From patchwork Thu May 12 04:04:32 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Quirin Gylstorff X-Patchwork-Id: 1797 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3) with LMTPA; Thu, 12 May 2022 14:04:42 +0200 X-Sieve: CMU Sieve 2.4 Received: from mail-wr1-f60.google.com (mail-wr1-f60.google.com [209.85.221.60]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8) with ESMTPS id 24CC4gb1018011 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Thu, 12 May 2022 14:04:42 +0200 Received: by mail-wr1-f60.google.com with SMTP id o11-20020adfca0b000000b0020adc114131sf1987305wrh.8 for ; Thu, 12 May 2022 05:04:42 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1652357077; cv=pass; d=google.com; s=arc-20160816; b=j22EaZ3r6FVGWbfvStDhFGdMbhY0IRcMSunFGKv76nmMIWYjGsvTLK0JrUnV4gDfQs OxN8M0MVVH2YSPz+RBDBQTL9SXyD2WB+Fw7RmRuKDxH8ctFVBGuNAiZL5qb4XcJXrNNa L7iN/lcR5ELrGQFH7BeaSb1i7ouOGJwm8hE3ui5JwQt4Jhjo7seDwjLV4G45XiEIP/Ak WKq8Giw0lcZ8r4xgJIMr+EicBfymstNSvM5jK/Vmq2lbiVOTdGmni49wX5UojV7zMRam i9Z7+Wc3DgDJ/kIOT099yiUXZLa7FCQElYfpZkkJsndxADwNAS6/qyRreyJwYv+ZtxAj teaQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:feedback-id:mime-version:references :in-reply-to:message-id:date:subject:to:from:sender:dkim-signature; bh=l8vaNvJJUcIeClN8p7fQ6VHZUjcL+hxUpJRRMZxeRYo=; b=N9yQoT0WZpapsaLvvVMZqcy5e1TTVZ7kYaWBYx4tDbOarFG7rtUIn5En4l3v/bCHVG iCWIBofcUhaPxBmdjo4Q1e0Q9LvzxwdkN/1SzNr7vi25cpsJcTm+Wm85DI53CZKa0tL7 i8pEi/7vJ5pMdSi+tJ2qp4kuNducd6TezPPvFNdmjiivZN7CtFA2atb36c5CbV9uLIYs f+82KyhAHQjT5fHOnZ4SJ61jsHEFXDTgtNmMgRimWk/UYNwGKiRy6K0eErrXwC8s9XyP pWv33D5epYied2BFGC483eH1wdmBNqcIsK0ArZcwVS6nFuz4w6jp10fGVE64ge7CcuDO k9xA== ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=K8N9apDZ; spf=pass (google.com: domain of fm-51332-20220512120435e4bff55ce5190ceab6-exsk0h@rts-flowmailer.siemens.com designates 185.136.65.227 as permitted sender) smtp.mailfrom=fm-51332-20220512120435e4bff55ce5190ceab6-EXSk0h@rts-flowmailer.siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20210112; h=sender:from:to:subject:date:message-id:in-reply-to:references :mime-version:feedback-id:x-original-sender :x-original-authentication-results:precedence:mailing-list:list-id :list-post:list-help:list-archive:list-subscribe:list-unsubscribe; bh=l8vaNvJJUcIeClN8p7fQ6VHZUjcL+hxUpJRRMZxeRYo=; b=lcb4QvTVCQ5rX2ehI3NRzCZ8Q6vKeLarEcqhtDUNMfFxGGi75uZId8VqtyOcX9bE+Y H6Y69VUovOsNxYfDZKb4YRHW5GaqGHvkJQ34Mz5weuUv7nnjkqbdEzXLtHRHuU/hJ261 vQRp1HGQ51yKuOy3VqTudrg4JZJEX2JyKgTdvcwCV+d3nP7tWRT/AAK9aWlEHrEYSlyY HzSj4+ZGmHm9pwzIoxlhykiqBZZnmPiU5x45xZT4hApJyZUNh76Xr/QQ8P6qYEf8kohi KGUxTpW2P5Qgv5eJ2qDTyCp+7HdUFgqCxiOlwizyZKOAxrb/BdYHeRYNoCYVWOF5Zc2H OPQA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=sender:x-gm-message-state:from:to:subject:date:message-id :in-reply-to:references:mime-version:feedback-id:x-original-sender :x-original-authentication-results:precedence:mailing-list:list-id :x-spam-checked-in-group:list-post:list-help:list-archive :list-subscribe:list-unsubscribe; bh=l8vaNvJJUcIeClN8p7fQ6VHZUjcL+hxUpJRRMZxeRYo=; b=NiYaQ8B647A1M/FLuR5Uto94zOiEleBS0eqaqbIqMVxId/DVIouUXPgWA7oiGeMMqe YCt5aT16I3jEjnr2DSiSGiGbHL7NZAiyVwa81ZMMP667ArcB1vRgv8AM1gy6CC4N3DrV 0W9z2KjArZlfOWZyZq7TaGSprj6OuWaEXfxOMjM9BOOo9GTQ4LKFye5Bzv5v6Ciutztv VbIshfdeodZoE34ZufiN7y3B7RnJ4wYSSNDFrMHr4vQISC1T44TfUt9mTQHgFKfSEWTt O/4de9aP6Tny3EUtCW4IfyM+Lm/yMbnNHza+M6BuCM/Rojk51oceLUQ8QrRkCF1kfdvq 0cWw== Sender: isar-users@googlegroups.com X-Gm-Message-State: AOAM530J0sBQDAASAr18BV+d78ZvF+VJZ1Xf6rtI4QNWlp8B+HhZ1yGm rHPecnByyVREklTEp8uk+b4= X-Google-Smtp-Source: ABdhPJyWb3MdRs97UudXY0TQE0t1WN08hSWlTymAEZ8HV6Kjyv3T9zZmzSONBez9k6EaQpPo0x+9sQ== X-Received: by 2002:a5d:680a:0:b0:20a:e5ed:9b5e with SMTP id w10-20020a5d680a000000b0020ae5ed9b5emr26718613wru.110.1652357076817; Thu, 12 May 2022 05:04:36 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a05:600c:500d:b0:394:77fc:d6b8 with SMTP id n13-20020a05600c500d00b0039477fcd6b8ls4410845wmr.1.canary-gmail; Thu, 12 May 2022 05:04:35 -0700 (PDT) X-Received: by 2002:a05:600c:2205:b0:394:193a:80ed with SMTP id z5-20020a05600c220500b00394193a80edmr9778903wml.191.1652357075835; Thu, 12 May 2022 05:04:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1652357075; cv=none; d=google.com; s=arc-20160816; b=IPzv7Y7gMcyVfRmK3YETnePznHrvjmCLHqQH0qw1hYz4hVa8u+R548RVzzdxd4nkXB CJW+3PzKQpiBySPJlWFS5d4ijc02q59KTdNEiN5sjRjeH1DLBAQ2ZbrGgSXHZiWZwHW+ knY4KvBDtl9xUBvmVPLK3q2XeJMM+7Y+90e+in4hZNIOzpQwJYLVb7gSGhl5v+D90b63 PjlrX/zzROod7p/Cw8FtKPgiuhEsxQFIqSymkO/GY0p0lZWdIsl4FgMBgwnEKwFUGod/ 6MfLgFuL7V5BugUzK73ak819SH3vMIM/sjtjkio5uynj6x3XAKOlO2ZfzS8ysTqW0+GM cWaA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=feedback-id:content-transfer-encoding:mime-version:references :in-reply-to:message-id:date:subject:to:from:dkim-signature; bh=/td/+LuWDfwvHjl8D/+KbqBY+3sK2wU9yqwcvPZmdKc=; b=M7W0WDBVPdaBo/TvMcIA3upEyPwEwaBJW7h1kY+87rFp63oLzQ9sLceP8+iWpjzbV6 0LtIQLl0jfJ7wq6Ni7WaFxUXB0ietyiu+pCYVd1YECp6pJKhaSZmwdwHKOzho1RwfRzw Si+u0d+e0um8uIpo3tXW7HPKmNgX8efoIzk4h57DaTl1P/stCdqmNrkCgZpyWtNOMA2q gLVBsZSlw0R+iDae0v2gx587XvIffu402ojSxQ06riHV1Mf165dSvqDqiZt7rtkXoE1Z N7S44+G9zq696QsIHHJKy3/AS60FzKsFVowdkyu52ptJhmMz4Rm4nYRUA/KJLkVtGfu6 crkQ== ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=K8N9apDZ; spf=pass (google.com: domain of fm-51332-20220512120435e4bff55ce5190ceab6-exsk0h@rts-flowmailer.siemens.com designates 185.136.65.227 as permitted sender) smtp.mailfrom=fm-51332-20220512120435e4bff55ce5190ceab6-EXSk0h@rts-flowmailer.siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Received: from mta-65-227.siemens.flowmailer.net (mta-65-227.siemens.flowmailer.net. [185.136.65.227]) by gmr-mx.google.com with ESMTPS id h16-20020adffd50000000b0020c6d76cc7fsi212877wrs.7.2022.05.12.05.04.35 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 12 May 2022 05:04:35 -0700 (PDT) Received-SPF: pass (google.com: domain of fm-51332-20220512120435e4bff55ce5190ceab6-exsk0h@rts-flowmailer.siemens.com designates 185.136.65.227 as permitted sender) client-ip=185.136.65.227; Received: by mta-65-227.siemens.flowmailer.net with ESMTPSA id 20220512120435e4bff55ce5190ceab6 for ; Thu, 12 May 2022 14:04:35 +0200 From: Quirin Gylstorff To: jan.kiszka@siemens.com, isar-users@googlegroups.com, henning.schild@siemens.com Subject: [PATCH v2 1/2] classes/image-account-extension:Move account configuration to post-process Date: Thu, 12 May 2022 14:04:32 +0200 Message-Id: <20220512120433.695303-2-Quirin.Gylstorff@siemens.com> In-Reply-To: <20220512120433.695303-1-Quirin.Gylstorff@siemens.com> References: <20220512120433.695303-1-Quirin.Gylstorff@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-51332:519-21489:flowmailer X-Original-Sender: quirin.gylstorff@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=K8N9apDZ; spf=pass (google.com: domain of fm-51332-20220512120435e4bff55ce5190ceab6-exsk0h@rts-flowmailer.siemens.com designates 185.136.65.227 as permitted sender) smtp.mailfrom=fm-51332-20220512120435e4bff55ce5190ceab6-EXSk0h@rts-flowmailer.siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_MED, DKIM_SIGNED, DKIM_VALID,DKIM_VALID_EF,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H2,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: INBOX From: Quirin Gylstorff If the root account is deactivate during rootfs configuration , e.g. by setting 'USER_root[expire]="01-01-1970"', the following error occurs if a packages tries to create/modifies a user account. ``` Setting up systemd (247.3-7) ... Created symlink /etc/systemd/system/getty.target.wants/getty@tty1.service -> /lib/systemd/system/getty@.service. Created symlink /etc/systemd/system/multi-user.target.wants/remote-fs.target -> /lib/systemd/system/remote-fs.target. Created symlink /etc/systemd/system/sysinit.target.wants/systemd-pstore.service -> /lib/systemd/system/systemd-pstore.service. Initializing machine ID from random generator. Your account has expired; please contact your system administrator. chfn: PAM: Authentication failure adduser: `/bin/chfn -f systemd Network Management systemd-network' returned error code 1. Exiting. dpkg: error processing package systemd (--configure): installed systemd package post-installation script subprocess returned error exit status 1 Setting up dmsetup (2:1.02.175-2.1) ... Errors were encountered while processing: systemd E: Sub-process /usr/bin/dpkg returned an error code (1) WARNING: exit code 100 from a shell command. ``` This move also allows /etc/skel modification to be applicable to all users. Signed-off-by: Quirin Gylstorff --- RECIPE-API-CHANGELOG.md | 6 ++++++ meta/classes/image-account-extension.bbclass | 3 +-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/RECIPE-API-CHANGELOG.md b/RECIPE-API-CHANGELOG.md index 5913dd27..8996e1b6 100644 --- a/RECIPE-API-CHANGELOG.md +++ b/RECIPE-API-CHANGELOG.md @@ -349,3 +349,9 @@ For a list of well-known Debian build profiles and common practices, we refer to It was replaced by WIC and no more needed. Machines that use `rpi-sdimg` image type should be modified to use `wic` type with `rpi-sdimg` wks file instead. + +### Handling of variables USERS and GROUPS is moved to image post processing + +The user and groups defined by the variables `USERS` and `GROUPS` +was moved from image configuration to image post processing. The users and +groups are now created after all packages are installed. diff --git a/meta/classes/image-account-extension.bbclass b/meta/classes/image-account-extension.bbclass index c9bebe85..caa962a0 100644 --- a/meta/classes/image-account-extension.bbclass +++ b/meta/classes/image-account-extension.bbclass @@ -58,8 +58,7 @@ IMAGE_ACCOUNTS_GROUPS =+ "${@gen_accounts_array(d, 'GROUPS', 'GROUP', ['gid', 'f do_rootfs_install[vardeps] += "${IMAGE_ACCOUNTS_GROUPS} ${IMAGE_ACCOUNTS_USERS}" -ROOTFS_CONFIGURE_COMMAND += "image_configure_accounts" -image_configure_accounts[weight] = "3" +ROOTFS_POSTPROCESS_COMMAND += "image_configure_accounts" image_configure_accounts() { # Create groups # Add space to the end of the list: