[OE-core] [PATCH] systemd: Fix rootfs transaction error when PACKAGECONFIG has polkit

Martin Jansa martin.jansa at gmail.com
Wed Sep 13 22:05:07 UTC 2017 

Yes, you're right it shouldn't use passwd/group from host.

I've tried to reproduce it in different build directory and now I see that
it properly adds polkitd user in do_prepare_recipe_sysroot task already:
OE @ ~ $ tail -n 15
/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/systemd/1_234-r0/temp/log.do_prepare_recipe_sysroot
DEBUG: SITE files ['endian-little', 'common-linux', 'common-glibc',
'bit-64', 'x86_64-linux', 'common']
DEBUG: SITE files ['endian-little', 'common-linux', 'common-glibc',
'bit-64', 'x86_64-linux', 'common']
DEBUG: Executing shell function useradd_sysroot
/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/systemd/1_234-r0/recipe-sysroot-native/usr/sbin/useradd
Running groupadd commands...
NOTE: systemd: Performing groupadd with [--root
/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/systemd/1_234-r0/recipe-sysroot
-r lock]
NOTE: systemd: Performing groupadd with [--root
/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/systemd/1_234-r0/recipe-sysroot
-r systemd-journal]
Running useradd commands...
NOTE: systemd: Performing useradd with [--root
/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/systemd/1_234-r0/recipe-sysroot
   --system -d / -M --shell /bin/nologin systemd-timesync]
NOTE: systemd: Performing useradd with [--root
/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/systemd/1_234-r0/recipe-sysroot
--system -d / -M --shell /bin/nologin systemd-network]
NOTE: systemd: Performing useradd with [--root
/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/systemd/1_234-r0/recipe-sysroot
 --system -d / -M --shell /bin/nologin systemd-resolve]
NOTE: systemd: Performing useradd with [--root
/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/systemd/1_234-r0/recipe-sysroot
--system --no-create-home --user-group --home-dir /etc/polkit-1 polkitd]
NOTE: systemd: Performing useradd with [--root
/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/systemd/1_234-r0/recipe-sysroot
 --system -d / -M --shell /bin/nologin systemd-bus-proxy]
DEBUG: Shell function useradd_sysroot finished
DEBUG: Python function useradd_sysroot_sstate finished

tomorrow I'll try to reproduce it in the directory where it failed before,
my guess is that in that build do_prepare_recipe_sysroot wasn't re-executed
correctly and unlike here:
OE @ ~ $ grep -R polkitd
/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/systemd/1_234-r0/recipe-sysroot/etc
/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/systemd/1_234-r0/recipe-sysroot/etc/group:polkitd:!:994:
/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/systemd/1_234-r0/recipe-sysroot/etc/group-:polkitd:!:994:
/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/systemd/1_234-r0/recipe-sysroot/etc/passwd-:polkitd:!:996:994::/etc/polkit-1:
/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/systemd/1_234-r0/recipe-sysroot/etc/passwd:polkitd:!:996:994::/etc/polkit-1:

or there might be another issue in pseudo or something like that.

Thanks


On Wed, Sep 13, 2017 at 2:40 PM, Jason Wessel <jason.wessel at windriver.com>
wrote:

> It should work because it has nothing to do with that particular passwd
> file.   This is builds successfully on a ubuntu 16.04 host which has no
> polkitd user.
>
> Also with the user add stanza in the patch it should be adding the user
> that is required when PACKAGECONFIG has the polkitd added to the psuedo
> passwd file.   We have quite a few configurations building properly.  Where
> I have seen transient failures before is when the -native sysroot does not
> get rebuilt but that is typically with other recipes.
>
> Is this still a problem?
>
>
> Jason.
>
>
> On 09/06/2017 01:35 PM, Martin Jansa wrote:
>
> Does this work on hosts without polkitd user?
>
> Here it failed with:
>
> | chown: invalid user: ‘polkitd:root’
>
>
>
>
>
>
> On Tue, Aug 15, 2017 at 8:55 PM, Jason Wessel <jason.wessel at windriver.com>
> wrote:
>
>> The systemd 234 added some files to the polkit directory and the
>> directory the files live in must be owned by the polkitd user, else
>> you will receive the following error when the rootfs is being
>> assembled:
>>
>> Error: Transaction check error:
>>   file /usr/share/polkit-1/rules.d conflicts between attempted installs
>> of polkit-0.113-r0.15.core2_64 and systemd-1:234-r0.0.core2_64
>>
>> The fix similar to other packages such as libvirt where the user must
>> exist and the directory must be created with the proper attributes.
>>
>> Signed-off-by: Jason Wessel <jason.wessel at windriver.com>
>> ---
>>  meta/recipes-core/systemd/systemd_234.bb | 9 +++++++++
>>  1 file changed, 9 insertions(+)
>>
>> diff --git a/meta/recipes-core/systemd/systemd_234.bb
>> b/meta/recipes-core/systemd/systemd_234.bb
>> index ad7fc99b90..4560cf4175 100644
>> --- a/meta/recipes-core/systemd/systemd_234.bb
>> +++ b/meta/recipes-core/systemd/systemd_234.bb
>> @@ -245,6 +245,14 @@ do_install() {
>>                 ln -s ../run/systemd/resolve/resolv.conf
>> ${D}${sysconfdir}/resolv-conf.systemd
>>         fi
>>         install -Dm 0755 ${S}/src/systemctl/systemd-sysv-install.SKELETON
>> ${D}${systemd_unitdir}/systemd-sysv-install
>> +
>> +       # If polkit is setup fixup permissions and ownership
>> +       if [ "${@bb.utils.contains('PACKAGECONFIG', 'polkit', 'polkit',
>> '', d)}" = "polkit" ] ; then
>> +           if [ -d ${D}${datadir}/polkit-1/rules.d ] ; then
>> +               chmod 700 ${D}${datadir}/polkit-1/rules.d
>> +               chown polkitd:root ${D}${datadir}/polkit-1/rules.d
>> +           fi
>> +       fi
>>  }
>>
>>  do_install_ptest () {
>> @@ -308,6 +316,7 @@ USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG',
>> 'timesyncd', '--sy
>>  USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG',
>> 'networkd', '--system -d / -M --shell /bin/nologin systemd-network;', '',
>> d)}"
>>  USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG',
>> 'coredump', '--system -d / -M --shell /bin/nologin systemd-coredump;', '',
>> d)}"
>>  USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG',
>> 'resolved', '--system -d / -M --shell /bin/nologin systemd-resolve;', '',
>> d)}"
>> +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'polkit',
>> '--system --no-create-home --user-group --home-dir ${sysconfdir}/polkit-1
>> polkitd;', '', d)}"
>>  GROUPADD_PARAM_${PN} = "-r lock; -r systemd-journal"
>>  USERADD_PARAM_${PN}-extra-utils += "--system -d / -M --shell
>> /bin/nologin systemd-bus-proxy;"
>>
>> --
>> 2.11.0
>>
>> --
>> _______________________________________________
>> Openembedded-core mailing list
>> Openembedded-core at lists.openembedded.org
>> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20170914/734d0878/attachment-0002.html>

More information about the Openembedded-core mailing list