[OE-core] [PATCH] core: fix /sbin/nologin path
Nicola Lunghi
nick83ola at gmail.com
Thu May 31 17:25:04 UTC 2018
In some yocto recipes the /sbin/nologin path is incorrectly set to
/bin/nologin. set it to the correct path ${base_sbindir}/nologin
Signed-off-by: Nicola Lunghi <nick83ola at gmail.com>
---
meta-selftest/files/static-passwd | 20 ++++++++++----------
meta/classes/rootfs-postcommands.bbclass | 6 +++---
meta/recipes-core/systemd/systemd_237.bb | 19 +++++++++++--------
3 files changed, 24 insertions(+), 21 deletions(-)
diff --git a/meta-selftest/files/static-passwd b/meta-selftest/files/static-passwd
index 412f85d469..fe1f3247d4 100644
--- a/meta-selftest/files/static-passwd
+++ b/meta-selftest/files/static-passwd
@@ -1,11 +1,11 @@
messagebus:x:500:500::/var/lib/dbus:/bin/false
-systemd-bus-proxy:x:501:501::/:/bin/nologin
-systemd-network:x:502:502::/:/bin/nologin
-systemd-resolve:x:503:503::/:/bin/nologin
-systemd-timesync:x:504:504::/:/bin/nologin
-polkitd:x:505:505::/:/bin/nologin
-avahi:x:509:509::/:/bin/nologin
-avahi-autoipd:x:510:510::/:/bin/nologin
-rpc:x:511:511::/:/bin/nologin
-distcc:x:512:nogroup::/:/bin/nologin
-rpcuser:x:513:513::/var/lib/nfs:/bin/nologin
+systemd-bus-proxy:x:501:501::/:/sbin/nologin
+systemd-network:x:502:502::/:/sbin/nologin
+systemd-resolve:x:503:503::/:/sbin/nologin
+systemd-timesync:x:504:504::/:/sbin/nologin
+polkitd:x:505:505::/:/sbin/nologin
+avahi:x:509:509::/:/sbin/nologin
+avahi-autoipd:x:510:510::/:/sbin/nologin
+rpc:x:511:511::/:/sbin/nologin
+distcc:x:512:nogroup::/:/sbin/nologin
+rpcuser:x:513:513::/var/lib/nfs:/sbin/nologin
diff --git a/meta/classes/rootfs-postcommands.bbclass b/meta/classes/rootfs-postcommands.bbclass
index a4e627fef8..0ee7391957 100644
--- a/meta/classes/rootfs-postcommands.bbclass
+++ b/meta/classes/rootfs-postcommands.bbclass
@@ -62,8 +62,8 @@ systemd_create_users () {
for conffile in ${IMAGE_ROOTFS}/usr/lib/sysusers.d/systemd.conf ${IMAGE_ROOTFS}/usr/lib/sysusers.d/systemd-remote.conf; do
[ -e $conffile ] || continue
grep -v "^#" $conffile | sed -e '/^$/d' | while read type name id comment; do
- if [ "$type" = "u" ]; then
- useradd_params="--shell /sbin/nologin"
+ if [ "$type" = "u" ]; then:w
+ useradd_params="--shell ${base_sbindir}/nologin"
[ "$id" != "-" ] && useradd_params="$useradd_params --uid $id"
[ "$comment" != "-" ] && useradd_params="$useradd_params --comment $comment"
useradd_params="$useradd_params --system $name"
@@ -79,7 +79,7 @@ systemd_create_users () {
eval groupadd --root ${IMAGE_ROOTFS} --system $group
fi
if [ ! `grep -q "^${name}:" ${IMAGE_ROOTFS}${sysconfdir}/passwd` ]; then
- eval useradd --root ${IMAGE_ROOTFS} --shell /sbin/nologin --system $name
+ eval useradd --root ${IMAGE_ROOTFS} --shell ${base_sbindir}/nologin --system $name
fi
eval usermod --root ${IMAGE_ROOTFS} -a -G $group $name
fi
diff --git a/meta/recipes-core/systemd/systemd_237.bb b/meta/recipes-core/systemd/systemd_237.bb
index 7ef42b2eae..b55614158d 100644
--- a/meta/recipes-core/systemd/systemd_237.bb
+++ b/meta/recipes-core/systemd/systemd_237.bb
@@ -300,16 +300,19 @@ SYSTEMD_PACKAGES = "${@bb.utils.contains('PACKAGECONFIG', 'binfmt', '${PN}-binfm
SYSTEMD_SERVICE_${PN}-binfmt = "systemd-binfmt.service"
USERADD_PACKAGES = "${PN} ${PN}-extra-utils"
-USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '--system -d / -M --shell /bin/nologin systemd-journal-gateway;', '', d)}"
-USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '--system -d / -M --shell /bin/nologin systemd-journal-remote;', '', d)}"
-USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '--system -d / -M --shell /bin/nologin systemd-journal-upload;', '', d)}"
-USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'timesyncd', '--system -d / -M --shell /bin/nologin systemd-timesync;', '', d)}"
-USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'networkd', '--system -d / -M --shell /bin/nologin systemd-network;', '', d)}"
-USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'coredump', '--system -d / -M --shell /bin/nologin systemd-coredump;', '', d)}"
-USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'resolved', '--system -d / -M --shell /bin/nologin systemd-resolve;', '', d)}"
+
+base_useradd_params = "--system -d / -M --shell ${base_sbindir}/nologin"
+
+USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${base_useradd_params} systemd-journal-gateway;', '', d)}"
+USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${base_useradd_params} systemd-journal-remote;', '', d)}"
+USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '${base_useradd_params} systemd-journal-upload;', '', d)}"
+USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'timesyncd', '${base_useradd_params} systemd-timesync;', '', d)}"
+USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'networkd', '${base_useradd_params} systemd-network;', '', d)}"
+USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'coredump', '${base_useradd_params} systemd-coredump;', '', d)}"
+USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'resolved', '${base_useradd_params} systemd-resolve;', '', d)}"
USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'polkit', '--system --no-create-home --user-group --home-dir ${sysconfdir}/polkit-1 polkitd;', '', d)}"
GROUPADD_PARAM_${PN} = "-r lock; -r systemd-journal"
-USERADD_PARAM_${PN}-extra-utils += "--system -d / -M --shell /bin/nologin systemd-bus-proxy;"
+USERADD_PARAM_${PN}-extra-utils += "${base_useradd_params} systemd-bus-proxy;"
FILES_${PN}-analyze = "${bindir}/systemd-analyze"
--
2.17.0
More information about the Openembedded-core
mailing list