Message ID | 20231124141213.2071910-1-martin@geanix.com |
---|---|
State | Accepted, archived |
Commit | 778fcc8d2e6eb1bd2c88a6abb14dbd6666720205 |
Headers | show |
Series | libpam: split /etc/environment into pam-plugin-env package | expand |
> -----Original Message----- > From: openembedded-core@lists.openembedded.org <openembedded-core@lists.openembedded.org> On Behalf Of Martin Hundeb?ll > Sent: den 24 november 2023 15:12 > To: openembedded-core@lists.openembedded.org > Cc: Martin Hundebøll <martin@geanix.com> > Subject: [OE-core] [PATCH] libpam: split /etc/environment into pam-plugin-env package > > Since systemd-v255, pam-plugin-umask is pulled in by by the logind > package config for systemd. This causes /etc/environment to by installed Change "by" to "be". > as part of libpam-runtime. In our case, this broke do_rootfs for our > image, because /etc/environment is already provided another (custom) Change "another" to "by another". > recipe. > > Fix this by making the /etc/environment file part of the pam-plugin-env > package, which isn't automatically pulled in by systemd-logind. It also > happens to be the where it should be, as the file is installed as by the > pam_env plugin. > > Signed-off-by: Martin Hundebøll <martin@geanix.com> > --- > meta/recipes-extended/pam/libpam_1.5.3.bb | 7 ++++++- > 1 file changed, 6 insertions(+), 1 deletion(-) > > diff --git a/meta/recipes-extended/pam/libpam_1.5.3.bb b/meta/recipes-extended/pam/libpam_1.5.3.bb > index 1aa307af4d..c2ba1e6899 100644 > --- a/meta/recipes-extended/pam/libpam_1.5.3.bb > +++ b/meta/recipes-extended/pam/libpam_1.5.3.bb > @@ -51,9 +51,14 @@ PACKAGECONFIG[userdb] = "--enable-db=db,--enable-db=no,db," > PACKAGES += "${PN}-runtime ${PN}-xtests" > FILES:${PN} = "${base_libdir}/lib*${SOLIBS}" > FILES:${PN}-dev += "${base_libdir}/security/*.la ${base_libdir}/*.la ${base_libdir}/lib*${SOLIBSDEV}" > -FILES:${PN}-runtime = "${sysconfdir} ${sbindir} ${systemd_system_unitdir}" > +FILES:${PN}-runtime = "${sysconfdir}/pam.d ${sysconfdir}/security ${sysconfdir}/tmpfiles.d ${sbindir} ${systemd_system_unitdir}" This is prone to errors if libpam adds anything else to /etc in the future. If you instead add `prepend=True` as argument to the do_split_packages() call that creates the pam-plugin packages, this should not be needed. > FILES:${PN}-xtests = "${datadir}/Linux-PAM/xtests" > > +# libpam installs /etc/environment for use with the pam_env plugin. Make sure it is > +# packaged with the pam-plugin-env package to avoid breaking installations which > +# install that file via other packages > +FILES:pam-plugin-env = "/etc/environment" Change /etc to ${sysconfir}. > + > PACKAGES_DYNAMIC += "^${MLPREFIX}pam-plugin-.*" > > def get_multilib_bit(d): > -- > 2.42.0 //Peter
diff --git a/meta/recipes-extended/pam/libpam_1.5.3.bb b/meta/recipes-extended/pam/libpam_1.5.3.bb index 1aa307af4d..c2ba1e6899 100644 --- a/meta/recipes-extended/pam/libpam_1.5.3.bb +++ b/meta/recipes-extended/pam/libpam_1.5.3.bb @@ -51,9 +51,14 @@ PACKAGECONFIG[userdb] = "--enable-db=db,--enable-db=no,db," PACKAGES += "${PN}-runtime ${PN}-xtests" FILES:${PN} = "${base_libdir}/lib*${SOLIBS}" FILES:${PN}-dev += "${base_libdir}/security/*.la ${base_libdir}/*.la ${base_libdir}/lib*${SOLIBSDEV}" -FILES:${PN}-runtime = "${sysconfdir} ${sbindir} ${systemd_system_unitdir}" +FILES:${PN}-runtime = "${sysconfdir}/pam.d ${sysconfdir}/security ${sysconfdir}/tmpfiles.d ${sbindir} ${systemd_system_unitdir}" FILES:${PN}-xtests = "${datadir}/Linux-PAM/xtests" +# libpam installs /etc/environment for use with the pam_env plugin. Make sure it is +# packaged with the pam-plugin-env package to avoid breaking installations which +# install that file via other packages +FILES:pam-plugin-env = "/etc/environment" + PACKAGES_DYNAMIC += "^${MLPREFIX}pam-plugin-.*" def get_multilib_bit(d):
Since systemd-v255, pam-plugin-umask is pulled in by by the logind package config for systemd. This causes /etc/environment to by installed as part of libpam-runtime. In our case, this broke do_rootfs for our image, because /etc/environment is already provided another (custom) recipe. Fix this by making the /etc/environment file part of the pam-plugin-env package, which isn't automatically pulled in by systemd-logind. It also happens to be the where it should be, as the file is installed as by the pam_env plugin. Signed-off-by: Martin Hundebøll <martin@geanix.com> --- meta/recipes-extended/pam/libpam_1.5.3.bb | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-)