From patchwork Tue Aug 23 23:54:32 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Gherzan X-Patchwork-Id: 11795 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id DF35AC32793 for ; Tue, 23 Aug 2022 23:54:48 +0000 (UTC) Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) by mx.groups.io with SMTP id smtpd.web10.5292.1661298886125334768 for ; Tue, 23 Aug 2022 16:54:46 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@gherzan.com header.s=fm2 header.b=t1RtJY9O; spf=pass (domain: gherzan.com, ip: 64.147.123.25, mailfrom: andrei@gherzan.com) Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.west.internal (Postfix) with ESMTP id 22FF932001FC; Tue, 23 Aug 2022 19:54:45 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Tue, 23 Aug 2022 19:54:45 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gherzan.com; h= cc:cc:content-transfer-encoding:date:date:from:from:in-reply-to :message-id:mime-version:reply-to:sender:subject:subject:to:to; s=fm2; t=1661298884; x=1661385284; bh=bUhjuiqojLpkWg7nmxZj0xVjY FV5zM/BWAmgFS2CPJc=; b=t1RtJY9OaUoFJLDN72XTIVA2FE+jLYJx8L/UwgYO/ vJe9bsGMU8/OsZk8q0fjTSfOmSGHkY99RHH75A0WUAV31MvGvTfGtLUiQuBRBicU WCCPkpwxYdhY+sop44KMCWOZdpIEXRW0CI/mBqvNhfwSubfr+fzOKCbuSzsLi7wR Hm3bmhvWHwzD/O35Aw8KRrFyaA41bPk2MpheQsc0/ksXl1cweQHu8t44KX9Ik+sE /ChCEZ+D4bilIi9Tg4IsA0Of8OVe1+cCrIxiuweA4B8Ye+7JXnSNtHb/zCDZiP8f EmmmX1yK0stO9gqlpt585n3J2bqKKFFk8Lgga6Em/sGhQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding:date:date :feedback-id:feedback-id:from:from:in-reply-to:message-id :mime-version:reply-to:sender:subject:subject:to:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t= 1661298884; x=1661385284; bh=bUhjuiqojLpkWg7nmxZj0xVjYFV5zM/BWAm gFS2CPJc=; b=Ov+Y1ysOOAY0cl+7SaY//9girKBKnLbgjk3889aed6FK+7NQGS9 4gvS1hyBxCp8PM9yS2g0HTOPvXdI0fEkXvTO2tFLec+YNU65XDhGjRx3ijXMm3Kg jfvi1d4NvaMzvjNiFRFY6HYfOxRprdFJYfNTHBXP8l9JZy/jZsQ/VsgfsBT2Z3sG mids220956flziQLD0uyuD3FlbY+8XsXsksrckd6KBaaXvBU+bvR8ZX5juFACSEh XH2wCMJmCquf1uEm/eEZ/b5crelOHWiN4BXiWAVU4GYpJhTjIC5woppp3gIgSUqH X0aEAc8jeZtFz+1/azLVRv7cp1t+5z2QVaQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrvdejtddgvdekucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvfevufffkffoggfgsedtkeertd ertddtnecuhfhrohhmpeetnhgurhgvihcuifhhvghriigrnhcuoegrnhgurhgvihesghhh vghriigrnhdrtghomheqnecuggftrfgrthhtvghrnhepieejlefhveevleffveegfeetle ejtedvgeejtddthefhhfdtiefhveegffeggeeknecuvehluhhsthgvrhfuihiivgeptden ucfrrghrrghmpehmrghilhhfrhhomheprghnughrvghisehghhgvrhiirghnrdgtohhm X-ME-Proxy: Feedback-ID: i68994715:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 23 Aug 2022 19:54:43 -0400 (EDT) From: Andrei Gherzan To: openembedded-core@lists.openembedded.org Cc: andrei@gherzan.com, Andrei Gherzan Subject: [PATCH 1/6] shadow: Enable subid support Date: Wed, 24 Aug 2022 01:54:32 +0200 Message-Id: <20220823235437.2486678-1-andrei@gherzan.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 23 Aug 2022 23:54:48 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/169762 From: Andrei Gherzan shadow utils are used when creating users at image creation time. The useradd/usermod tools will only try to add a default configuration for subid files if they exist. Signed-off-by: Andrei Gherzan --- meta/recipes-extended/shadow/shadow.inc | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/meta/recipes-extended/shadow/shadow.inc b/meta/recipes-extended/shadow/shadow.inc index fbb1d395ff..b2f82e9ac7 100644 --- a/meta/recipes-extended/shadow/shadow.inc +++ b/meta/recipes-extended/shadow/shadow.inc @@ -147,6 +147,13 @@ do_install:append() { # Handle link properly after rename, otherwise missing files would # lead rpm failed dependencies. ln -sf newgrp.${BPN} ${D}${bindir}/sg + + # usermod requires the subuid/subgid files to be in place before being + # able to use the -v/-V flags otherwise it fails: + # usermod: /etc/subuid does not exist, you cannot use the flags -v or -V + install -d ${D}${sysconfdir} + touch ${D}${sysconfdir}/subuid + touch ${D}${sysconfdir}/subgid } PACKAGES =+ "${PN}-base" From patchwork Tue Aug 23 23:55:26 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Gherzan X-Patchwork-Id: 11796 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id D33B1C3F6B0 for ; Tue, 23 Aug 2022 23:55:48 +0000 (UTC) Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) by mx.groups.io with SMTP id smtpd.web10.5299.1661298945179683076 for ; Tue, 23 Aug 2022 16:55:45 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@gherzan.com header.s=fm2 header.b=VGc+CThX; spf=pass (domain: gherzan.com, ip: 64.147.123.25, mailfrom: andrei@gherzan.com) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.west.internal (Postfix) with ESMTP id 6846832007BE; Tue, 23 Aug 2022 19:55:44 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute5.internal (MEProxy); Tue, 23 Aug 2022 19:55:44 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gherzan.com; h= cc:cc:content-transfer-encoding:date:date:from:from:in-reply-to :message-id:mime-version:reply-to:sender:subject:subject:to:to; s=fm2; t=1661298943; x=1661385343; bh=GFOEA58oxlCs50qAZkzVb+1Ot PdxY1eT4ghGCgJ0VKo=; b=VGc+CThX1Li55RYiSTMGR4pB4e9s5B3AlBLJZbB9a NpAwbpM7FPhYB1wRSLy+vSzbMixCHAMSSaHkpVMcw7I2ttyi11Z3pt1bbVBiLNQz cdB62f9sKvrvPiibM1wSM6/m53WQPm2iuLM1oFW+cCxFxPvi5ybo9JzWpL79PhVP it7jh9tbfzXzZazzC3tnbFoFGMB7KG87wtWefRycVUFDkYpa2PLDraXF+W0jMNqG aqSCbC9n6fwKwFqwhEe6+WuJqvn6OJ/kptiXE3fXq0HsiA0ign1sjfNnl+VDw+ed MAdS85osFeL8pakz7FtVvb6wX/ZqSu54Hwz7dvUXLlGWQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding:date:date :feedback-id:feedback-id:from:from:in-reply-to:message-id :mime-version:reply-to:sender:subject:subject:to:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t= 1661298943; x=1661385343; bh=GFOEA58oxlCs50qAZkzVb+1OtPdxY1eT4gh GCgJ0VKo=; b=O6M49xtbCTjiR93kD2wZCMMj5EzN1x90EcT5jfSrMFb5YM4s0Qn Z3zq3meTGh2JYelLSBV6Ij5eCekWR7in/ci/N4XajbpeMAbc2G+k0yQhMm3iXRUg sLsHbgLCMluoyA3GCgc3/A/vGscnT+3lqPZV/hNnbFSVvh2u28jPJH4VMhSILRGk mW54FELho33yo9jO1QvMtyCVlIFdgZh+APQagJdahqeufSdc1xKKif5HrmRT2Fq4 0M52QN0EIVmFk31LoNGNuVb2ekUfQ0xHRWEiN7HU8ayiTl6Yuo2GBNvupvP/4R7u PIwkgyrRlg29DHGJxWAJySkrtnWvZ4T591A== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrvdejtddgvdelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvfevufffkffoggfgsedtkeertd ertddtnecuhfhrohhmpeetnhgurhgvihcuifhhvghriigrnhcuoegrnhgurhgvihesghhh vghriigrnhdrtghomheqnecuggftrfgrthhtvghrnhepieejlefhveevleffveegfeetle ejtedvgeejtddthefhhfdtiefhveegffeggeeknecuvehluhhsthgvrhfuihiivgeptden ucfrrghrrghmpehmrghilhhfrhhomheprghnughrvghisehghhgvrhiirghnrdgtohhm X-ME-Proxy: Feedback-ID: i68994715:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 23 Aug 2022 19:55:42 -0400 (EDT) From: Andrei Gherzan To: openembedded-core@lists.openembedded.org Cc: andrei@gherzan.com, Andrei Gherzan Subject: [PATCH 2/6] rootfspostcommands.py: Restructure sort_passwd and related functions Date: Wed, 24 Aug 2022 01:55:26 +0200 Message-Id: <20220823235530.2487410-2-andrei@gherzan.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 23 Aug 2022 23:55:48 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/169763 From: Andrei Gherzan This change proposes a restructure of the functions in rootfspostcommandstests.py to clarify the purpose of each function and also, make it scalable for other use cases (for example adding support for removing subid backup files). The main function of interest here is 'tidy_shadowutils_files' which brings in the functionality of the old 'sort_passwd' making it clear that it doesn't only sort the passwd file: - delete backup files - it sorts passwd, group and the associated shadow files The other functions are also renamed for consistency and clarity and more documentation was added. Signed-off-by: Andrei Gherzan --- meta/lib/rootfspostcommands.py | 60 ++++++++++++++++++++++++---------- 1 file changed, 43 insertions(+), 17 deletions(-) diff --git a/meta/lib/rootfspostcommands.py b/meta/lib/rootfspostcommands.py index b5a51295e2..e344ae2efc 100644 --- a/meta/lib/rootfspostcommands.py +++ b/meta/lib/rootfspostcommands.py @@ -6,13 +6,14 @@ import os -def sort_file(filename, mapping): +def sort_shadowutils_file(filename, mapping): """ Sorts a passwd or group file based on the numeric ID in the third column. If a mapping is given, the name from the first column is mapped via that dictionary instead (necessary for /etc/shadow and /etc/gshadow). If not, a new mapping is created on the fly and returned. """ + new_mapping = {} with open(filename, 'rb+') as f: lines = f.readlines() @@ -33,30 +34,55 @@ def sort_file(filename, mapping): # We overwrite the entire file, i.e. no truncate() necessary. f.seek(0) f.write(b''.join(lines)) + return new_mapping -def remove_backup(filename): +def sort_shadowutils_files(sysconfdir): """ - Removes the backup file for files like /etc/passwd. + Sorts shadow-utils 'passwd' and 'group' files in a rootfs' /etc directory + by ID. """ - backup_filename = filename + '-' - if os.path.exists(backup_filename): - os.unlink(backup_filename) -def sort_passwd(sysconfdir): - """ - Sorts passwd and group files in a rootfs /etc directory by ID. - Backup files are sometimes are inconsistent and then cannot be - sorted (YOCTO #11043), and more importantly, are not needed in - the initial rootfs, so they get deleted. - """ for main, shadow in (('passwd', 'shadow'), ('group', 'gshadow')): filename = os.path.join(sysconfdir, main) - remove_backup(filename) if os.path.exists(filename): - mapping = sort_file(filename, None) + mapping = sort_shadowutils_file(filename, None) filename = os.path.join(sysconfdir, shadow) - remove_backup(filename) if os.path.exists(filename): - sort_file(filename, mapping) + sort_shadowutils_file(filename, mapping) + +def remove_shadowutils_backup_file(filename): + """ + Remove shadow-utils backup file for files like /etc/passwd. + """ + + backup_filename = filename + '-' + if os.path.exists(backup_filename): + os.unlink(backup_filename) + +def remove_shadowutils_backup_files(sysconfdir): + """ + Remove shadow-utils backup files in a rootfs /etc directory. They are not + needed in the initial root filesystem and sorting them can be inconsistent + (YOCTO #11043). + """ + + for filename in ( + 'group', + 'gshadow', + 'passwd', + 'shadow', + ): + filepath = os.path.join(sysconfdir, filename) + remove_shadowutils_backup_file(filepath) + +def tidy_shadowutils_files(sysconfdir): + """ + Tidy up shadow-utils files. + """ + + remove_shadowutils_backup_files(sysconfdir) + sort_shadowutils_files(sysconfdir) + + return True From patchwork Tue Aug 23 23:56:21 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Gherzan X-Patchwork-Id: 11797 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C4966C32793 for ; Tue, 23 Aug 2022 23:56:38 +0000 (UTC) Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) by mx.groups.io with SMTP id smtpd.web10.5309.1661298998438661897 for ; Tue, 23 Aug 2022 16:56:38 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@gherzan.com header.s=fm2 header.b=tzcwraJi; spf=pass (domain: gherzan.com, ip: 64.147.123.25, mailfrom: andrei@gherzan.com) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.west.internal (Postfix) with ESMTP id 8A3A932001FC; Tue, 23 Aug 2022 19:56:37 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Tue, 23 Aug 2022 19:56:37 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gherzan.com; h= cc:cc:content-transfer-encoding:date:date:from:from:in-reply-to :message-id:mime-version:reply-to:sender:subject:subject:to:to; s=fm2; t=1661298997; x=1661385397; bh=Qw8HBwI4T28hpMPRdWIH5ptSe buKo+bE8Ur0f2jKB98=; b=tzcwraJicIsHW8fc3DRniPewu0+kJkGg8+Nw0JtDq pJPS/BO6wpAsozxRyB8wvLFIW4JEqGDvCBJplcNfWUf0gLUvuWn5vyeXpMdJWF42 820P/RTP+fgWxV3/0Xbqnxfazpg2jPQDYnSjp+iAXXN4en88F2u8nOcKCpXGgYSE WtF1BFhTuim2a1EKkBxDwddCaoy4mkBhD3m9Upm0m5ZU10Ef0XdT1tyxvCGLpXPn T78vuZKvyZinkryR3QCSswJZuSC35+XBIEPk0kofrMoENaQAnirLi0dO+loyPfFZ PlFeJcTEGde5BbUF3/hJrfG6j/AT1ICAwkoYMFKwGdQcg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding:date:date :feedback-id:feedback-id:from:from:in-reply-to:message-id :mime-version:reply-to:sender:subject:subject:to:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t= 1661298997; x=1661385397; bh=Qw8HBwI4T28hpMPRdWIH5ptSebuKo+bE8Ur 0f2jKB98=; b=QgI22WOWT22lR5/E2hAF59X5dN0xgMWvcaLK8PkX/ApUqvg8Moj i7nfpPoONHtkiQ2F78Z82fkmdEV4i1s/1czVETuTG0uMrZnzG9HyXSEK3VkvUS8c h6/bTRM34jppz5jw/lyw114b31kQGJXfAdGJjF5cOjfp6iXyV2G4wV/mE/0YUGDx gFU+/3XLQ+bSey1eu5jBPVqPhZUpuz4XxtV7tw2sJNvWj7tFjNQeIIji5Xswrb54 zX7Vc2XAvbT4lm/XAXVjkOYaxCn8qQlpsQU2Y++d6+ZFXwuD70rWke+elHofW4w+ cY7Hp0LiJVKyMfTFDaBrHgmE0V7o5+lwy9w== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrvdejtddgvdelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvfevufffkffoggfgsedtkeertd ertddtnecuhfhrohhmpeetnhgurhgvihcuifhhvghriigrnhcuoegrnhgurhgvihesghhh vghriigrnhdrtghomheqnecuggftrfgrthhtvghrnhepieejlefhveevleffveegfeetle ejtedvgeejtddthefhhfdtiefhveegffeggeeknecuvehluhhsthgvrhfuihiivgeptden ucfrrghrrghmpehmrghilhhfrhhomheprghnughrvghisehghhgvrhiirghnrdgtohhm X-ME-Proxy: Feedback-ID: i68994715:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 23 Aug 2022 19:56:36 -0400 (EDT) From: Andrei Gherzan To: openembedded-core@lists.openembedded.org Cc: andrei@gherzan.com, Andrei Gherzan Subject: [PATCH 3/6] rootfspostcommands.py: Cleanup subid backup files generated by shadow-utils Date: Wed, 24 Aug 2022 01:56:21 +0200 Message-Id: <20220823235624.2488133-3-andrei@gherzan.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 23 Aug 2022 23:56:38 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/169764 From: Andrei Gherzan When creating users, shadow-utils might create backup files for subordinate ID files (subid, subgid). Make sure we clean them up similarly to the other backup files shadow-utils creates. Signed-off-by: Andrei Gherzan --- meta/lib/rootfspostcommands.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/lib/rootfspostcommands.py b/meta/lib/rootfspostcommands.py index e344ae2efc..5386eea409 100644 --- a/meta/lib/rootfspostcommands.py +++ b/meta/lib/rootfspostcommands.py @@ -73,6 +73,8 @@ def remove_shadowutils_backup_files(sysconfdir): 'gshadow', 'passwd', 'shadow', + 'subgid', + 'subuid', ): filepath = os.path.join(sysconfdir, filename) remove_shadowutils_backup_file(filepath) From patchwork Tue Aug 23 23:56:22 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Gherzan X-Patchwork-Id: 11799 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C4EB6C32793 for ; Tue, 23 Aug 2022 23:56:58 +0000 (UTC) Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) by mx.groups.io with SMTP id smtpd.web08.5298.1661299009304304704 for ; Tue, 23 Aug 2022 16:56:49 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@gherzan.com header.s=fm2 header.b=N0r2OFuO; spf=pass (domain: gherzan.com, ip: 64.147.123.25, mailfrom: andrei@gherzan.com) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.west.internal (Postfix) with ESMTP id 8DE5A3200124; Tue, 23 Aug 2022 19:56:48 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Tue, 23 Aug 2022 19:56:48 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gherzan.com; h= cc:cc:content-transfer-encoding:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to; s=fm2; t=1661299008; x=1661385408; bh=Hr J+swoc1aCwlxq8XZ1IZ6Ken2TwHcGSRK5CKatH6NA=; b=N0r2OFuOiHGU0FzUvI /zPZ37JCgKYqs/h6ASBn2r9TPIWx9ycHaL8Ux7MEaz6bCCeGeBglFPainG2Y+Fg1 L/87eoJ5svj4qPRPCk4V9u2B/726tz8E0xGF2rKzz/E4ENNFBc59EYZS8gRI+7Nj 47zGUXhcle0SgoMgj7JsW6yQpUNhazNJ1kURDcJJIErATl7dtoQrHkkkVhp1VQFE CXDIHYZrcKehEAv34uXWpDv+kwge9wgfvqrRRLgOifvCye9BCv9n37Mo1pmsdHih n0o6gcrwgNm1DPodtjbOmNsU7zN/TU4nHX5s5a9JJOEpLayKCifR7I2x4eWHhEZI QlMQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; t=1661299008; x=1661385408; bh=HrJ+swoc1aCwl xq8XZ1IZ6Ken2TwHcGSRK5CKatH6NA=; b=XuXMjaqgUcVIE1X/QAExjTFFEiL5S wS9QNBp4EPlWwsx+6l1jvl96OqK3q3/6a/m0YU6pK3yJJN8t57japolmwUQMLiL+ a+lzAfmdvgrubCEfc1LYzDi0VTQICNzIATb+op3NNq84TyMPJwPlKzNX4jlBDHW3 ycgNAeLpvBV+Pb3RNZQlHrE8hoqbWvfPT+f8qVLK34Hpqvp4twvex+SS7x+AGdfe YnAYIgWS//R5v1z+EoYEFilfUsaDDsEoKBuo8QneegoYcNKVyemWw9MJyj8g+14s gn1j+T7I1N8UuCRGypJAfCB2jiLqssOWzSRFHq33zJ3Je/mK0dvw55KdA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrvdejtddgvdelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvfevufffkffojghfggfgsedtke ertdertddtnecuhfhrohhmpeetnhgurhgvihcuifhhvghriigrnhcuoegrnhgurhgvihes ghhhvghriigrnhdrtghomheqnecuggftrfgrthhtvghrnhepieevlefhieefffffgeetud euudffueelveeggfdvtdfhvdethfeuheehhfduffdvnecuffhomhgrihhnpehsvghlfhht vghsthdrtggrshgvnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilh hfrhhomheprghnughrvghisehghhgvrhiirghnrdgtohhm X-ME-Proxy: Feedback-ID: i68994715:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 23 Aug 2022 19:56:47 -0400 (EDT) From: Andrei Gherzan To: openembedded-core@lists.openembedded.org Cc: andrei@gherzan.com, Andrei Gherzan Subject: [PATCH 4/6] selftest: Add module for testing rootfs postcommands Date: Wed, 24 Aug 2022 01:56:22 +0200 Message-Id: <20220823235624.2488133-4-andrei@gherzan.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220823235624.2488133-3-andrei@gherzan.com> References: <20220823235624.2488133-3-andrei@gherzan.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 23 Aug 2022 23:56:58 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/169765 From: Andrei Gherzan The initial implementation adds tests for 'tidy_shadowutils_files'. Signed-off-by: Andrei Gherzan --- .../selftest/cases/rootfspostcommandstests.py | 97 +++++++++++++++++++ 1 file changed, 97 insertions(+) create mode 100644 meta/lib/oeqa/selftest/cases/rootfspostcommandstests.py diff --git a/meta/lib/oeqa/selftest/cases/rootfspostcommandstests.py b/meta/lib/oeqa/selftest/cases/rootfspostcommandstests.py new file mode 100644 index 0000000000..44e2c09a6f --- /dev/null +++ b/meta/lib/oeqa/selftest/cases/rootfspostcommandstests.py @@ -0,0 +1,97 @@ +# SPDX-FileCopyrightText: Huawei Inc. +# +# SPDX-License-Identifier: MIT + +import os +import oe +import unittest +from oeqa.selftest.case import OESelftestTestCase +from oeqa.utils.commands import bitbake, get_bb_vars + +class ShadowUtilsTidyFiles(OESelftestTestCase): + """ + Check if shadow image rootfs files are tidy. + + The tests are focused on testing the functionality provided by the + 'tidy_shadowutils_files' rootfs postprocess command (via + SORT_PASSWD_POSTPROCESS_COMMAND). + """ + + def sysconf_build(self): + """ + Verify if shadow tidy files tests are to be run and if yes, build a + test image and return its sysconf rootfs path. + """ + + test_image = "core-image-minimal" + + config = 'IMAGE_CLASSES += "extrausers"\n' + config += 'EXTRA_USERS_PARAMS = "groupadd -g 1000 oeqatester; "\n' + config += 'EXTRA_USERS_PARAMS += "useradd -p \'\' -u 1000 -N -g 1000 oeqatester; "\n' + self.write_config(config) + + vars = get_bb_vars(("IMAGE_ROOTFS", "SORT_PASSWD_POSTPROCESS_COMMAND", "sysconfdir"), + test_image) + passwd_postprocess_cmd = vars["SORT_PASSWD_POSTPROCESS_COMMAND"] + self.assertIsNotNone(passwd_postprocess_cmd) + if (passwd_postprocess_cmd.strip() != 'tidy_shadowutils_files;'): + raise unittest.SkipTest("Testcase skipped as 'tidy_shadowutils_files' " + "rootfs post process command is not the set SORT_PASSWD_POSTPROCESS_COMMAND.") + + rootfs = vars["IMAGE_ROOTFS"] + self.assertIsNotNone(rootfs) + sysconfdir = vars["sysconfdir"] + bitbake(test_image) + self.assertIsNotNone(sysconfdir) + + return oe.path.join(rootfs, sysconfdir) + + def test_shadowutils_backup_files(self): + """ + Test that the rootfs doesn't include any known shadow backup files. + """ + + backup_files = ( + 'group-', + 'gshadow-', + 'passwd-', + 'shadow-', + 'subgid-', + 'subuid-', + ) + + rootfs_sysconfdir = self.sysconf_build() + found = [] + for backup_file in backup_files: + backup_filepath = oe.path.join(rootfs_sysconfdir, backup_file) + if os.path.exists(backup_filepath): + found.append(backup_file) + if (found): + raise Exception('The following shadow backup files were found in ' + 'the rootfs: %s' % found) + + def test_shadowutils_sorted_files(self): + """ + Test that the 'passwd' and the 'group' shadow utils files are ordered + by ID. + """ + + files = ( + 'passwd', + 'group', + ) + + rootfs_sysconfdir = self.sysconf_build() + unsorted = [] + for file in files: + filepath = oe.path.join(rootfs_sysconfdir, file) + with open(filepath, 'rb') as f: + ids = [] + lines = f.readlines() + for line in lines: + entries = line.split(b':') + ids.append(int(entries[2])) + if (ids != sorted(ids)): + unsorted.append(file) + if (unsorted): + raise Exception("The following files were not sorted by ID as expected: %s" % unsorted) From patchwork Tue Aug 23 23:56:23 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Gherzan X-Patchwork-Id: 11798 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C75E6C38142 for ; Tue, 23 Aug 2022 23:56:58 +0000 (UTC) Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) by mx.groups.io with SMTP id smtpd.web08.5300.1661299018066797080 for ; Tue, 23 Aug 2022 16:56:58 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@gherzan.com header.s=fm2 header.b=2Wq2544C; spf=pass (domain: gherzan.com, ip: 64.147.123.25, mailfrom: andrei@gherzan.com) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.west.internal (Postfix) with ESMTP id 51E97320070D; Tue, 23 Aug 2022 19:56:57 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Tue, 23 Aug 2022 19:56:57 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gherzan.com; h= cc:cc:content-transfer-encoding:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to; s=fm2; t=1661299016; x=1661385416; bh=LX /HHis1Ql/H+1uIFRpsrwGd56v3TrBKxj7khlwbzQk=; b=2Wq2544CkitOoxLTmh BhtXchgUm3lQT9PTss0HCsxFfhIDml7ifvsrpk77/so9/keDvqVX6nG8WYPr1dQa 9tFe7X7uL/+0wb9IPpVGjv/p+zO13YAioQhCp8+Z0S1RfLGB7SElfnO1wxFo/LF5 hAO5Sb3imuwCpoyca6OmKav6Q9WsL9zAEEsupJ+6Nek44RMmWv+Let9b2S5WnAJD 74Wt3hgnEoPupgGc90Zz/M/TJJCd0Eeg8YtObP8RzOEcQveyd5iMkEl3ZvgRov7L FE/6WyQ2CP63UJBHarXfqMfq55a8oce34dNJL4q72MaEJKwKbaEq+tfRQZMus+yq onJw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; t=1661299016; x=1661385416; bh=LX/HHis1Ql/H+ 1uIFRpsrwGd56v3TrBKxj7khlwbzQk=; b=lf5AvkQ7Pwuxb9FwYuvM1Bn79FT6v XmQuktkK9tFqFXpB0HUnOPqxPaIL2DJfo/ADLHn9oaHgtCrFaDYve9yj8aEc1pQ0 842kU8qlAVNMJCe3r44u5w9POx2/C03PNrMOdhIxt+eBHHeuXtIcn26bQWwER41K gr5THp30gtXACKyZoQOytgUQ40jjPAt1Aacu5mmUnbkd+s0qf+zwn6sc7yQkno5c kGX3anaX+ewEpM5ZUdu6NCD06/y2D56AL+WeuBdZ27V/WJtIKNgrXm6ZiSmwkKMt rH+ZJeeX/Bub+bDTN/7BBaZnqjwurstOxCJpLJ59RnRMZ+GVpdyguisbw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrvdejtddgvdelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvfevufffkffojghfggfgsedtke ertdertddtnecuhfhrohhmpeetnhgurhgvihcuifhhvghriigrnhcuoegrnhgurhgvihes ghhhvghriigrnhdrtghomheqnecuggftrfgrthhtvghrnhepjefhvefhgefgffejgeelke ejleeiffejgffgkeeggfffgfffieeffeeghefhtdffnecuvehluhhsthgvrhfuihiivgep tdenucfrrghrrghmpehmrghilhhfrhhomheprghnughrvghisehghhgvrhiirghnrdgtoh hm X-ME-Proxy: Feedback-ID: i68994715:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 23 Aug 2022 19:56:56 -0400 (EDT) From: Andrei Gherzan To: openembedded-core@lists.openembedded.org Cc: andrei@gherzan.com, Andrei Gherzan Subject: [PATCH 5/6] rootfs-postcommands.bbclass: Follow function rename in rootfspostcommands.py Date: Wed, 24 Aug 2022 01:56:23 +0200 Message-Id: <20220823235624.2488133-5-andrei@gherzan.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220823235624.2488133-3-andrei@gherzan.com> References: <20220823235624.2488133-3-andrei@gherzan.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 23 Aug 2022 23:56:58 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/169766 From: Andrei Gherzan 'shadow_sort' was renamed to 'tidy_shadowutils_files' in rootfspostcommands.py so we reflect this in SORT_PASSWD_POSTPROCESS_COMMAND. This also creates a deprecation function for 'shadow_sort'. Signed-off-by: Andrei Gherzan --- meta/classes-recipe/rootfs-postcommands.bbclass | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/meta/classes-recipe/rootfs-postcommands.bbclass b/meta/classes-recipe/rootfs-postcommands.bbclass index bf1e992bb2..215e38e33d 100644 --- a/meta/classes-recipe/rootfs-postcommands.bbclass +++ b/meta/classes-recipe/rootfs-postcommands.bbclass @@ -63,7 +63,7 @@ inherit image-artifact-names # systemd_sysusers_create and set_user_group. Using :append is not # enough for that, set_user_group is added that way and would end # up running after us. -SORT_PASSWD_POSTPROCESS_COMMAND ??= " sort_passwd; " +SORT_PASSWD_POSTPROCESS_COMMAND ??= " tidy_shadowutils_files; " python () { d.appendVar('ROOTFS_POSTPROCESS_COMMAND', '${SORT_PASSWD_POSTPROCESS_COMMAND}') d.appendVar('ROOTFS_POSTPROCESS_COMMAND', 'rootfs_reproducible;') @@ -221,9 +221,20 @@ serial_autologin_root () { fi } +python tidy_shadowutils_files () { + import rootfspostcommands + rootfspostcommands.tidy_shadowutils_files(d.expand('${IMAGE_ROOTFS}${sysconfdir}')) +} + python sort_passwd () { + """ + Deprecated in the favour of tidy_shadowutils_files. + """ import rootfspostcommands - rootfspostcommands.sort_passwd(d.expand('${IMAGE_ROOTFS}${sysconfdir}')) + bb.warn('[sort_passwd] You are using a deprecated function for ' + 'SORT_PASSWD_POSTPROCESS_COMMAND. The default one is now called ' + '"tidy_shadowutils_files".') + rootfspostcommands.tidy_shadowutils_files(d.expand('${IMAGE_ROOTFS}${sysconfdir}')) } # From patchwork Tue Aug 23 23:56:24 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Gherzan X-Patchwork-Id: 11800 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C40C8C32793 for ; Tue, 23 Aug 2022 23:57:18 +0000 (UTC) Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) by mx.groups.io with SMTP id smtpd.web08.5305.1661299029674188281 for ; Tue, 23 Aug 2022 16:57:09 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@gherzan.com header.s=fm2 header.b=cY85avL1; spf=pass (domain: gherzan.com, ip: 64.147.123.25, mailfrom: andrei@gherzan.com) Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.west.internal (Postfix) with ESMTP id E5C2E320029B; Tue, 23 Aug 2022 19:57:08 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute1.internal (MEProxy); Tue, 23 Aug 2022 19:57:09 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gherzan.com; h= cc:cc:content-transfer-encoding:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to; s=fm2; t=1661299027; x=1661385427; bh=s3 NWa9woqGqMMxcR1tZLTaU1tMi02jNcJ/Cs2srCVtI=; b=cY85avL1IOoTqvwj/B lj18zrkrg2IBEmbq8xF185TiLlroq4oT8T2335Ggir2bfIy0rACBe/i6PL4kdqwh SSmPiDRisGjLe6AbiWlq3oj8ziT3aThwMakV6OCaBfzs9vS74XcSsFtzmWKVnh3b TtGe1KvVJ9nY0PRHoTuGfGP7jzDEOGSxm80gMvFZz3qljOTL4i/w4l0Iww6taUGL o9tp3ZKhpaILlKa0X7ny+T0I7bNOBHNgp+cbE/+/sdyC1GzWIGY2girPCKPZ15+u d0ynRnQq/IDelZXFL1o07vgGPOHAKMtSZfrDejYu7fEvraaVvhGJpMCphELpXHWo KqXw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; t=1661299027; x=1661385427; bh=s3NWa9woqGqMM xcR1tZLTaU1tMi02jNcJ/Cs2srCVtI=; b=Acx66ONpYKGrGaOzdKG3LM3d0haZD oOfqVsi/8s7UvvsDEJEHiaW0c2/Sn46104DXPixJVPZyQe/0SieWlgnzgODgl4F1 ZlZCYPDvxpzNf6EoiNOcXdaTyFfvdSdNURsvHveT2HutxuVJxUs0XNznRLOAWjHF oAXlp9rWIFjX2JPBzPPCm9g6vPmxKk+oeecpKagB6Gg8sl82Lfc4lvTdyTvQSbwY YiQu3FmuGmcwTnrsGnYukjXX/FdRzFEWkQnHWsAu0tXvJ/L5V1km7lv717+0Rhd4 hOOj8El56JWepbWSaT6M5PwYagL591qKoFdL9H4sneYyPI7ZiQwLFYw6w== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrvdejtddgvdelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvfevufffkffojghfggfgsedtke ertdertddtnecuhfhrohhmpeetnhgurhgvihcuifhhvghriigrnhcuoegrnhgurhgvihes ghhhvghriigrnhdrtghomheqnecuggftrfgrthhtvghrnhepjefhvefhgefgffejgeelke ejleeiffejgffgkeeggfffgfffieeffeeghefhtdffnecuvehluhhsthgvrhfuihiivgep tdenucfrrghrrghmpehmrghilhhfrhhomheprghnughrvghisehghhgvrhiirghnrdgtoh hm X-ME-Proxy: Feedback-ID: i68994715:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 23 Aug 2022 19:57:06 -0400 (EDT) From: Andrei Gherzan To: openembedded-core@lists.openembedded.org Cc: andrei@gherzan.com, Andrei Gherzan Subject: [PATCH 6/6] shadow: Avoid nss warning/error with musl Date: Wed, 24 Aug 2022 01:56:24 +0200 Message-Id: <20220823235624.2488133-6-andrei@gherzan.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220823235624.2488133-3-andrei@gherzan.com> References: <20220823235624.2488133-3-andrei@gherzan.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 23 Aug 2022 23:57:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/169767 From: Andrei Gherzan The libnss configuration file is only installed when glibc is used. The inexistence of it on a musl-based rootfs, will make shadow complain about it: Failed opening /etc/nsswitch.conf This is because shadow will try to use nsswich when dealing with subordinate IDs and the message is just a warning as the tool will still generate them correctly in subuid/subgid files. We drop this log message for class native to avoid an error when rootfs logs are checked ('Failed' will match the regex bitbake is using to check for rootfs generation errors). Signed-off-by: Andrei Gherzan --- ...f-message-when-not-in-place-eg.-musl.patch | 27 +++++++++++++++++++ meta/recipes-extended/shadow/shadow.inc | 2 ++ 2 files changed, 29 insertions(+) create mode 100644 meta/recipes-extended/shadow/files/0001-Drop-nsswitch.conf-message-when-not-in-place-eg.-musl.patch diff --git a/meta/recipes-extended/shadow/files/0001-Drop-nsswitch.conf-message-when-not-in-place-eg.-musl.patch b/meta/recipes-extended/shadow/files/0001-Drop-nsswitch.conf-message-when-not-in-place-eg.-musl.patch new file mode 100644 index 0000000000..aeb89ff6a0 --- /dev/null +++ b/meta/recipes-extended/shadow/files/0001-Drop-nsswitch.conf-message-when-not-in-place-eg.-musl.patch @@ -0,0 +1,27 @@ +From 11290e897a49adddee215833944a518443d9b0d6 Mon Sep 17 00:00:00 2001 +From: Andrei Gherzan +Date: Wed, 24 Aug 2022 00:54:47 +0200 +Subject: [PATCH] Drop nsswitch.conf message when not in place - eg. musl + +Upstream-Status: Inappropriate [OE specific] +Signed-off-by: Andrei Gherzan +--- + lib/nss.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/nss.c b/lib/nss.c +index 06fa48e..44245da 100644 +--- a/lib/nss.c ++++ b/lib/nss.c +@@ -59,7 +59,7 @@ void nss_init(const char *nsswitch_path) { + // subid: files + nssfp = fopen(nsswitch_path, "r"); + if (!nssfp) { +- fprintf(shadow_logfd, "Failed opening %s: %m\n", nsswitch_path); ++ //fprintf(shadow_logfd, "Failed opening %s: %m\n", nsswitch_path); + atomic_store(&nss_init_completed, true); + return; + } +-- +2.25.1 + diff --git a/meta/recipes-extended/shadow/shadow.inc b/meta/recipes-extended/shadow/shadow.inc index b2f82e9ac7..414bf467ba 100644 --- a/meta/recipes-extended/shadow/shadow.inc +++ b/meta/recipes-extended/shadow/shadow.inc @@ -25,12 +25,14 @@ SRC_URI:append:class-target = " \ SRC_URI:append:class-native = " \ file://0001-Disable-use-of-syslog-for-sysroot.patch \ file://commonio.c-fix-unexpected-open-failure-in-chroot-env.patch \ + file://0001-Drop-nsswitch.conf-message-when-not-in-place-eg.-musl.patch \ " SRC_URI:append:class-nativesdk = " \ file://0001-Disable-use-of-syslog-for-sysroot.patch \ " SRC_URI[sha256sum] = "9fdb73b5d2b44e8ba9fcee1b4493ac75dd5040bda35b9ac8b06570cd192e7ee3" + # Additional Policy files for PAM PAM_SRC_URI = "file://pam.d/chfn \ file://pam.d/chpasswd \