From: Yann E. MORIN <yann.morin.1998@free.fr>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH v2 01/14] package/systemd: configure nss plugins in nsswitch.conf
Date: Mon, 15 Jun 2020 13:48:25 +0200 [thread overview]
Message-ID: <20200615114825.GZ2346@scaer> (raw)
In-Reply-To: <20200615072055.2083-2-nolange79@gmail.com>
Norbert, All,
On 2020-06-15 09:20 +0200, Norbert Lange spake thusly:
> This adds configuration of the nsswitch.conf file,
> it does so by pathing the template provided by systemd.
>
> The template is fully populated, the services that are
> not available are removed.
>
> If the plugin nss-compat is not available, the entries
> will be replaced with nss-files.
systemd is glibc-only, and libnss_compat.so* is provided by glibc. What
glibc does not provide it?
> nss-systemd is used for the DynamicUser features,
> which is a defacto necessity for systemd.
> It handles transient users/groups without
> touching the /etc/{passwd,group} files on disk.
>
> nss-myhostname allows resolving the hostname,
> again without touching files in /etc.
> Enabling this feature requires configuring the plugin.
>
> nss-resolve is part of resolved, and required for
> consistent dns lookups.
>
> nss-mymachines adds name resolution from
> containers.
>
> Signed-off-by: Norbert Lange <nolange79@gmail.com>
> ---
> package/systemd/systemd.mk | 16 ++++++++++++++++
> 1 file changed, 16 insertions(+)
>
> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
> index e61cec80f0..cf6c0f9576 100644
> --- a/package/systemd/systemd.mk
> +++ b/package/systemd/systemd.mk
> @@ -472,7 +472,23 @@ define SYSTEMD_INSTALL_MACHINEID_HOOK
> touch $(TARGET_DIR)/etc/machine-id
> endef
>
> +define SYSTEMD_NSSCONFIG_HOOK
> + [ -r "$$(find $(TARGET_DIR)/usr/lib -name libnss_compat.so.*)" ] || \
As said above, this is supposed to always exist in a glibc-based
toolchain, which is all that systemd supports, so I don;t see why we
would want to replace the 'compat' plugin by the 'files' one.
> + sed 's,\bcompat\b,files,g' -i $(TARGET_DIR)/usr/share/factory/etc/nsswitch.conf
We already have a variable that does 'sed -i' :
$(SED) 's,\bcompat\b,files,g' $(TARGET_DIR)/usr/share/factory/etc/nsswitch.conf
> + [ "$(BR2_PACKAGE_SYSTEMD_RESOLVED)" = "y" ] || \
Usually, we do not test configuration-level conditions in shell, but in
Makefile:
ifeq ($(BR2_PACKAGE_SYSTEMD_RESOLVED),y)
define SYSTEMD_NSSWITCH_CONF_RESOLVED
sed blablabla...
endef
SYSTEMD_TARGET_FINALIZE_HOOKS += SYSTEMD_NSSWITCH_CONF_RESOLVED # See below, point 3...
endif
> + sed -e 's,\bresolve[[:space:]][[:space:]]*\[[^]]*\][[:space:]]*,,g' \
"[[:space:]][:space:]]*" is equivalent to "[[:space:]]+".
> + -e 's,\bresolve\b[[:space:]]*,,g' -i $(TARGET_DIR)/usr/share/factory/etc/nsswitch.conf
As I understand it, you are trying to remove the 'resolve' plugin,
whether it has a follwing "[action]" or not, right? If so, here's my
proposal of a simpler regexp that cactches both cases:
's,\bresolve[[:space:]]+(\[[^]]+\])?[[:space:]],,g'
> + [ "$(BR2_PACKAGE_SYSTEMD_MYHOSTNAME)" = "y" ] || \
> + sed -e 's,\bmyhostname[[:space:]][[:space:]]*\[[^]]*\][[:space:]]*,,g' \
> + -e 's,\bmyhostname\b[[:space:]]*,,g' -i $(TARGET_DIR)/usr/share/factory/etc/nsswitch.conf
Ditto the condition and the sed regexp.
> + [ "$(BR2_PACKAGE_SYSTEMD_MACHINED)" = "y" ] || \
> + sed -e 's,\bmymachines[[:space:]][[:space:]]*\[[^]]*\][[:space:]]*,,g' \
> + -e 's,\bmymachines\b[[:space:]]*,,g' -i $(TARGET_DIR)/usr/share/factory/etc/nsswitch.conf
Ditto the condition and the sed regexp.
> + install -m644 $(TARGET_DIR)/usr/share/factory/etc/nsswitch.conf $(TARGET_DIR)/etc/nsswitch.conf
I'm definitely not happy with all those hacks, because:
1. /etc/nsswitch.conf is already provided by the glibc package, so
overwriting it will not play nicely with per-package directories,
2. we already have other packages that may tweak that file, like:
package/nss-mdns/nss-mdns.mk
package/nss-myhostname/nss-myhostname.mk
3. which brings us to the point that this file should be tweaked as a
target-finalize hook
Regards,
Yann E. MORIN.
> +endef
> +
> SYSTEMD_POST_INSTALL_TARGET_HOOKS += \
> + SYSTEMD_NSSCONFIG_HOOK \
> SYSTEMD_INSTALL_INIT_HOOK \
> SYSTEMD_INSTALL_MACHINEID_HOOK \
> SYSTEMD_INSTALL_RESOLVCONF_HOOK
> --
> 2.27.0
>
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 561 099 427 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
next prev parent reply other threads:[~2020-06-15 11:48 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-06-15 7:20 [Buildroot] systemd improvements V2 Norbert Lange
2020-06-15 7:20 ` [Buildroot] [PATCH v2 01/14] package/systemd: configure nss plugins in nsswitch.conf Norbert Lange
2020-06-15 11:48 ` Yann E. MORIN [this message]
2020-06-15 12:14 ` Norbert Lange
2020-06-15 16:54 ` Yann E. MORIN
2020-06-16 6:17 ` Jérémy ROSEN
[not found] ` <CADYdroPsOpAcuBAmNe1H=N2of1PAZSBjq4=TyO+6hdFniNorTA@mail.gmail.com>
2020-06-25 22:27 ` [Buildroot] Fwd: " Norbert Lange
2020-06-27 12:14 ` Yann E. MORIN
2020-06-15 12:28 ` [Buildroot] " Norbert Lange
2020-06-17 21:13 ` Yann E. MORIN
2020-06-15 7:20 ` [Buildroot] [PATCH v2 02/14] package/systemd: remove unused user accounts Norbert Lange
2020-06-15 9:42 ` Yann E. MORIN
2020-06-15 10:38 ` Norbert Lange
2020-06-15 7:20 ` [Buildroot] [PATCH v2 03/14] package/systemd: create "remote" user if the feature is enabled Norbert Lange
2020-06-15 9:46 ` Yann E. MORIN
2020-06-15 7:20 ` [Buildroot] [PATCH v2 04/14] package/systemd: cosmetic rearrange list of users Norbert Lange
2020-07-18 11:46 ` Yann E. MORIN
2020-06-15 7:20 ` [Buildroot] [PATCH v2 05/14] package/systemd: sync user comments to upstream Norbert Lange
2020-06-15 9:47 ` Yann E. MORIN
2020-06-15 7:20 ` [Buildroot] [PATCH v2 06/14] Makefile: Handle systemd catalogs in PURGE_LOCALES Norbert Lange
2020-06-15 7:20 ` [Buildroot] [PATCH v2 07/14] package/systemd: fixup RPATH for more systemd host binaries Norbert Lange
2020-06-15 9:53 ` Yann E. MORIN
2020-06-15 10:29 ` Norbert Lange
2020-06-15 7:20 ` [Buildroot] [PATCH v2 08/14] package/systemd: add hook to update journalctl catalogs Norbert Lange
2020-06-15 7:20 ` [Buildroot] [PATCH v2 09/14] package/systemd: option to delete all catalog files Norbert Lange
2020-06-15 14:27 ` Jérémy ROSEN
2020-06-15 7:20 ` [Buildroot] [PATCH v2 10/14] package/systemd: invoke systemd-tmpfilesd on final image Norbert Lange
2020-06-15 14:32 ` Jérémy ROSEN
2020-06-15 14:58 ` Norbert Lange
2020-09-28 18:42 ` Adam Duskett
2020-09-28 19:00 ` Norbert Lange
2020-09-28 20:27 ` Adam Duskett
2020-09-29 8:40 ` Jérémy ROSEN
2020-06-15 7:20 ` [Buildroot] [PATCH v2 11/14] package/systemd: use an upstream patch for tmpfiles Norbert Lange
2020-06-15 7:20 ` [Buildroot] [PATCH v2 12/14] package/systemd: pre-create directory for timesync user Norbert Lange
2020-06-15 7:20 ` [Buildroot] [PATCH v2 13/14] systemd: remove hard dependency on dbus Norbert Lange
2020-06-15 7:20 ` [Buildroot] [PATCH v2 14/14] systemd: remove util-linux dependencies Norbert Lange
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200615114825.GZ2346@scaer \
--to=yann.morin.1998@free.fr \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox