Re: [OE-core] [PATCH 1/1] base-passwd: disable problematic login.defs options
On 6/17/11 1:10 PM, Scott Garman wrote: On 06/17/2011 10:22 AM, Otavio Salvador wrote: On Fri, Jun 17, 2011 at 17:19, Scott Garmanscott.a.gar...@intel.com wrote: Sorry, I forgot to mention that shadow-utils-native is what is used to modify the passwd/group files in the target sysroot. It seems that having a -native recipe install files into a target sysroot would be worse than including an optional file with base-passwd that may or may not be used in target systems. Why not make an shadow-target package with this? To just install a login.defs file? I'm open to it if a few more people think this is a better idea. The file is needed in order for the utilities that add, remove and modify users/groups to function properly. The full version from shadow utils is used so we are sure we can dead with both shadow-less and shadowed filesystem images. (It's also more full featured then busybox, yet busybox is still compatible with it.) As for the separate package, that should be fine.. but remember this is a very small file, so is it worth another package? (If so, then base-files likely should depend on it for build-time, but not run-time.) --Mark Scott ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
Re: [OE-core] [PATCH 1/1] base-passwd: disable problematic login.defs options
On Sun, Jun 19, 2011 at 7:13 PM, Mark Hatle mark.ha...@windriver.com wrote: On 6/17/11 1:10 PM, Scott Garman wrote: On 06/17/2011 10:22 AM, Otavio Salvador wrote: On Fri, Jun 17, 2011 at 17:19, Scott Garmanscott.a.gar...@intel.com wrote: Sorry, I forgot to mention that shadow-utils-native is what is used to modify the passwd/group files in the target sysroot. It seems that having a -native recipe install files into a target sysroot would be worse than including an optional file with base-passwd that may or may not be used in target systems. Why not make an shadow-target package with this? To just install a login.defs file? I'm open to it if a few more people think this is a better idea. The file is needed in order for the utilities that add, remove and modify users/groups to function properly. The full version from shadow utils is used so we are sure we can dead with both shadow-less and shadowed filesystem images. (It's also more full featured then busybox, yet busybox is still compatible with it.) Will shadow be able to override this file ? one thing I see is that it wont get any updates that shadow might do to this file in future. As for the separate package, that should be fine.. but remember this is a very small file, so is it worth another package? (If so, then base-files likely should depend on it for build-time, but not run-time.) --Mark Scott ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
Re: [OE-core] [PATCH 1/1] base-passwd: disable problematic login.defs options
On 06/19/2011 07:41 PM, Khem Raj wrote: On Sun, Jun 19, 2011 at 7:13 PM, Mark Hatlemark.ha...@windriver.com wrote: On 6/17/11 1:10 PM, Scott Garman wrote: On 06/17/2011 10:22 AM, Otavio Salvador wrote: On Fri, Jun 17, 2011 at 17:19, Scott Garmanscott.a.gar...@intel.comwrote: Sorry, I forgot to mention that shadow-utils-native is what is used to modify the passwd/group files in the target sysroot. It seems that having a -native recipe install files into a target sysroot would be worse than including an optional file with base-passwd that may or may not be used in target systems. Why not make an shadow-target package with this? To just install a login.defs file? I'm open to it if a few more people think this is a better idea. The file is needed in order for the utilities that add, remove and modify users/groups to function properly. The full version from shadow utils is used so we are sure we can dead with both shadow-less and shadowed filesystem images. (It's also more full featured then busybox, yet busybox is still compatible with it.) Will shadow be able to override this file ? one thing I see is that it wont get any updates that shadow might do to this file in future. Now that I think of it, the reason Koen ran into the error messages was that the login.defs I shipped with base-passwd had various variables uncommented that the shadow recipe comments out (there's a sed script included with shadow which does this). Which means that his image, which had shadow installed, was *not* overriding the login.defs from base-passwd. I'm now convinced that creating a shadow-cross package which just ships a login.defs file is the right thing to do, and to remove it from base-passwd. Thanks everyone for the feedback thus far. I will be away at a conference for most of this coming week, but will try to squeeze this in on Monday. Scott -- Scott Garman Embedded Linux Engineer - Yocto Project Intel Open Source Technology Center ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
Re: [OE-core] [PATCH 1/1] base-passwd: disable problematic login.defs options
Op 16 jun 2011, om 20:50 heeft Scott Garman het volgende geschreven: This resolves the following runtime errors when various shadow-utils binaries are run: configuration error - unknown item 'FAILLOG_ENAB' (notify administrator) configuration error - unknown item 'LASTLOG_ENAB' (notify administrator) configuration error - unknown item 'OBSCURE_CHECKS_ENAB' (notify administrator) configuration error - unknown item 'PORTTIME_CHECKS_ENAB' (notify administrator) configuration error - unknown item 'QUOTAS_ENAB' (notify administrator) configuration error - unknown item 'MOTD_FILE' (notify administrator) configuration error - unknown item 'FTMP_FILE' (notify administrator) configuration error - unknown item 'NOLOGINS_FILE' (notify administrator) configuration error - unknown item 'ENV_HZ' (notify administrator) configuration error - unknown item 'PASS_MIN_LEN' (notify administrator) configuration error - unknown item 'SU_WHEEL_ONLY' (notify administrator) configuration error - unknown item 'CRACKLIB_DICTPATH' (notify administrator) configuration error - unknown item 'PASS_CHANGE_TRIES' (notify administrator) configuration error - unknown item 'PASS_ALWAYS_WARN' (notify administrator) configuration error - unknown item 'CHFN_AUTH' (notify administrator) configuration error - unknown item 'ENVIRON_FILE' (notify administrator) This fixes bug [YOCTO #1170] Signed-off-by: Scott Garman scott.a.gar...@intel.com Fix confirmed: Acked-by: Koen Kooi k...@dominion.thruhere.net ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
Re: [OE-core] [PATCH 1/1] base-passwd: disable problematic login.defs options
On 06/17/2011 09:43 AM, Khem Raj wrote: On Fri, Jun 17, 2011 at 9:34 AM, Scott Garmanscott.a.gar...@intel.com wrote: On 06/16/2011 04:54 PM, Khem Raj wrote: On 06/16/2011 11:50 AM, Scott Garman wrote: This resolves the following runtime errors when various shadow-utils binaries are run: configuration error - unknown item 'FAILLOG_ENAB' (notify administrator) configuration error - unknown item 'LASTLOG_ENAB' (notify administrator) configuration error - unknown item 'OBSCURE_CHECKS_ENAB' (notify administrator) configuration error - unknown item 'PORTTIME_CHECKS_ENAB' (notify administrator) configuration error - unknown item 'QUOTAS_ENAB' (notify administrator) configuration error - unknown item 'MOTD_FILE' (notify administrator) configuration error - unknown item 'FTMP_FILE' (notify administrator) configuration error - unknown item 'NOLOGINS_FILE' (notify administrator) configuration error - unknown item 'ENV_HZ' (notify administrator) configuration error - unknown item 'PASS_MIN_LEN' (notify administrator) configuration error - unknown item 'SU_WHEEL_ONLY' (notify administrator) configuration error - unknown item 'CRACKLIB_DICTPATH' (notify administrator) configuration error - unknown item 'PASS_CHANGE_TRIES' (notify administrator) configuration error - unknown item 'PASS_ALWAYS_WARN' (notify administrator) configuration error - unknown item 'CHFN_AUTH' (notify administrator) configuration error - unknown item 'ENVIRON_FILE' (notify administrator) This fixes bug [YOCTO #1170] Signed-off-by: Scott Garmanscott.a.gar...@intel.com --- .../base-passwd/base-passwd-3.5.22/login.defs | 32 ++-- .../recipes-core/base-passwd/base-passwd_3.5.22.bb | 2 +- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/meta/recipes-core/base-passwd/base-passwd-3.5.22/login.defs b/meta/recipes-core/base-passwd/base-passwd-3.5.22/login.defs index 1d392ac..2708eb6 100644 --- a/meta/recipes-core/base-passwd/base-passwd-3.5.22/login.defs +++ b/meta/recipes-core/base-passwd/base-passwd-3.5.22/login.defs I wonder if login.defs should be provided at all by base-passwd package. It should come from shadow isnt it ? Hi Khem, The reason for including the login.defs file with base-passwd has to do with the new useradd.bbclass that I developed (Richard is still holding it for code review, but we should see it here soon). The way it works is custom users/groups get added to the passwd/group files in the target machine's sysroot. The shadow utils require a login.defs in order to work. hence it should come from shadow isnt it ? why from base-passwd ? if someone is not using using shadow this file will be useless for him/her isnt it ? Sorry, I forgot to mention that shadow-utils-native is what is used to modify the passwd/group files in the target sysroot. It seems that having a -native recipe install files into a target sysroot would be worse than including an optional file with base-passwd that may or may not be used in target systems. Scott -- Scott Garman Embedded Linux Engineer - Yocto Project Intel Open Source Technology Center ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
Re: [OE-core] [PATCH 1/1] base-passwd: disable problematic login.defs options
On 06/17/2011 10:22 AM, Otavio Salvador wrote: On Fri, Jun 17, 2011 at 17:19, Scott Garmanscott.a.gar...@intel.com wrote: Sorry, I forgot to mention that shadow-utils-native is what is used to modify the passwd/group files in the target sysroot. It seems that having a -native recipe install files into a target sysroot would be worse than including an optional file with base-passwd that may or may not be used in target systems. Why not make an shadow-target package with this? To just install a login.defs file? I'm open to it if a few more people think this is a better idea. Scott -- Scott Garman Embedded Linux Engineer - Yocto Project Intel Open Source Technology Center ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core