Re: [OE-core] [PATCH] systemd: create wheel sysuser group offline
On Mon, Dec 11, 2017 at 6:09 PM, Andre McCurdywrote: > On Fri, Dec 8, 2017 at 11:36 AM, Andre McCurdy wrote: >> On Thu, Dec 7, 2017 at 10:44 PM, Yi Zhao wrote: >>> 在 2017年11月10日 13:54, Andre McCurdy 写道: The default systemd-tmpfiles config file expects to be able to create files etc belonging to the wheel system group. Currently the wheel group is created at run time by systemd-sysusers, but that doesn't happen if systemd-sysusers is disabled (as it currently is by default when building with musl libc). >>> >>> For sysvinit, we follow the Debian rule which doesn't have wheel group in >>> the system. Should we have to break this rule for systemd? Is this necessary >>> to use this group in systemd? >> >> The default systemd-tmpfiles config file expects to be able to create >> files etc belonging to the wheel system group. Unless we patch or >> over-ride the default systemd-tmpfiles config file to change that then >> yes, the wheel group appears to be necessary for systemd. > > Ping. > > This is needed for rocko (assuming systemd with musl is expected to > work with rocko?) so unless there are still strong objections I > recommend merging as-is. > > More significant re-work (e.g. preventing systemd-tmpfiles from being > enabled without systemd-sysusers or patching systemd to remove any > dependency on the wheel group) would not be suitable for rocko, so > should be considered separately. Ping again. -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
Re: [OE-core] [PATCH] systemd: create wheel sysuser group offline
On Fri, Dec 8, 2017 at 11:36 AM, Andre McCurdywrote: > On Thu, Dec 7, 2017 at 10:44 PM, Yi Zhao wrote: >> 在 2017年11月10日 13:54, Andre McCurdy 写道: >>> >>> The default systemd-tmpfiles config file expects to be able to create >>> files etc belonging to the wheel system group. Currently the wheel >>> group is created at run time by systemd-sysusers, but that doesn't >>> happen if systemd-sysusers is disabled (as it currently is by default >>> when building with musl libc). >> >> For sysvinit, we follow the Debian rule which doesn't have wheel group in >> the system. Should we have to break this rule for systemd? Is this necessary >> to use this group in systemd? > > The default systemd-tmpfiles config file expects to be able to create > files etc belonging to the wheel system group. Unless we patch or > over-ride the default systemd-tmpfiles config file to change that then > yes, the wheel group appears to be necessary for systemd. Ping. This is needed for rocko (assuming systemd with musl is expected to work with rocko?) so unless there are still strong objections I recommend merging as-is. More significant re-work (e.g. preventing systemd-tmpfiles from being enabled without systemd-sysusers or patching systemd to remove any dependency on the wheel group) would not be suitable for rocko, so should be considered separately. -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
Re: [OE-core] [PATCH] systemd: create wheel sysuser group offline
On Thu, Dec 7, 2017 at 10:44 PM, Yi Zhaowrote: > 在 2017年11月10日 13:54, Andre McCurdy 写道: >> >> The default systemd-tmpfiles config file expects to be able to create >> files etc belonging to the wheel system group. Currently the wheel >> group is created at run time by systemd-sysusers, but that doesn't >> happen if systemd-sysusers is disabled (as it currently is by default >> when building with musl libc). > > For sysvinit, we follow the Debian rule which doesn't have wheel group in > the system. Should we have to break this rule for systemd? Is this necessary > to use this group in systemd? The default systemd-tmpfiles config file expects to be able to create files etc belonging to the wheel system group. Unless we patch or over-ride the default systemd-tmpfiles config file to change that then yes, the wheel group appears to be necessary for systemd. -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
Re: [OE-core] [PATCH] systemd: create wheel sysuser group offline
在 2017年11月10日 13:54, Andre McCurdy 写道: The default systemd-tmpfiles config file expects to be able to create files etc belonging to the wheel system group. Currently the wheel group is created at run time by systemd-sysusers, but that doesn't happen if systemd-sysusers is disabled (as it currently is by default when building with musl libc). For sysvinit, we follow the Debian rule which doesn't have wheel group in the system. Should we have to break this rule for systemd? Is this necessary to use this group in systemd? //Yi Signed-off-by: Andre McCurdy--- meta/recipes-core/systemd/systemd_234.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-core/systemd/systemd_234.bb b/meta/recipes-core/systemd/systemd_234.bb index 81a9509..7fdb65f 100644 --- a/meta/recipes-core/systemd/systemd_234.bb +++ b/meta/recipes-core/systemd/systemd_234.bb @@ -333,7 +333,7 @@ USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'networkd', '--sys USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'coredump', '--system -d / -M --shell /bin/nologin systemd-coredump;', '', d)}" USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'resolved', '--system -d / -M --shell /bin/nologin systemd-resolve;', '', d)}" USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'polkit', '--system --no-create-home --user-group --home-dir ${sysconfdir}/polkit-1 polkitd;', '', d)}" -GROUPADD_PARAM_${PN} = "-r lock; -r systemd-journal" +GROUPADD_PARAM_${PN} = "-r lock; -r systemd-journal; -r wheel" USERADD_PARAM_${PN}-extra-utils += "--system -d / -M --shell /bin/nologin systemd-bus-proxy;" FILES_${PN}-analyze = "${bindir}/systemd-analyze" -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
Re: [OE-core] [PATCH] systemd: create wheel sysuser group offline
On Mon, Nov 13, 2017 at 12:59 PM, Andre McCurdywrote: > On Mon, Nov 13, 2017 at 12:26 PM, Patrick Ohly wrote: >> On Mon, 2017-11-13 at 12:18 -0800, Andre McCurdy wrote: >>> On Mon, Nov 13, 2017 at 6:48 AM, Patrick Ohly >> > wrote: >>> > On Thu, 2017-11-09 at 21:54 -0800, Andre McCurdy wrote: >>> > > The default systemd-tmpfiles config file expects to be able to >>> > > create >>> > > files etc belonging to the wheel system group. Currently the >>> > > wheel >>> > > group is created at run time by systemd-sysusers, but that >>> > > doesn't >>> > > happen if systemd-sysusers is disabled (as it currently is by >>> > > default >>> > > when building with musl libc). >>> > >>> > Isn't this something that the systemd_create_users rootfs >>> > postprocess >>> > command in rootfs-postcommands.bbclass already takes care of? >>> >>> systemd_create_users() does a build time pass over the >>> systemd-sysusers config files, but those files are not installed if >>> systemd is configured without sysusers support. >> >> I didn't know that this is optional. To me it sounds like an invalid >> (or let's say, unexpected) configuration to install tmpfiles config >> files but not the sysusers files, because as you said, the tmpfiles may >> depend on the sysusers. > > In the current recipe, there's no control of tmpfiles (so it will > always be enabled) and sysusers is controlled by PACKAGECONFIG > (enabled by default - but only when building with glibc), so the > recipe does allow that combination. > >> Anyway, I just wanted to know because I was wondering whether it is >> really necessary to duplicate the user creation information in the >> systemd recipe. >> Ping. Ross, it looks like you've started to stage the later systemd + musl cleanups in mut. This fix is needed too. -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
Re: [OE-core] [PATCH] systemd: create wheel sysuser group offline
On Mon, Nov 13, 2017 at 12:26 PM, Patrick Ohlywrote: > On Mon, 2017-11-13 at 12:18 -0800, Andre McCurdy wrote: >> On Mon, Nov 13, 2017 at 6:48 AM, Patrick Ohly > > wrote: >> > On Thu, 2017-11-09 at 21:54 -0800, Andre McCurdy wrote: >> > > The default systemd-tmpfiles config file expects to be able to >> > > create >> > > files etc belonging to the wheel system group. Currently the >> > > wheel >> > > group is created at run time by systemd-sysusers, but that >> > > doesn't >> > > happen if systemd-sysusers is disabled (as it currently is by >> > > default >> > > when building with musl libc). >> > >> > Isn't this something that the systemd_create_users rootfs >> > postprocess >> > command in rootfs-postcommands.bbclass already takes care of? >> >> systemd_create_users() does a build time pass over the >> systemd-sysusers config files, but those files are not installed if >> systemd is configured without sysusers support. > > I didn't know that this is optional. To me it sounds like an invalid > (or let's say, unexpected) configuration to install tmpfiles config > files but not the sysusers files, because as you said, the tmpfiles may > depend on the sysusers. In the current recipe, there's no control of tmpfiles (so it will always be enabled) and sysusers is controlled by PACKAGECONFIG (enabled by default - but only when building with glibc), so the recipe does allow that combination. > Anyway, I just wanted to know because I was wondering whether it is > really necessary to duplicate the user creation information in the > systemd recipe. > -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
Re: [OE-core] [PATCH] systemd: create wheel sysuser group offline
On Mon, 2017-11-13 at 12:18 -0800, Andre McCurdy wrote: > On Mon, Nov 13, 2017 at 6:48 AM, Patrick Ohly> wrote: > > On Thu, 2017-11-09 at 21:54 -0800, Andre McCurdy wrote: > > > The default systemd-tmpfiles config file expects to be able to > > > create > > > files etc belonging to the wheel system group. Currently the > > > wheel > > > group is created at run time by systemd-sysusers, but that > > > doesn't > > > happen if systemd-sysusers is disabled (as it currently is by > > > default > > > when building with musl libc). > > > > Isn't this something that the systemd_create_users rootfs > > postprocess > > command in rootfs-postcommands.bbclass already takes care of? > > systemd_create_users() does a build time pass over the > systemd-sysusers config files, but those files are not installed if > systemd is configured without sysusers support. I didn't know that this is optional. To me it sounds like an invalid (or let's say, unexpected) configuration to install tmpfiles config files but not the sysusers files, because as you said, the tmpfiles may depend on the sysusers. Anyway, I just wanted to know because I was wondering whether it is really necessary to duplicate the user creation information in the systemd recipe. -- Best Regards, Patrick Ohly The content of this message is my personal opinion only and although I am an employee of Intel, the statements I make here in no way represent Intel's position on the issue, nor am I authorized to speak on behalf of Intel on this matter. -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
Re: [OE-core] [PATCH] systemd: create wheel sysuser group offline
On Mon, Nov 13, 2017 at 6:48 AM, Patrick Ohlywrote: > On Thu, 2017-11-09 at 21:54 -0800, Andre McCurdy wrote: >> The default systemd-tmpfiles config file expects to be able to create >> files etc belonging to the wheel system group. Currently the wheel >> group is created at run time by systemd-sysusers, but that doesn't >> happen if systemd-sysusers is disabled (as it currently is by default >> when building with musl libc). > > Isn't this something that the systemd_create_users rootfs postprocess > command in rootfs-postcommands.bbclass already takes care of? systemd_create_users() does a build time pass over the systemd-sysusers config files, but those files are not installed if systemd is configured without sysusers support. > I know that it is has issues (https://bugzilla.yoctoproject.org/show_bu > g.cgi?id=9789), but it should at least create the wheel group. > > -- > Best Regards, Patrick Ohly -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
Re: [OE-core] [PATCH] systemd: create wheel sysuser group offline
On Thu, 2017-11-09 at 21:54 -0800, Andre McCurdy wrote: > The default systemd-tmpfiles config file expects to be able to create > files etc belonging to the wheel system group. Currently the wheel > group is created at run time by systemd-sysusers, but that doesn't > happen if systemd-sysusers is disabled (as it currently is by default > when building with musl libc). Isn't this something that the systemd_create_users rootfs postprocess command in rootfs-postcommands.bbclass already takes care of? I know that it is has issues (https://bugzilla.yoctoproject.org/show_bu g.cgi?id=9789), but it should at least create the wheel group. -- Best Regards, Patrick Ohly The content of this message is my personal opinion only and although I am an employee of Intel, the statements I make here in no way represent Intel's position on the issue, nor am I authorized to speak on behalf of Intel on this matter. -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core