From patchwork Wed Jan 25 09:01:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tobias Schaffner X-Patchwork-Id: 2529 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Wed, 25 Jan 2023 10:02:25 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-wm1-f63.google.com (mail-wm1-f63.google.com [209.85.128.63]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 30P92P0L026020 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Jan 2023 10:02:25 +0100 Received: by mail-wm1-f63.google.com with SMTP id az37-20020a05600c602500b003da50af44b3sf10632883wmb.1; Wed, 25 Jan 2023 01:02:25 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1674637340; cv=pass; d=google.com; s=arc-20160816; b=uijK8L4k4NObp2+kgN33HqqruTD51d5hsQmbgL2pGwhDgaKjsuTKwtrDxRc+aQr1EI fK5v78K2m5AYFmsjYr5zOVanszue/wzsrbTdVzG5oFipv5djx8g5gIbFsvt8sD+DPIQc 7ZyZBEzUrq/XrDXdgkImJe4FDwey25qzu1Y7HlozNfNbg5GOYg0Q+2cbLjb4zJGQ7hhu fcaUzvT7TEpKHGclUvEE4Y4n7aTDg5LMD83G8if+FCK3FWq1n3WaP6oDWq5UfIOj+0L/ /rU/bURia9/hfxv8bipEr/i/rupIFEUm69LETNlidHBQIBfOYqqAnRDF1Ds9o6ROx0Am 6SGA== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:dkim-signature; bh=CRImrNZbMNZ1/X5xiPsJPw5cYmTui2fKHU4CO4ie2hM=; b=XaUgONeHVZEvj+I2UmPZjNf/HztPFC6TxdScVcuUBXVvmDS053DY+wnkM/OU4dcjuc 8pgZTsl3nlx/IS/ZYy0+HIhlWcR+yQLpxKGj1Y1AysUJ6c3qXW9wfICZ0M0S94O3gIGX Y4ROLSTqMzxPxS4FbLzqmBXmMwJv4I37+kq0o9/F8JL/XxtbbopDxUYKlMYGngMuvtFe j5cBiqhC2DGlQ0GeQrQOoodfBvWTx54sUjzFeSy6Mb/reK1Vz6DqRGs+X1xWCo/nBzqi QYU3UrKMwy7OKEGFl6ibcWU3bJ7mj0f3T9pHhGUZHmcJ8AtHZBapCKLRaDYf32AWs8HF XbRQ== ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=jtZbyZ1h; arc=pass (i=1 spf=pass spfdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of tobias.schaffner@siemens.com designates 40.107.105.53 as permitted sender) smtp.mailfrom=tobias.schaffner@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20210112; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:mime-version:references:in-reply-to:message-id :date:subject:cc:to:from:sender:from:to:cc:subject:date:message-id :reply-to; bh=CRImrNZbMNZ1/X5xiPsJPw5cYmTui2fKHU4CO4ie2hM=; b=jFi0+MiAdw5yTLigjeYx3EFvBM2mSqs3DIyPPByJEHwBunPrgbyWrQ5zsxrLLwTAnG Aw+xyTPXO1M8GTCc3De3TBLFAlDB8bV8g7KL4CwDDXNf9qGF5dwODKIzQ2YnooPYkYg1 7vKycnAVlaGB7oZGrVsGpiHt9o/l9nRfpacHZr7kUJU5ddeR7HJKlLKJ2Vo8Zxpp5wM8 OOOV4SIwCq3PBTl26CAwcjczZ5HUolhlie6lP3wkb1Mm/KfKRYBYXKXLCdVEEv9Loud+ Qapb9028I4U8afqMftb632FRAh+Ok0R3z7aKvCHnZAu1E15YRWcMD1/ltX3gkl2uSlyI 4m0Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-gm-message-state:sender:from:to:cc:subject:date:message-id :reply-to; bh=CRImrNZbMNZ1/X5xiPsJPw5cYmTui2fKHU4CO4ie2hM=; b=oZC4+U0HELoqxiz9mBcTDzy3XCbFiqijHL7d/SNKv4EZG3By/UQ4c8wyYC3+mBE/0X EG1DGQsYcN4e3erxR/PDOP3wjuLagds3BGfYUkqlrgcmrOCIcQLnpXZC6ns1H6Ph+Dhy XJxERlCYxDfiRwmFv1vLL4/Vv7duQ1L/vO33E9LIfVeQEZzaBKeZBD1mhedZ9AbfqZB0 clLP0C7O2kYzjhiyrO0w2XokF/uTeC8VNrPDVYplNuzLi2f+7L/u/9ZWhkpezYprwfD9 nRpstcTVlJr1VARliXGj6o5/G5E5Zm8t7m6d6TlCdCOsutiTt45jC4nQNWomsk7Nph8U 9yXQ== Sender: isar-users@googlegroups.com X-Gm-Message-State: AFqh2kp74ptF9lg+5EoGSCqdsRaiuFjeKwynnjYyWmCNoSvqWycQ3Ny4 hQEMtmIM+eVjHTiTjoJpSm0= X-Google-Smtp-Source: AMrXdXuEdPjmyWJU71fsE+Yn7jN9JGThXI2QgKi9tx5YQ+lZNHO00w933y2Sb2143RlM/4jnVzGZ2g== X-Received: by 2002:a05:600c:41ca:b0:3d0:4993:d45e with SMTP id t10-20020a05600c41ca00b003d04993d45emr2372958wmh.13.1674637340090; Wed, 25 Jan 2023 01:02:20 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:adf:cd91:0:b0:2bf:adc3:9107 with SMTP id q17-20020adfcd91000000b002bfadc39107ls490236wrj.0.-pod-prod-gmail; Wed, 25 Jan 2023 01:02:19 -0800 (PST) X-Received: by 2002:a5d:62c7:0:b0:2bb:dbde:bde4 with SMTP id o7-20020a5d62c7000000b002bbdbdebde4mr25736785wrv.30.1674637338853; Wed, 25 Jan 2023 01:02:18 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1674637338; cv=pass; d=google.com; s=arc-20160816; b=q/aEjz9mzMnd6+jX1I5bwlSJJ3KCWrCZzr2eeZgHF2YwXxuTDAloRJU2nqf4LqVqE4 gO0ECiqrWAR8ii9dzmzGLuK14riDVk+ZP64NSEgsrkpNkMA7DUOcc9TEOkNf/l9FvAAv tImYn6TA9mFd77UyRvnrtVWbAickLsCIZTmJjzDjIEOiw4GWPMALZHBTIcRQCF1nQv27 6hZQpw3ni0Btz7MwFbYfDx8krS+Sni4bqJjMPk5mzFATj7SF9dgz8mGVLPAtNRm53u4i L/6LwyFEHGQ6CMDQQAkgplx/CkkdWW3t8ywo/WBDVnR87AkVR7XHVPpS2P2UuA0rgWhG j/mg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=v0aK+kwWzb+Q08Sib8G83Oemtt9h4qw+hu9c1WX31+E=; b=pz7X2YHthlSU6ah+GZIZiMXcZZDRrJ1SlcQPJ1BU0PtozsjsWzabrCCBQJgTBoV22M QWQTRkdBLfjCM72MlYhpaE/fLmTA5tKS3TduaOEVsSlG6ZR7r3OuhNuoXbekMRTgjDIm znxQNxlTnTGGjJEnSpanXA1bP/3VSP98rJzgTmX/bcF1d4qFNnvjvT2jsdFpIXQqVvaO Soz9/yKKxNtH/ou3Zppx9DJSqguI8lIkeP1zLzV8z7it+Ak3IlrbOJQUITTywRBVnAj7 S5iC9xc00g4u/zkesbcfHy+8FqiLZwuqJLb0E1b1TexAlCo72qkmG3govfjM38cR5gp6 vZ7g== ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=jtZbyZ1h; arc=pass (i=1 spf=pass spfdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of tobias.schaffner@siemens.com designates 40.107.105.53 as permitted sender) smtp.mailfrom=tobias.schaffner@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Received: from EUR03-AM7-obe.outbound.protection.outlook.com (mail-am7eur03on2053.outbound.protection.outlook.com. [40.107.105.53]) by gmr-mx.google.com with ESMTPS id bn18-20020a056000061200b002bf9650b759si206122wrb.2.2023.01.25.01.02.18 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 25 Jan 2023 01:02:18 -0800 (PST) Received-SPF: pass (google.com: domain of tobias.schaffner@siemens.com designates 40.107.105.53 as permitted sender) client-ip=40.107.105.53; ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=HWIHNtPCm59Ti1+6ASL8hC90emovYvVkKzAGAwp1ks6kA0aR+hHMQS2qy4Z3WPfyQvaBemKYIFaz+81IeRgF+Hr8+Psxomxb4SytYqtvvg9YIzVfRNoS07WLlbaxJigp25z8nQiMJJ/4NsTdgvATdwSizigG280HbRZI6C93HHFhLxicoXO0eHX1r4f74sqz/KtaUyEDNBbP1cl/dnjps0EFm0jw74c6kGdUksTIfpkxHAYc/o1fypS5fuWeJPo/Ror5aodYTUZaxuBPvb3/K2qXh2tw6oqg95asIHFV3qywo0co3GOJSfJkXTOqR/maQBCcxql7P5yD68KJh7faQw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=v0aK+kwWzb+Q08Sib8G83Oemtt9h4qw+hu9c1WX31+E=; b=kWzxJMRXW+i8D0tB2bc8DzLxDggzYTFPn45TteTnMtjcMlR9uwiUmUAjSFcWil+v13uprAgUPuwIpIsx5pxG+rQQ832dfdJ4w+Z2C1zV5wtN/mZVlH44d1ho8JPgBi4APUC7wcJgyLzmxcEj6SXCtz1HR2xgZY1SXVR5fNn8lw6rLbYzbQUjYSORqEyhmt7ajLaynBI3+/XOv0WF4a+s62mieXa6bLwxxAW+eZoBjf6PCCxYITZoqP+Z7F9vKODm3r86IvvAyz7Zc3ucx3hj2B6Ny+bsO5nD+MXzioZsurxZ40f21a/4zrO47K7BdM5zUWkvmCfNkTuxESdLdjaRNg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 194.138.21.75) smtp.rcpttodomain=googlegroups.com smtp.mailfrom=siemens.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=siemens.com; dkim=none (message not signed); arc=none Received: from FR3P281CA0080.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:1f::15) by DU0PR10MB5196.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:348::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6002.33; Wed, 25 Jan 2023 09:02:17 +0000 Received: from VE1EUR01FT056.eop-EUR01.prod.protection.outlook.com (2603:10a6:d10:1f:cafe::38) by FR3P281CA0080.outlook.office365.com (2603:10a6:d10:1f::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6043.17 via Frontend Transport; Wed, 25 Jan 2023 09:02:17 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 194.138.21.75) smtp.mailfrom=siemens.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=siemens.com; Received-SPF: Pass (protection.outlook.com: domain of siemens.com designates 194.138.21.75 as permitted sender) receiver=protection.outlook.com; client-ip=194.138.21.75; helo=hybrid.siemens.com; pr=C Received: from hybrid.siemens.com (194.138.21.75) by VE1EUR01FT056.mail.protection.outlook.com (10.152.3.115) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6043.17 via Frontend Transport; Wed, 25 Jan 2023 09:02:16 +0000 Received: from DEMCHDC8WAA.ad011.siemens.net (139.25.226.104) by DEMCHDC8VRA.ad011.siemens.net (194.138.21.75) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.20; Wed, 25 Jan 2023 10:02:16 +0100 Received: from L15-Gen2.fritz.box (139.21.146.184) by DEMCHDC8WAA.ad011.siemens.net (139.25.226.104) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.20; Wed, 25 Jan 2023 10:02:15 +0100 From: "T. Schaffner" To: CC: , , "Tobias Schaffner" Subject: [PATCH 1/5] simplify image-account-extension Date: Wed, 25 Jan 2023 10:01:52 +0100 Message-ID: <20230125090156.284309-2-tobias.schaffner@siemens.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230125090156.284309-1-tobias.schaffner@siemens.com> References: <20230125090156.284309-1-tobias.schaffner@siemens.com> MIME-Version: 1.0 X-Originating-IP: [139.21.146.184] X-ClientProxiedBy: DEMCHDC8WBA.ad011.siemens.net (139.25.226.105) To DEMCHDC8WAA.ad011.siemens.net (139.25.226.104) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: VE1EUR01FT056:EE_|DU0PR10MB5196:EE_ X-MS-Office365-Filtering-Correlation-Id: a6b3a361-c230-4e17-87be-08dafeb2dbaa X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: l0IHwRWR+WLYoY/K9zz7fJO2h/HKdae5vY8L3WXZgL5WNkmUGHPPB8FtgjBDMzmK+C0FxOc0u9Gb+bXlWd8bExPg3zwD6Vf+PHPaxva5wwgDG7YK4u4llrdCU5QbZExWygU4T+Ttl7vbBY6gKAJYpWC2gJRJdfeU8jqvyfGzcV2Ht87cgysSu52h2zeZcPWXZIvogBwH++OQTgN/uWAY9bfdkagiHyf/nHup4YPv5tvtzmUsrnhb/Rmk078VCsY6Ddc1NsHCOuN7P7VeoypS7bFzhDlfMhj9ZlkbTRPS9FnSJHZCnZn5UgEfRdEll+qWwMGh+SJwOL7tpQvnE66V0BgdX70sk5Y2phSdsOwq7D7gXbY5n8f6RZHW0chi9vSg61tHDLM2Aj1Ii6W05LRQ3MXIqIz7NYnCzrIUS6t5V/zIYnC4qOztcV+I3YVkqM4pyf+fAMXtvajyB7zRP9HA4zjLLMAsti82QgxKg4fdppJlhzyze8z/2VJT3qI3MJ6OmIhTxnwQvbSyK7buvL4uXswiUDvDLxFGEERdvnZT9Q71p96VC8K6TYP7hWkxhjSe8fghEHSQPP2Tp94NyRhbhp+gJvK0Afy0Kwv0LZmkvvU6M2e20BV0UIxMzOu9qICEXH4AgF9J0J19oVAcHDcW+B9vjaaqaWVndAv3TFBFtbKOg1fBA+4tv6RttakfbIwbdF+qU6rsna67OtrkFgAiLtTBeRMbSqvkWc44WCPj+4M= X-Forefront-Antispam-Report: CIP:194.138.21.75;CTRY:DE;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:hybrid.siemens.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(136003)(346002)(396003)(376002)(39860400002)(451199018)(36840700001)(40470700004)(46966006)(30864003)(83380400001)(316002)(2906002)(81166007)(41300700001)(107886003)(6666004)(8936002)(26005)(16526019)(478600001)(356005)(82960400001)(15650500001)(82310400005)(86362001)(82740400003)(186003)(70586007)(40460700003)(8676002)(5660300002)(6916009)(4326008)(36756003)(336012)(70206006)(47076005)(54906003)(40480700001)(36860700001)(956004)(2616005)(1076003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Jan 2023 09:02:16.7335 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: a6b3a361-c230-4e17-87be-08dafeb2dbaa X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=38ae3bcd-9579-4fd4-adda-b42e1495d55a;Ip=[194.138.21.75];Helo=[hybrid.siemens.com] X-MS-Exchange-CrossTenant-AuthSource: VE1EUR01FT056.eop-EUR01.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU0PR10MB5196 X-Original-Sender: tobias.schaffner@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=jtZbyZ1h; arc=pass (i=1 spf=pass spfdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of tobias.schaffner@siemens.com designates 40.107.105.53 as permitted sender) smtp.mailfrom=tobias.schaffner@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_EF,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H2,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= From: Tobias Schaffner Do the complete user and group creation in python. This allows us to drop the encoding and parsing code that was used to make the user and group lists available in the shell function. Signed-off-by: Tobias Schaffner --- meta/classes/image-account-extension.bbclass | 368 +++++++------------ 1 file changed, 124 insertions(+), 244 deletions(-) diff --git a/meta/classes/image-account-extension.bbclass b/meta/classes/image-account-extension.bbclass index cbc20a2..127732a 100644 --- a/meta/classes/image-account-extension.bbclass +++ b/meta/classes/image-account-extension.bbclass @@ -1,5 +1,5 @@ # This software is a part of ISAR. -# Copyright (C) Siemens AG, 2019 +# Copyright (C) Siemens AG, 2023 # # SPDX-License-Identifier: MIT # @@ -25,251 +25,131 @@ GROUPS ??= "" #GROUP_root[gid] = "" #GROUP_root[flags] = "system" -def gen_accounts_array(d, listname, entryname, flags, verb_flags=None): - from itertools import chain - - entries = (d.getVar(listname, True) or "").split() - return " ".join( - ":".join( - chain( - (entry,), - ( - (",".join( - ( - d.getVarFlag(entryname + "_" + entry, flag, True) or "" - ).split() - ) if flag not in (verb_flags or []) else ( - d.getVarFlag(entryname + "_" + entry, flag, True) or "" - )).replace(":","=") - for flag in flags - ), - ) - ) - for entry in entries - ) - -# List of space separated entries, where each entry has the format: -# username:encryptedpassword:expiredate:inactivenumber:userid:groupid:comment:homedir:shell:group1,group2:flag1,flag2 -IMAGE_ACCOUNTS_USERS =+ "${@gen_accounts_array(d, 'USERS', 'USER', ['password', 'expire', 'inactive', 'uid', 'gid', 'comment', 'home', 'shell', 'groups', 'flags'], ['password', 'comment', 'home', 'shell'])}" - -# List of space separated entries, where each entry has the format: -# groupname:groupid:flag1,flag2 -IMAGE_ACCOUNTS_GROUPS =+ "${@gen_accounts_array(d, 'GROUPS', 'GROUP', ['gid', 'flags'])}" - -do_rootfs_install[vardeps] += "${IMAGE_ACCOUNTS_GROUPS} ${IMAGE_ACCOUNTS_USERS}" -ROOTFS_POSTPROCESS_COMMAND += "image_postprocess_accounts" -image_postprocess_accounts() { - # Create groups - # Add space to the end of the list: - list='${@" ".join(d.getVar('IMAGE_ACCOUNTS_GROUPS', True).split())} ' - while true; do - # Pop first group entry: - list_rest="${list#*:*:* }" - entry="${list%%${list_rest}}" - list="${list_rest}" - - if [ -z "${entry}" ]; then - break - fi - - # Add colon to the end of the entry and remove trailing space: - entry="${entry% }:" - - # Decode entries: - name="${entry%%:*}" - entry="${entry#${name}:}" - - gid="${entry%%:*}" - entry="${entry#${gid}:}" - - flags="${entry%%:*}" - entry="${entry#${flags}:}" - - flags=",${flags}," # Needed for searching for substrings - - # Check if user already exists: - if grep -q "^${name}:" '${ROOTFSDIR}/etc/group'; then - exists="y" - else - exists="n" - fi - - # Create arguments: - set -- # clear arguments - - if [ -n "$gid" ]; then - set -- "$@" --gid "$gid" - fi - - if [ "n" = "$exists" ]; then - if [ "${flags}" != "${flags%*,system,*}" ]; then - set -- "$@" --system - fi - fi - - # Create or modify groups: - if [ "y" = "$exists" ]; then - if [ -z "$@" ]; then - echo "Do not execute groupmod (no changes)." - else - echo "Execute groupmod with \"$@\" for \"$name\"" - sudo -E chroot '${ROOTFSDIR}' \ - /usr/sbin/groupmod "$@" "$name" - fi - else - echo "Execute groupadd with \"$@\" for \"$name\"" - sudo -E chroot '${ROOTFSDIR}' \ - /usr/sbin/groupadd "$@" "$name" - fi - done - - # Create users - list='${@" ".join(d.getVar('IMAGE_ACCOUNTS_USERS', True).split())} ' - while true; do - # Pop first user entry: - list_rest="${list#*:*:*:*:*:*:*:*:*:*:* }" - entry="${list%%${list_rest}}" - list="${list_rest}" - - if [ -z "${entry}" ]; then - break - fi - - # Add colon to the end of the entry and remove trailing space: - entry="${entry% }:" - - # Decode entries: - name="${entry%%:*}" - entry="${entry#${name}:}" - - password="${entry%%:*}" - entry="${entry#${password}:}" - - expire="${entry%%:*}" - entry="${entry#${expire}:}" - - inactive="${entry%%:*}" - entry="${entry#${inactive}:}" - - uid="${entry%%:*}" - entry="${entry#${uid}:}" - - gid="${entry%%:*}" - entry="${entry#${gid}:}" - - comment="${entry%%:*}" - entry="${entry#${comment}:}" - - home="${entry%%:*}" - entry="${entry#${home}:}" - - shell="${entry%%:*}" - entry="${entry#${shell}:}" - - groups="${entry%%:*}" - entry="${entry#${groups}:}" - - flags="${entry%%:*}" - entry="${entry#${flags}:}" - - flags=",${flags}," # Needed for searching for substrings - - # Check if user already exists: - if grep -q "^${name}:" '${ROOTFSDIR}/etc/passwd'; then - exists="y" - else - exists="n" - fi - - # Create arguments: - set -- # clear arguments - - if [ -n "$expire" ]; then - set -- "$@" --expiredate "$expire" - fi - - if [ -n "$inactive" ]; then - set -- "$@" --inactive "$inactive" - fi - - if [ -n "$uid" ]; then - set -- "$@" --uid "$uid" - fi - - if [ -n "$gid" ]; then - set -- "$@" --gid "$gid" - fi - - if [ -n "$comment" ]; then - set -- "$@" --comment "$comment" - fi - - if [ -n "$home" ]; then - if [ "y" = "$exists" ]; then - set -- "$@" --home "$home" --move-home - else - set -- "$@" --home-dir "$home" - fi - fi - - if [ -n "$shell" ]; then - set -- "$@" --shell "$shell" - fi - - if [ -n "$groups" ]; then - set -- "$@" --groups "$groups" - fi - - if [ "n" = "$exists" ]; then - if [ "${flags}" != "${flags%*,system,*}" ]; then - set -- "$@" --system - fi - if [ "${flags}" != "${flags%*,no-create-home,*}" ]; then - set -- "$@" --no-create-home - else - if [ "${flags}" != "${flags%*,create-home,*}" ]; then - set -- "$@" --create-home - fi - fi - fi - - # Create or modify users: - if [ "y" = "$exists" ]; then - if [ -z "$@" ]; then - echo "Do not execute usermod (no changes)." - else - echo "Execute usermod with \"$@\" for \"$name\"" - sudo -E chroot '${ROOTFSDIR}' \ - /usr/sbin/usermod "$@" "$name" - fi - else - echo "Execute useradd with \"$@\" for \"$name\"" - sudo -E chroot '${ROOTFSDIR}' \ - /usr/sbin/useradd "$@" "$name" - fi - - # Set password: - if [ -n "$password" -o "${flags}" != "${flags%*,allow-empty-password,*}" ]; then - chpasswd_args="-e" - if [ "${flags}" != "${flags%*,clear-text-password,*}" ]; then +def image_create_groups(d: "DataSmart") -> None: + """Creates the groups defined in the ``GROUPS`` bitbake variable. + + Args: + d (DataSmart): The bitbake datastore. + + Returns: + None + """ + entries = (d.getVar("GROUPS", True) or "").split() + rootfsdir = d.getVar("ROOTFSDIR", True) + chroot = ["sudo", "-E", "chroot", rootfsdir] + + for entry in entries: + args = [] + group_entry = "GROUP_{}".format(entry) + + with open("{}/etc/group".format(rootfsdir), "r") as group_file: + exists = any(line.startswith("{}:".format(entry)) for line in group_file) + + gid = d.getVarFlag(group_entry, "gid", True) or "" + if gid: + args.append("--gid") + args.append(gid) + + flags = (d.getVarFlag(group_entry, "flags", True) or "").split() + if "system" in flags: + args.append("--system") + + if exists: + if args: + bb.process.run([*chroot, "/usr/sbin/groupmod", *args, entry]) + else: + bb.process.run([*chroot, "/usr/sbin/groupadd", *args, entry]) + + +def image_create_users(d: "DataSmart") -> None: + """Creates the users defined in the ``USERS`` bitbake variable. + + Args: + d (DataSmart): The bitbake datastore. + + Returns: + None + """ + import hashlib + import crypt + + entries = (d.getVar("USERS", True) or "").split() + rootfsdir = d.getVar("ROOTFSDIR", True) + chroot = ["sudo", "-E", "chroot", rootfsdir] + + for entry in entries: + args = [] + user_entry = "USER_{}".format(entry) + + with open("{}/etc/passwd".format(rootfsdir), "r") as passwd_file: + exists = any(line.startswith("{}:".format(entry)) for line in passwd_file) + + def add_user_option(option_name, flag_name): + flag_value = d.getVarFlag(user_entry, flag_name, True) or "" + if flag_value: + args.append(option_name) + args.append(flag_value) + + add_user_option("--expire", "expiredate") + add_user_option("--inactive", "inactive") + add_user_option("--uid", "uid") + add_user_option("--gid", "gid") + add_user_option("--comment", "comment") + add_user_option("--shell", "shell") + + groups = d.getVarFlag(user_entry, "groups", True) or "" + if groups: + args.append("--groups") + args.append(groups.replace(' ', ',')) + + flags = (d.getVarFlag(user_entry, "flags", True) or "").split() + + if exists: + add_user_option("--home", "home") + if d.getVarFlag(user_entry, "home", True) or "": + args.append("--move-home") + else: + add_user_option("--home-dir", "home") + + if "system" in flags: + args.append("--system") + if "no-create-home" in flags: + args.append("--no-create-home") + if "create-home" in flags: + args.append("--create-home") + + if exists: + if args: + bb.process.run([*chroot, "/usr/sbin/usermod", *args, entry]) + else: + bb.process.run([*chroot, "/usr/sbin/useradd", *args, entry]) + + command = [*chroot, "/usr/sbin/chpasswd"] + password = d.getVarFlag(user_entry, "password", True) or "" + if password or "allow-empty-password" in flags: + if "clear-text-password" in flags: + # chpasswd adds a random salt when running against a clear-text password. # For reproducible images, we manually generate the password and use the # SOURCE_DATE_EPOCH to generate the salt in a deterministic way. - if [ -z "${SOURCE_DATE_EPOCH}" ]; then - chpasswd_args="" - else - salt="$(echo "${SOURCE_DATE_EPOCH}" | sha256sum -z | cut -c 1-15)" - password="$(openssl passwd -6 -salt $salt "$password")" - fi - fi - printf '%s:%s' "$name" "$password" | sudo chroot '${ROOTFSDIR}' \ - /usr/sbin/chpasswd $chpasswd_args - fi - if [ "${flags}" != "${flags%*,force-passwd-change,*}" ]; then - echo "Execute passwd to force password change on first boot for \"$name\"" - sudo -E chroot '${ROOTFSDIR}' \ - /usr/bin/passwd --expire "$name" - fi - done + source_date_epoch = d.getVar("SOURCE_DATE_EPOCH", True) or "" + if source_date_epoch: + command.append("-e") + salt = hashlib.sha256("{}\n".format(source_date_epoch).encode()).hexdigest()[0:15] + password = crypt.crypt(password, "$6${}".format(salt)) + + else: + command.append("-e") + + bb.process.run(command, "{}:{}".format(entry, password).encode()) + + if "force-passwd-change" in flags: + bb.process.run([*chroot, "/usr/sbin/passwd", "--expire", entry]) + + +ROOTFS_POSTPROCESS_COMMAND += "image_postprocess_accounts" +python image_postprocess_accounts() { + image_create_groups(d) + image_create_users(d) }