[PATCH] core: fix /sbin/nologin path

Openembedded Core Discussions
 help / color / mirror / Atom feed

* [PATCH] core: fix /sbin/nologin path
@ 2018-05-31 17:25 Nicola Lunghi
  2018-05-31 18:26 ` Christopher Larson
  0 siblings, 1 reply; 2+ messages in thread
From: Nicola Lunghi @ 2018-05-31 17:25 UTC (permalink / raw)
  To: openembedded-core

In some yocto recipes the /sbin/nologin path is incorrectly set to
/bin/nologin. set it to the correct path ${base_sbindir}/nologin

Signed-off-by: Nicola Lunghi <nick83ola@gmail.com>
---
 meta-selftest/files/static-passwd        | 20 ++++++++++----------
 meta/classes/rootfs-postcommands.bbclass |  6 +++---
 meta/recipes-core/systemd/systemd_237.bb | 19 +++++++++++--------
 3 files changed, 24 insertions(+), 21 deletions(-)

diff --git a/meta-selftest/files/static-passwd b/meta-selftest/files/static-passwd
index 412f85d469..fe1f3247d4 100644
--- a/meta-selftest/files/static-passwd
+++ b/meta-selftest/files/static-passwd
@@ -1,11 +1,11 @@
 messagebus:x:500:500::/var/lib/dbus:/bin/false
-systemd-bus-proxy:x:501:501::/:/bin/nologin
-systemd-network:x:502:502::/:/bin/nologin
-systemd-resolve:x:503:503::/:/bin/nologin
-systemd-timesync:x:504:504::/:/bin/nologin
-polkitd:x:505:505::/:/bin/nologin
-avahi:x:509:509::/:/bin/nologin
-avahi-autoipd:x:510:510::/:/bin/nologin
-rpc:x:511:511::/:/bin/nologin
-distcc:x:512:nogroup::/:/bin/nologin
-rpcuser:x:513:513::/var/lib/nfs:/bin/nologin
+systemd-bus-proxy:x:501:501::/:/sbin/nologin
+systemd-network:x:502:502::/:/sbin/nologin
+systemd-resolve:x:503:503::/:/sbin/nologin
+systemd-timesync:x:504:504::/:/sbin/nologin
+polkitd:x:505:505::/:/sbin/nologin
+avahi:x:509:509::/:/sbin/nologin
+avahi-autoipd:x:510:510::/:/sbin/nologin
+rpc:x:511:511::/:/sbin/nologin
+distcc:x:512:nogroup::/:/sbin/nologin
+rpcuser:x:513:513::/var/lib/nfs:/sbin/nologin
diff --git a/meta/classes/rootfs-postcommands.bbclass b/meta/classes/rootfs-postcommands.bbclass
index a4e627fef8..0ee7391957 100644
--- a/meta/classes/rootfs-postcommands.bbclass
+++ b/meta/classes/rootfs-postcommands.bbclass
@@ -62,8 +62,8 @@ systemd_create_users () {
 	for conffile in ${IMAGE_ROOTFS}/usr/lib/sysusers.d/systemd.conf ${IMAGE_ROOTFS}/usr/lib/sysusers.d/systemd-remote.conf; do
 		[ -e $conffile ] || continue
 		grep -v "^#" $conffile | sed -e '/^$/d' | while read type name id comment; do
-		if [ "$type" = "u" ]; then
-			useradd_params="--shell /sbin/nologin"
+		if [ "$type" = "u" ]; then:w
+			useradd_params="--shell ${base_sbindir}/nologin"
 			[ "$id" != "-" ] && useradd_params="$useradd_params --uid $id"
 			[ "$comment" != "-" ] && useradd_params="$useradd_params --comment $comment"
 			useradd_params="$useradd_params --system $name"
@@ -79,7 +79,7 @@ systemd_create_users () {
 				eval groupadd --root ${IMAGE_ROOTFS} --system $group
 			fi
 			if [ ! `grep -q "^${name}:" ${IMAGE_ROOTFS}${sysconfdir}/passwd` ]; then
-				eval useradd --root ${IMAGE_ROOTFS} --shell /sbin/nologin --system $name
+				eval useradd --root ${IMAGE_ROOTFS} --shell ${base_sbindir}/nologin --system $name
 			fi
 			eval usermod --root ${IMAGE_ROOTFS} -a -G $group $name
 		fi
diff --git a/meta/recipes-core/systemd/systemd_237.bb b/meta/recipes-core/systemd/systemd_237.bb
index 7ef42b2eae..b55614158d 100644
--- a/meta/recipes-core/systemd/systemd_237.bb
+++ b/meta/recipes-core/systemd/systemd_237.bb
@@ -300,16 +300,19 @@ SYSTEMD_PACKAGES = "${@bb.utils.contains('PACKAGECONFIG', 'binfmt', '${PN}-binfm
 SYSTEMD_SERVICE_${PN}-binfmt = "systemd-binfmt.service"
 
 USERADD_PACKAGES = "${PN} ${PN}-extra-utils"
-USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '--system -d / -M --shell /bin/nologin systemd-journal-gateway;', '', d)}"
-USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '--system -d / -M --shell /bin/nologin systemd-journal-remote;', '', d)}"
-USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '--system -d / -M --shell /bin/nologin systemd-journal-upload;', '', d)}"
-USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'timesyncd', '--system -d / -M --shell /bin/nologin systemd-timesync;', '', d)}"
-USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'networkd', '--system -d / -M --shell /bin/nologin systemd-network;', '', d)}"
-USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'coredump', '--system -d / -M --shell /bin/nologin systemd-coredump;', '', d)}"
-USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'resolved', '--system -d / -M --shell /bin/nologin systemd-resolve;', '', d)}"
+
+base_useradd_params = "--system -d / -M --shell ${base_sbindir}/nologin"
+
+USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${base_useradd_params} systemd-journal-gateway;', '', d)}"
+USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${base_useradd_params} systemd-journal-remote;', '', d)}"
+USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '${base_useradd_params} systemd-journal-upload;', '', d)}"
+USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'timesyncd', '${base_useradd_params} systemd-timesync;', '', d)}"
+USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'networkd', '${base_useradd_params} systemd-network;', '', d)}"
+USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'coredump', '${base_useradd_params} systemd-coredump;', '', d)}"
+USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'resolved', '${base_useradd_params} systemd-resolve;', '', d)}"
 USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'polkit', '--system --no-create-home --user-group --home-dir ${sysconfdir}/polkit-1 polkitd;', '', d)}"
 GROUPADD_PARAM_${PN} = "-r lock; -r systemd-journal"
-USERADD_PARAM_${PN}-extra-utils += "--system -d / -M --shell /bin/nologin systemd-bus-proxy;"
+USERADD_PARAM_${PN}-extra-utils += "${base_useradd_params} systemd-bus-proxy;"
 
 FILES_${PN}-analyze = "${bindir}/systemd-analyze"
 
-- 
2.17.0



^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH] core: fix /sbin/nologin path
  2018-05-31 17:25 [PATCH] core: fix /sbin/nologin path Nicola Lunghi
@ 2018-05-31 18:26 ` Christopher Larson
  0 siblings, 0 replies; 2+ messages in thread
From: Christopher Larson @ 2018-05-31 18:26 UTC (permalink / raw)
  To: nick83ola; +Cc: Patches and discussions about the oe-core layer

[-- Attachment #1: Type: text/plain, Size: 2602 bytes --]

On Thu, May 31, 2018 at 10:25 AM Nicola Lunghi <nick83ola@gmail.com> wrote:

> In some yocto recipes the /sbin/nologin path is incorrectly set to
> /bin/nologin. set it to the correct path ${base_sbindir}/nologin
>
> Signed-off-by: Nicola Lunghi <nick83ola@gmail.com>
> ---
>  meta-selftest/files/static-passwd        | 20 ++++++++++----------
>  meta/classes/rootfs-postcommands.bbclass |  6 +++---
>  meta/recipes-core/systemd/systemd_237.bb | 19 +++++++++++--------
>  3 files changed, 24 insertions(+), 21 deletions(-)
>
> diff --git a/meta-selftest/files/static-passwd
> b/meta-selftest/files/static-passwd
> index 412f85d469..fe1f3247d4 100644
> --- a/meta-selftest/files/static-passwd
> +++ b/meta-selftest/files/static-passwd
> @@ -1,11 +1,11 @@
>  messagebus:x:500:500::/var/lib/dbus:/bin/false
> -systemd-bus-proxy:x:501:501::/:/bin/nologin
> -systemd-network:x:502:502::/:/bin/nologin
> -systemd-resolve:x:503:503::/:/bin/nologin
> -systemd-timesync:x:504:504::/:/bin/nologin
> -polkitd:x:505:505::/:/bin/nologin
> -avahi:x:509:509::/:/bin/nologin
> -avahi-autoipd:x:510:510::/:/bin/nologin
> -rpc:x:511:511::/:/bin/nologin
> -distcc:x:512:nogroup::/:/bin/nologin
> -rpcuser:x:513:513::/var/lib/nfs:/bin/nologin
> +systemd-bus-proxy:x:501:501::/:/sbin/nologin
> +systemd-network:x:502:502::/:/sbin/nologin
> +systemd-resolve:x:503:503::/:/sbin/nologin
> +systemd-timesync:x:504:504::/:/sbin/nologin
> +polkitd:x:505:505::/:/sbin/nologin
> +avahi:x:509:509::/:/sbin/nologin
> +avahi-autoipd:x:510:510::/:/sbin/nologin
> +rpc:x:511:511::/:/sbin/nologin
> +distcc:x:512:nogroup::/:/sbin/nologin
> +rpcuser:x:513:513::/var/lib/nfs:/sbin/nologin
> diff --git a/meta/classes/rootfs-postcommands.bbclass
> b/meta/classes/rootfs-postcommands.bbclass
> index a4e627fef8..0ee7391957 100644
> --- a/meta/classes/rootfs-postcommands.bbclass
> +++ b/meta/classes/rootfs-postcommands.bbclass
> @@ -62,8 +62,8 @@ systemd_create_users () {
>         for conffile in ${IMAGE_ROOTFS}/usr/lib/sysusers.d/systemd.conf
> ${IMAGE_ROOTFS}/usr/lib/sysusers.d/systemd-remote.conf; do
>                 [ -e $conffile ] || continue
>                 grep -v "^#" $conffile | sed -e '/^$/d' | while read type
> name id comment; do
> -               if [ "$type" = "u" ]; then
> -                       useradd_params="--shell /sbin/nologin"
> +               if [ "$type" = "u" ]; then:w
>

This won't run as is. ";then:w"
-- 
Christopher Larson
kergoth at gmail dot com
Founder - BitBake, OpenEmbedded, OpenZaurus
Senior Software Engineer, Mentor Graphics

[-- Attachment #2: Type: text/html, Size: 3370 bytes --]

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2018-05-31 18:26 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-05-31 17:25 [PATCH] core: fix /sbin/nologin path Nicola Lunghi
2018-05-31 18:26 ` Christopher Larson

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox