In some yocto recipes the /sbin/nologin path is incorrectly set to
/bin/nologin. set it to the correct path ${base_sbindir}/nologinSigned-off-by: Nicola Lunghi <[email protected]> --- meta-selftest/files/static-passwd | 20 ++++++++++---------- meta/classes/rootfs-postcommands.bbclass | 4 ++-- meta/recipes-core/systemd/systemd_237.bb | 19 +++++++++++-------- 3 files changed, 23 insertions(+), 20 deletions(-) diff --git a/meta-selftest/files/static-passwd b/meta-selftest/files/static-passwd index 412f85d469..fe1f3247d4 100644 --- a/meta-selftest/files/static-passwd +++ b/meta-selftest/files/static-passwd @@ -1,11 +1,11 @@ messagebus:x:500:500::/var/lib/dbus:/bin/false -systemd-bus-proxy:x:501:501::/:/bin/nologin -systemd-network:x:502:502::/:/bin/nologin -systemd-resolve:x:503:503::/:/bin/nologin -systemd-timesync:x:504:504::/:/bin/nologin -polkitd:x:505:505::/:/bin/nologin -avahi:x:509:509::/:/bin/nologin -avahi-autoipd:x:510:510::/:/bin/nologin -rpc:x:511:511::/:/bin/nologin -distcc:x:512:nogroup::/:/bin/nologin -rpcuser:x:513:513::/var/lib/nfs:/bin/nologin +systemd-bus-proxy:x:501:501::/:/sbin/nologin +systemd-network:x:502:502::/:/sbin/nologin +systemd-resolve:x:503:503::/:/sbin/nologin +systemd-timesync:x:504:504::/:/sbin/nologin +polkitd:x:505:505::/:/sbin/nologin +avahi:x:509:509::/:/sbin/nologin +avahi-autoipd:x:510:510::/:/sbin/nologin +rpc:x:511:511::/:/sbin/nologin +distcc:x:512:nogroup::/:/sbin/nologin +rpcuser:x:513:513::/var/lib/nfs:/sbin/nologin diff --git a/meta/classes/rootfs-postcommands.bbclass b/meta/classes/rootfs-postcommands.bbclass index a4e627fef8..31f630af81 100644 --- a/meta/classes/rootfs-postcommands.bbclass +++ b/meta/classes/rootfs-postcommands.bbclass @@ -63,7 +63,7 @@ systemd_create_users () { [ -e $conffile ] || continue grep -v "^#" $conffile | sed -e '/^$/d' | while read type name id comment; do if [ "$type" = "u" ]; then - useradd_params="--shell /sbin/nologin" + useradd_params="--shell ${base_sbindir}/nologin" [ "$id" != "-" ] && useradd_params="$useradd_params --uid $id" [ "$comment" != "-" ] && useradd_params="$useradd_params --comment $comment" useradd_params="$useradd_params --system $name" @@ -79,7 +79,7 @@ systemd_create_users () { eval groupadd --root ${IMAGE_ROOTFS} --system $group fi if [ ! `grep -q "^${name}:" ${IMAGE_ROOTFS}${sysconfdir}/passwd` ]; then - eval useradd --root ${IMAGE_ROOTFS} --shell /sbin/nologin --system $name + eval useradd --root ${IMAGE_ROOTFS} --shell ${base_sbindir}/nologin --system $name fi eval usermod --root ${IMAGE_ROOTFS} -a -G $group $name fi diff --git a/meta/recipes-core/systemd/systemd_237.bb b/meta/recipes-core/systemd/systemd_237.bb index 7ef42b2eae..b55614158d 100644 --- a/meta/recipes-core/systemd/systemd_237.bb +++ b/meta/recipes-core/systemd/systemd_237.bb @@ -300,16 +300,19 @@ SYSTEMD_PACKAGES = "${@bb.utils.contains('PACKAGECONFIG', 'binfmt', '${PN}-binfm SYSTEMD_SERVICE_${PN}-binfmt = "systemd-binfmt.service" USERADD_PACKAGES = "${PN} ${PN}-extra-utils" -USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '--system -d / -M --shell /bin/nologin systemd-journal-gateway;', '', d)}" -USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '--system -d / -M --shell /bin/nologin systemd-journal-remote;', '', d)}" -USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '--system -d / -M --shell /bin/nologin systemd-journal-upload;', '', d)}" -USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'timesyncd', '--system -d / -M --shell /bin/nologin systemd-timesync;', '', d)}" -USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'networkd', '--system -d / -M --shell /bin/nologin systemd-network;', '', d)}" -USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'coredump', '--system -d / -M --shell /bin/nologin systemd-coredump;', '', d)}" -USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'resolved', '--system -d / -M --shell /bin/nologin systemd-resolve;', '', d)}" + +base_useradd_params = "--system -d / -M --shell ${base_sbindir}/nologin" + +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${base_useradd_params} systemd-journal-gateway;', '', d)}" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${base_useradd_params} systemd-journal-remote;', '', d)}" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '${base_useradd_params} systemd-journal-upload;', '', d)}" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'timesyncd', '${base_useradd_params} systemd-timesync;', '', d)}" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'networkd', '${base_useradd_params} systemd-network;', '', d)}" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'coredump', '${base_useradd_params} systemd-coredump;', '', d)}" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'resolved', '${base_useradd_params} systemd-resolve;', '', d)}" USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'polkit', '--system --no-create-home --user-group --home-dir ${sysconfdir}/polkit-1 polkitd;', '', d)}" GROUPADD_PARAM_${PN} = "-r lock; -r systemd-journal" -USERADD_PARAM_${PN}-extra-utils += "--system -d / -M --shell /bin/nologin systemd-bus-proxy;" +USERADD_PARAM_${PN}-extra-utils += "${base_useradd_params} systemd-bus-proxy;" FILES_${PN}-analyze = "${bindir}/systemd-analyze" -- 2.17.0 -- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
