systemd: Disable support for shadow group

Submitted by Khem Raj on Sept. 19, 2020, 12:16 a.m. | Patch ID: 176643

Details

Message ID 20200919001608.1241434-1-raj.khem@gmail.com
State New
Headers show

Commit Message

Khem Raj Sept. 19, 2020, 12:16 a.m.
enabling shadow drags sshd key generation service into boot path and
serial console launch over getty gets delayed until ssh key generation
is done, on slowers platforms eg. non-kvm qemu this can take minutes to
get ssh keys service to finish on first boot.

On qemumips
56.963s sshdgenkeys.service

Disabling shadow, pulls this out of boot chain, and ssh keys are still
generated but this time it will happen when ssh'ing first time into the
machine.

[YOCTO #13646]

Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 meta/recipes-core/systemd/systemd_246.2.bb | 1 -
 1 file changed, 1 deletion(-)

Patch hide | download patch | download mbox

diff --git a/meta/recipes-core/systemd/systemd_246.2.bb b/meta/recipes-core/systemd/systemd_246.2.bb
index af10e4212b..e3a7cd4971 100644
--- a/meta/recipes-core/systemd/systemd_246.2.bb
+++ b/meta/recipes-core/systemd/systemd_246.2.bb
@@ -66,7 +66,6 @@  PACKAGECONFIG ??= " \
     ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xkbcommon', '', d)} \
     backlight \
     binfmt \
-    gshadow \
     hibernate \
     hostnamed \
     idn \

Comments

Joshua Watt Sept. 19, 2020, 1:13 p.m.
On Fri, Sep 18, 2020, 7:16 PM Khem Raj <raj.khem@gmail.com> wrote:

> enabling shadow drags sshd key generation service into boot path and
> serial console launch over getty gets delayed until ssh key generation
> is done, on slowers platforms eg. non-kvm qemu this can take minutes to
> get ssh keys service to finish on first boot.
>

Hmm, I don't recall this being the case, particularly after we reniced ssh
key generation, but maybe I need to try again


> On qemumips
> 56.963s sshdgenkeys.service
>
> Disabling shadow, pulls this out of boot chain, and ssh keys are still
> generated but this time it will happen when ssh'ing first time into the
> machine.
>
> [YOCTO #13646]
>
> Signed-off-by: Khem Raj <raj.khem@gmail.com>
> ---
>  meta/recipes-core/systemd/systemd_246.2.bb | 1 -
>  1 file changed, 1 deletion(-)
>
> diff --git a/meta/recipes-core/systemd/systemd_246.2.bb
> b/meta/recipes-core/systemd/systemd_246.2.bb
> index af10e4212b..e3a7cd4971 100644
> --- a/meta/recipes-core/systemd/systemd_246.2.bb
> +++ b/meta/recipes-core/systemd/systemd_246.2.bb
> @@ -66,7 +66,6 @@ PACKAGECONFIG ??= " \
>      ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xkbcommon', '', d)} \
>      backlight \
>      binfmt \
> -    gshadow \
>      hibernate \
>      hostnamed \
>      idn \
> --
> 2.28.0
>
>
> 
>
>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#142666): https://lists.openembedded.org/g/openembedded-core/message/142666
Mute This Topic: https://lists.openembedded.org/mt/76946360/3617530
Group Owner: openembedded-core+owner@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [oe-patchwork@oe-patch.openembedded.org]
-=-=-=-=-=-=-=-=-=-=-=-
Richard Purdie Sept. 20, 2020, 1:42 p.m.
On Fri, 2020-09-18 at 17:16 -0700, Khem Raj wrote:
> enabling shadow drags sshd key generation service into boot path and
> serial console launch over getty gets delayed until ssh key
> generation
> is done, on slowers platforms eg. non-kvm qemu this can take minutes
> to
> get ssh keys service to finish on first boot.
> 
> On qemumips
> 56.963s sshdgenkeys.service
> 
> Disabling shadow, pulls this out of boot chain, and ssh keys are
> still
> generated but this time it will happen when ssh'ing first time into
> the
> machine.
> 
> [YOCTO #13646]
> 
> Signed-off-by: Khem Raj <raj.khem@gmail.com>
> ---
>  meta/recipes-core/systemd/systemd_246.2.bb | 1 -
>  1 file changed, 1 deletion(-)

I tested this locally and disabling gshadow didn't seem to affect the
qemumips serial login time. That matches the fact we didn't see it
blocking on ssh keygen in the traces :/.

Cheers,

Richard
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#142670): https://lists.openembedded.org/g/openembedded-core/message/142670
Mute This Topic: https://lists.openembedded.org/mt/76946360/3617530
Group Owner: openembedded-core+owner@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [oe-patchwork@oe-patch.openembedded.org]
-=-=-=-=-=-=-=-=-=-=-=-