277b5d14933cdaa94a4c3f)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Now, useradd dollar sign requires three prepending backslash characters to
avoid unintended expansion. It used to be just one prepending backslash
character before Krogoth. Restore that behaviour.
[YOCTO #10062]
(From OE-Core rev: 9e43a73c7ad576666d53c8c9e0283bc6bb9087a8)
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Option '-w 100' of flock is failsafe to finish if dead lock occurs. It
should be impossible to occur dead lock. And option '-w' is not
supported by busybox, so remove it.
[YOCTO #9371]
(From OE-Core rev: 5cf97364685bfb86c6eeaffcebcad62ba9f93ee4)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Many user/group operations will involve hashes which will include '$'
followed by a number or even possibly an env. variable name. Passing
$opts to flock requires that we take additional precautions to prevent
the unexpected expansion of these instances.
This was found by an image which used usermod operations to set the
password hash for root. The image could not be logged-in to and
examining /etc/shadow clearly showed that $0 and other $* variables
had been expanded unexpectedly. This change returnes the behavior to
what existed prior to commit 2ebf697b46c42cee8bfa6d2e6087397f8cce385c
[useradd_base.bbclass: replace retry logic with flock].
(From OE-Core rev: d80065642c5a1c95a298b235a8d575460147ede1)
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When perform useradd during populate sysroot, it locks files passwd.lock
and group.lock at same time. And then it meets a dead lock issue
randomly.
Use flock to reslove it by using an universal lock directory for all the
user and group related operations.
[YOCTO #9022]
(From OE-Core rev: 2ebf697b46c42cee8bfa6d2e6087397f8cce385c)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In c0da4270c76375a7a8cbcc09319fe4570ebbc5bd two bbwarn were changed to
bbnote for the case where an added user or group already exists. The
same should have been done for groupmems, groupdel and userdel as well
since the warnings that are currently generated are superflouous.
The two remaining similar bbwarn for groupmod and usermod are left as
is since there they actually make sense.
(From OE-Core rev: f775e4cffe45edb673a414a2038c4f2b09b9b827)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Use bbnote rather than bbwarn when the user exists, otherwise we would
always get the warnings when rebuild the recipe or build with mulitlib,
everything is OK if the user exists, so it should not be a warning.
(From OE-Core rev: c0da4270c76375a7a8cbcc09319fe4570ebbc5bd)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Print PN will help debug:
WARNING: openssh: user sshd already exists, not re-creating it
Which is better than:
WARNING: user sshd already exists, not re-creating it
(From OE-Core rev: cfde8621d18967dee71042e02b8d6db5661df3da)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Currently, it would sleep 1 second when fail to add the user, this maybe
not enough when we use the sstate cache, as my test shows below, nearly
all the useradd actions are doing in the same minute when mirror from
ssate cache, and it would fail when the load is high, I got these time
by adding strace before the useradd for debugging:
2014-03-31 14:48:22.978079781 +0800 /tmp/log/pulseaudio.4.c
2014-03-31 14:48:22.028079813 +0800 /tmp/log/pulseaudio.1.c
2014-03-31 14:48:21.949079816 +0800 /tmp/log/pulseaudio.3.c
2014-03-31 14:48:20.903079852 +0800 /tmp/log/pulseaudio.2.c
2014-03-31 14:48:20.006079883 +0800 /tmp/log/nfs-utils.9.c
2014-03-31 14:48:18.876079923 +0800 /tmp/log/xuser-account.9.c
2014-03-31 14:48:18.824079924 +0800 /tmp/log/pulseaudio.0.c
2014-03-31 14:48:17.826079959 +0800 /tmp/log/xuser-account.8.c
2014-03-31 14:48:17.766079961 +0800 /tmp/log/nfs-utils.8.c
2014-03-31 14:48:16.794079995 +0800 /tmp/log/xuser-account.7.c
2014-03-31 14:48:16.735079997 +0800 /tmp/log/nfs-utils.7.c
2014-03-31 14:48:14.719080066 +0800 /tmp/log/xuser-account.5.c
2014-03-31 14:48:14.677080068 +0800 /tmp/log/nfs-utils.5.c
2014-03-31 14:48:12.621080139 +0800 /tmp/log/nfs-utils.3.c
2014-03-31 14:48:11.589080175 +0800 /tmp/log/nfs-utils.2.c
2014-03-31 14:48:10.242080221 +0800 /tmp/log/builder.0.c
2014-03-31 14:48:09.523080246 +0800 /tmp/log/nfs-utils.0.c
2014-03-31 14:48:09.488080248 +0800 /tmp/log/openssh.0.c
2014-03-31 14:48:09.485080248 +0800 /tmp/log/rpcbind.1.c
2014-03-31 14:48:07.590080313 +0800 /tmp/log/rpcbind.0.c
2014-03-31 14:28:15.437121590 +0800 /tmp/log/avahi.0.c
2014-03-31 14:18:19.067142238 +0800 /tmp/log/dbus.0.c
The nfs-utils and xuser-account are failed to add the user.
The useradd command needs two locks, passwd.lock and group.lock, it may
get one, but can't get another one if we look into these .c files, sleep
1 second is not enough, it needs more seconds, the reason is that, if
succeed, it doesn't have any side effects, if failed, we need wait for
more seconds rather than make it more crowding.
I've tried to use "sleep 5", but it didn't make much better since they
would sleep and wake up nearly at the same time, I also tried to use
"sleep <RANDOM seconds between 1 and 10>", that didn't make much better
,either.
I think that a better ways is sleep more and more seconds (up to 10
seconds) when failed, this can't fix the problem that they may do the
actions at the same time, but the logic is: if it is not crowding, sleep
less time should be OK, otherwise sleep more and more time.
Here is the testing result which seems much better:
2014-04-03 14:09:56.605185284 +0800 dbus.0.c
2014-04-03 14:09:39.899185862 +0800 rpcbind.5.c
2014-04-03 14:09:38.400185914 +0800 distcc.4.c
2014-04-03 14:09:35.206186025 +0800 pulseaudio.1.c
2014-04-03 14:09:33.979186067 +0800 rpcbind.4.c
2014-04-03 14:09:33.364186089 +0800 pulseaudio.0.c
2014-04-03 14:09:33.360186089 +0800 distcc.3.c
2014-04-03 14:09:30.996186171 +0800 avahi-ui.0.c
2014-04-03 14:09:30.298186195 +0800 distcc.2.c
2014-04-03 14:09:29.905186208 +0800 rpcbind.3.c
2014-04-03 14:09:29.410186226 +0800 avahi-ui.2.c
2014-04-03 14:09:28.239186266 +0800 distcc.1.c
2014-04-03 14:09:27.298186299 +0800 xuser-account.0.c
2014-04-03 14:09:27.032186308 +0800 distcc.0.c
2014-04-03 14:09:26.836186315 +0800 rpcbind.2.c
2014-04-03 14:09:25.846186349 +0800 nfs-utils.1.c
2014-04-03 14:09:25.752186352 +0800 avahi-ui.1.c
2014-04-03 14:09:24.779186386 +0800 builder.0.c
2014-04-03 14:09:24.746186387 +0800 rpcbind.1.c
2014-04-03 14:09:23.916186416 +0800 openssh.1.c
2014-04-03 14:09:23.848186418 +0800 nfs-utils.0.c
2014-04-03 14:09:23.594186427 +0800 rpcbind.0.c
2014-04-03 14:09:22.609186461 +0800 ppp-dialin.0.c
2014-04-03 14:09:21.817186488 +0800 openssh.0.c
[YOCTO #6085]
(From OE-Core rev: 9cedc786ba132935748bdca8bc33b56c366b531e)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a new base class, useradd_base.bbclass, which is mainly a
collection of basic functions for user/group settings.
The useradd_base.bbclass is intended to be inherited by useradd.bbclass
and the extrausers.bbclass to avoid code cuplication.
[YOCTO #4074]
(From OE-Core rev: 2a57bb7e9a7e154578aa7cb9aeebdf398a54ec00)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ioan-Adrian Ratiu
Peter Kjellerstedt
Maxin B. John
Kai Kang
Mark Asselstine
Robert Yang
Mario Domenech Goulart
Chen Qi