[OE-core] useradd.bbclass question
Mark Hatle
mark.hatle at windriver.com
Thu May 2 14:50:51 UTC 2013
On 5/2/13 9:34 AM, Paul Eggleton wrote:
> On Thursday 02 May 2013 08:35:55 Mark Hatle wrote:
>> On 5/2/13 2:49 AM, Andreas Müller wrote:
>>> on one of my build machines useradd.bbclass seem to use the UID/GID of
>>> build host. On other machines useradd works correct.
>>>
>>> I have the follwing in gdm:
>>>
>>> <snip>
>>> do_install_append() {
>>>
>>> ...
>>> chown -R gdm:gdm ${D}${localstatedir}/lib/gdm
>>> chmod 0750 ${D}${localstatedir}/lib/gdm
>>>
>>> }
>>>
>>> ...
>>>
>>> USERADD_PACKAGES = "${PN}"
>>> USERADD_PARAM_${PN} = "--system --no-create-home --home
>>> ${localstatedir}/lib/gdm --user-group gdm"
>>> <snip/>
I don't know how ipk and deb handle this. But with the RPM system it captures
the uname/gname (not uid/gid) and uses that when installing the file(s). This
way the USERADD is processed before the install and the right value is used
during the install.
We may have a problem here where we need to also process the useradd -before-
the do_install runs so that it's available for pseudo to use for deb/ipk. (But
if deb/ipk capture uid/gid vs uname/gname.. unless we set a static value we
could still have a problem.)
Does anyone know how ipk/deb handle this?
>>>
>>> In sysroot /etc/group I see
>>> gdm:x:990:
>>>
>>> In sysroot /etc/group I see
>>> gdm:!:993:990::/var/lib/gdm:
>>>
>>> The folder in packet/image has IDs 42:42 which is taken from build host.
>>
>> This says that something ran an operation outside of the pseudo environment.
>> So it fell back to looking up the uid from the host system. (The
>> alternative is the item was installed -before- the /etc/passwd,/etc/group
>> was written to the disk.
>
> Right, do_install will be well before this stuff happens and it is not a
> fakeroot task anyway. This needs to be moved to a postinstall script (which
> should be able to run during image creation).
do_install is a 'fakeroot' task. But ya, the useradd action doesn't necessarily
happen before it.
We should -not- be using a postinstall action to change user/groups on
files/directories. This breaks the integrity checking that RPM has. You can
(on the target) issue an rpm -V <package> and it will go and verify the
installed files (including permissions, user, group) match what the RPM database
says. Making the change in a postinstall will cause a validation failure.
--Mark
> Cheers,
> Paul
>
More information about the Openembedded-core
mailing list