* [Buildroot] [PATCH 01/10] package/systemd: move preset-all HOOK to fakeroot stage
2020-02-06 9:36 [Buildroot] [PATCH 00/10] Improvements to systemd Norbert Lange
@ 2020-02-06 9:36 ` Norbert Lange
2020-06-07 11:09 ` Jérémy ROSEN
2020-06-07 11:47 ` Yann E. MORIN
2020-02-06 9:36 ` [Buildroot] [PATCH 02/10] package/systemd: add libnss-systemd to name resolution Norbert Lange
` (8 subsequent siblings)
9 siblings, 2 replies; 40+ messages in thread
From: Norbert Lange @ 2020-02-06 9:36 UTC (permalink / raw)
To: buildroot
User can drop in more systemd units or presets
in an rootfs overlay, which will be copied over *after*
the TARGET_FINALIZE_HOOKS are run.
Instead, run preset-all afterwards from ROOTFS_PRE_CMD_HOOKS
Signed-off-by: Norbert Lange <nolange79@gmail.com>
---
package/systemd/systemd.mk | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
index 6e31a14ac3..05b07cfd1b 100644
--- a/package/systemd/systemd.mk
+++ b/package/systemd/systemd.mk
@@ -490,7 +490,7 @@ endef
define SYSTEMD_PRESET_ALL
$(HOST_DIR)/bin/systemctl --root=$(TARGET_DIR) preset-all
endef
-SYSTEMD_TARGET_FINALIZE_HOOKS += SYSTEMD_PRESET_ALL
+SYSTEMD_ROOTFS_PRE_CMD_HOOKS += SYSTEMD_PRESET_ALL
SYSTEMD_CONF_ENV = $(HOST_UTF8_LOCALE_ENV)
SYSTEMD_NINJA_ENV = $(HOST_UTF8_LOCALE_ENV)
--
2.24.1
^ permalink raw reply related [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 01/10] package/systemd: move preset-all HOOK to fakeroot stage
2020-02-06 9:36 ` [Buildroot] [PATCH 01/10] package/systemd: move preset-all HOOK to fakeroot stage Norbert Lange
@ 2020-06-07 11:09 ` Jérémy ROSEN
2020-06-07 11:46 ` Yann E. MORIN
2020-06-07 11:47 ` Yann E. MORIN
1 sibling, 1 reply; 40+ messages in thread
From: Jérémy ROSEN @ 2020-06-07 11:09 UTC (permalink / raw)
To: buildroot
LGTM
Le jeu. 6 f?vr. 2020 ? 10:36, Norbert Lange <nolange79@gmail.com> a ?crit :
> User can drop in more systemd units or presets
> in an rootfs overlay, which will be copied over *after*
> the TARGET_FINALIZE_HOOKS are run.
>
> Instead, run preset-all afterwards from ROOTFS_PRE_CMD_HOOKS
>
> Signed-off-by: Norbert Lange <nolange79@gmail.com>
> ---
> package/systemd/systemd.mk | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
> index 6e31a14ac3..05b07cfd1b 100644
> --- a/package/systemd/systemd.mk
> +++ b/package/systemd/systemd.mk
> @@ -490,7 +490,7 @@ endef
> define SYSTEMD_PRESET_ALL
> $(HOST_DIR)/bin/systemctl --root=$(TARGET_DIR) preset-all
> endef
> -SYSTEMD_TARGET_FINALIZE_HOOKS += SYSTEMD_PRESET_ALL
> +SYSTEMD_ROOTFS_PRE_CMD_HOOKS += SYSTEMD_PRESET_ALL
>
> SYSTEMD_CONF_ENV = $(HOST_UTF8_LOCALE_ENV)
> SYSTEMD_NINJA_ENV = $(HOST_UTF8_LOCALE_ENV)
> --
> 2.24.1
>
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot
>
--
[image: SMILE] <http://www.smile.eu/>
20 rue des Jardins
92600 Asni?res-sur-Seine
*J?r?my ROSEN*
Architecte technique
[image: email] jeremy.rosen at smile.fr
[image: phone] +33 6 88 25 87 42
[image: url] http://www.smile.eu
[image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
<https://www.facebook.com/smileopensource> [image: LinkedIn]
<https://www.linkedin.com/company/smile> [image: Github]
<https://github.com/Smile-SA>
[image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
<https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200607/50da848b/attachment-0001.html>
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 01/10] package/systemd: move preset-all HOOK to fakeroot stage
2020-06-07 11:09 ` Jérémy ROSEN
@ 2020-06-07 11:46 ` Yann E. MORIN
2020-06-07 12:07 ` Jérémy ROSEN
0 siblings, 1 reply; 40+ messages in thread
From: Yann E. MORIN @ 2020-06-07 11:46 UTC (permalink / raw)
To: buildroot
J?r?my, All,
On 2020-06-07 13:09 +0200, J?r?my ROSEN spake thusly:
> LGTM
Could you reply with actual reviewd-by or acked-by tags, please?
https://buildroot.org/downloads/manual/manual.html#_reviewing_and_testing_patches
In the meantime, I'll assume your 'LGTM' here and in other patches, means
you provided your Reviewed-by tag. Thanks! :-)
Regards,
Yann E. MORIN.
> Le?jeu. 6 f?vr. 2020 ??10:36, Norbert Lange < [1]nolange79@gmail.com> a ?crit?:
>
> User can drop in more systemd units or presets
> in an rootfs overlay, which will be copied over *after*
> the TARGET_FINALIZE_HOOKS are run.
>
> Instead, run preset-all afterwards from ROOTFS_PRE_CMD_HOOKS
>
> Signed-off-by: Norbert Lange < [2]nolange79@gmail.com>
> ---
> ?package/systemd/ [3]systemd.mk | 2 +-
> ?1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/package/systemd/ [4]systemd.mk b/package/systemd/ [5]systemd.mk
> index 6e31a14ac3..05b07cfd1b 100644
> --- a/package/systemd/ [6]systemd.mk
> +++ b/package/systemd/ [7]systemd.mk
> @@ -490,7 +490,7 @@ endef
> ?define SYSTEMD_PRESET_ALL
> ? ? ? ? $(HOST_DIR)/bin/systemctl --root=$(TARGET_DIR) preset-all
> ?endef
> -SYSTEMD_TARGET_FINALIZE_HOOKS += SYSTEMD_PRESET_ALL
> +SYSTEMD_ROOTFS_PRE_CMD_HOOKS += SYSTEMD_PRESET_ALL
>
> ?SYSTEMD_CONF_ENV = $(HOST_UTF8_LOCALE_ENV)
> ?SYSTEMD_NINJA_ENV = $(HOST_UTF8_LOCALE_ENV)
> --
> 2.24.1
>
> _______________________________________________
> buildroot mailing list
> [8]buildroot at busybox.net
> [9]http://lists.busybox.net/mailman/listinfo/buildroot
>
> --
>
> +-----------------------------------------------------------------------------------------------------------------------+
> | | J?r?my ROSEN |
> | [10]3D"SMILE"[11] ? | Architecte technique |
> | | [12]3D"email" ? [13]jeremy.rosen at smile.fr? |
> | 20 rue des Jardins | [14]3D"phone" ? +33 6 88 25 87 42? |
> | 92600 Asni?res-sur-Seine | [15]3D"url" ? [16]http://www.smile.eu |
> | | [17]3D"Twitter" ? [18]3D"Facebook" ? [19]3D"LinkedIn" ? [20]3D"Github" |
> +-----------------------------------------------------------------------------------------------------------------------+
>
> [21]3D"D?couvrez
>
> Links:
> 1. mailto:nolange79 at gmail.com
> 2. mailto:nolange79 at gmail.com
> 3. http://systemd.mk
> 4. http://systemd.mk
> 5. http://systemd.mk
> 6. http://systemd.mk
> 7. http://systemd.mk
> 8. mailto:buildroot at busybox.net
> 9. http://lists.busybox.net/mailman/listinfo/buildroot
> 10. http://www.smile.eu/
> 11. http://www.smile.eu/
> 12. Image: http://ftp.smile.fr/client/Communication/signature/img/mail.png
> 13. mailto:jeremy.rosen at smile.fr
> 14. Image: http://ftp.smile.fr/client/Communication/signature/img/phone.png
> 15. Image: http://ftp.smile.fr/client/Communication/signature/img/web.png
> 16. http://www.smile.eu/
> 17. https://twitter.com/GroupeSmile
> 18. https://www.facebook.com/smileopensource
> 19. https://www.linkedin.com/company/smile
> 20. https://github.com/Smile-SA
> 21. https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 561 099 427 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 01/10] package/systemd: move preset-all HOOK to fakeroot stage
2020-06-07 11:46 ` Yann E. MORIN
@ 2020-06-07 12:07 ` Jérémy ROSEN
0 siblings, 0 replies; 40+ messages in thread
From: Jérémy ROSEN @ 2020-06-07 12:07 UTC (permalink / raw)
To: buildroot
My bad...
I mess up the etiquette of the various projects I follow,
thx for appying...
Le dim. 7 juin 2020 ? 13:46, Yann E. MORIN <yann.morin.1998@free.fr> a
?crit :
> J?r?my, All,
>
> On 2020-06-07 13:09 +0200, J?r?my ROSEN spake thusly:
> > LGTM
>
> Could you reply with actual reviewd-by or acked-by tags, please?
>
>
> https://buildroot.org/downloads/manual/manual.html#_reviewing_and_testing_patches
>
> In the meantime, I'll assume your 'LGTM' here and in other patches, means
> you provided your Reviewed-by tag. Thanks! :-)
>
> Regards,
> Yann E. MORIN.
>
> > Le jeu. 6 f?vr. 2020 ? 10:36, Norbert Lange < [1]nolange79@gmail.com> a
> ?crit :
> >
> > User can drop in more systemd units or presets
> > in an rootfs overlay, which will be copied over *after*
> > the TARGET_FINALIZE_HOOKS are run.
> >
> > Instead, run preset-all afterwards from ROOTFS_PRE_CMD_HOOKS
> >
> > Signed-off-by: Norbert Lange < [2]nolange79@gmail.com>
> > ---
> > package/systemd/ [3]systemd.mk | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/package/systemd/ [4]systemd.mk b/package/systemd/ [5]
> systemd.mk
> > index 6e31a14ac3..05b07cfd1b 100644
> > --- a/package/systemd/ [6]systemd.mk
> > +++ b/package/systemd/ [7]systemd.mk
> > @@ -490,7 +490,7 @@ endef
> > define SYSTEMD_PRESET_ALL
> > $(HOST_DIR)/bin/systemctl --root=$(TARGET_DIR) preset-all
> > endef
> > -SYSTEMD_TARGET_FINALIZE_HOOKS += SYSTEMD_PRESET_ALL
> > +SYSTEMD_ROOTFS_PRE_CMD_HOOKS += SYSTEMD_PRESET_ALL
> >
> > SYSTEMD_CONF_ENV = $(HOST_UTF8_LOCALE_ENV)
> > SYSTEMD_NINJA_ENV = $(HOST_UTF8_LOCALE_ENV)
> > --
> > 2.24.1
> >
> > _______________________________________________
> > buildroot mailing list
> > [8]buildroot at busybox.net
> > [9]http://lists.busybox.net/mailman/listinfo/buildroot
> >
> > --
> >
> >
> +-----------------------------------------------------------------------------------------------------------------------+
> > | | J?r?my ROSEN
> |
> > | [10]3D"SMILE"[11] | Architecte technique
> |
> > | | [12]3D"email" [13]
> jeremy.rosen at smile.fr |
> > | 20 rue des Jardins | [14]3D"phone" +33 6 88 25 87 42
> |
> > | 92600 Asni?res-sur-Seine | [15]3D"url" [16]http://www.smile.eu
> |
> > | | [17]3D"Twitter" [18]3D"Facebook"
> [19]3D"LinkedIn" [20]3D"Github" |
> >
> +-----------------------------------------------------------------------------------------------------------------------+
> >
> > [21]3D"D?couvrez
> >
> > Links:
> > 1. mailto:nolange79 at gmail.com
> > 2. mailto:nolange79 at gmail.com
> > 3. http://systemd.mk
> > 4. http://systemd.mk
> > 5. http://systemd.mk
> > 6. http://systemd.mk
> > 7. http://systemd.mk
> > 8. mailto:buildroot at busybox.net
> > 9. http://lists.busybox.net/mailman/listinfo/buildroot
> > 10. http://www.smile.eu/
> > 11. http://www.smile.eu/
> > 12. Image:
> http://ftp.smile.fr/client/Communication/signature/img/mail.png
> > 13. mailto:jeremy.rosen at smile.fr
> > 14. Image:
> http://ftp.smile.fr/client/Communication/signature/img/phone.png
> > 15. Image:
> http://ftp.smile.fr/client/Communication/signature/img/web.png
> > 16. http://www.smile.eu/
> > 17. https://twitter.com/GroupeSmile
> > 18. https://www.facebook.com/smileopensource
> > 19. https://www.linkedin.com/company/smile
> > 20. https://github.com/Smile-SA
> > 21.
> https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature
>
> --
>
> .-----------------.--------------------.------------------.--------------------.
> | Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics'
> conspiracy: |
> | +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___
> |
> | +33 561 099 427 `------------.-------: X AGAINST | \e/ There is
> no |
> | http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v
> conspiracy. |
>
> '------------------------------^-------^------------------^--------------------'
>
--
[image: SMILE] <http://www.smile.eu/>
20 rue des Jardins
92600 Asni?res-sur-Seine
*J?r?my ROSEN*
Architecte technique
[image: email] jeremy.rosen at smile.fr
[image: phone] +33 6 88 25 87 42
[image: url] http://www.smile.eu
[image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
<https://www.facebook.com/smileopensource> [image: LinkedIn]
<https://www.linkedin.com/company/smile> [image: Github]
<https://github.com/Smile-SA>
[image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
<https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200607/4291b873/attachment.html>
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 01/10] package/systemd: move preset-all HOOK to fakeroot stage
2020-02-06 9:36 ` [Buildroot] [PATCH 01/10] package/systemd: move preset-all HOOK to fakeroot stage Norbert Lange
2020-06-07 11:09 ` Jérémy ROSEN
@ 2020-06-07 11:47 ` Yann E. MORIN
1 sibling, 0 replies; 40+ messages in thread
From: Yann E. MORIN @ 2020-06-07 11:47 UTC (permalink / raw)
To: buildroot
Norbert, All,
On 2020-02-06 10:36 +0100, Norbert Lange spake thusly:
> User can drop in more systemd units or presets
> in an rootfs overlay, which will be copied over *after*
> the TARGET_FINALIZE_HOOKS are run.
>
> Instead, run preset-all afterwards from ROOTFS_PRE_CMD_HOOKS
>
> Signed-off-by: Norbert Lange <nolange79@gmail.com>
Appied to master, thanks.
Regards,
Yann E. MORIN.
> ---
> package/systemd/systemd.mk | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
> index 6e31a14ac3..05b07cfd1b 100644
> --- a/package/systemd/systemd.mk
> +++ b/package/systemd/systemd.mk
> @@ -490,7 +490,7 @@ endef
> define SYSTEMD_PRESET_ALL
> $(HOST_DIR)/bin/systemctl --root=$(TARGET_DIR) preset-all
> endef
> -SYSTEMD_TARGET_FINALIZE_HOOKS += SYSTEMD_PRESET_ALL
> +SYSTEMD_ROOTFS_PRE_CMD_HOOKS += SYSTEMD_PRESET_ALL
>
> SYSTEMD_CONF_ENV = $(HOST_UTF8_LOCALE_ENV)
> SYSTEMD_NINJA_ENV = $(HOST_UTF8_LOCALE_ENV)
> --
> 2.24.1
>
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 561 099 427 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 02/10] package/systemd: add libnss-systemd to name resolution
2020-02-06 9:36 [Buildroot] [PATCH 00/10] Improvements to systemd Norbert Lange
2020-02-06 9:36 ` [Buildroot] [PATCH 01/10] package/systemd: move preset-all HOOK to fakeroot stage Norbert Lange
@ 2020-02-06 9:36 ` Norbert Lange
2020-06-07 11:10 ` Jérémy ROSEN
2020-06-07 11:40 ` Yann E. MORIN
2020-02-06 9:36 ` [Buildroot] [PATCH 03/10] package/systemd: remove unused user accounts Norbert Lange
` (7 subsequent siblings)
9 siblings, 2 replies; 40+ messages in thread
From: Norbert Lange @ 2020-02-06 9:36 UTC (permalink / raw)
To: buildroot
The feature DynamicUser creates users/groups without
touching the /etc/{passwd,group} files on disk.
Adding the dynamic resolver to /etc/nsswitch.conf
ensures the Names are resolved consistently.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
---
package/systemd/systemd.mk | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
index 05b07cfd1b..a390cdd1a9 100644
--- a/package/systemd/systemd.mk
+++ b/package/systemd/systemd.mk
@@ -409,7 +409,15 @@ define SYSTEMD_INSTALL_MACHINEID_HOOK
touch $(TARGET_DIR)/etc/machine-id
endef
+define SYSTEMD_ADD_NSSCONFIG_HOOK
+ grep >/dev/null '^passwd:.*systemd' $(TARGET_DIR)/etc/nsswitch.conf || \
+ sed '/^passwd:/ s/$$/ systemd/' $(TARGET_DIR)/etc/nsswitch.conf
+ grep >/dev/null '^group:.*systemd' $(TARGET_DIR)/etc/nsswitch.conf || \
+ sed '/^group:/ s/$$/ systemd/' $(TARGET_DIR)/etc/nsswitch.conf
+endef
+
SYSTEMD_POST_INSTALL_TARGET_HOOKS += \
+ SYSTEMD_ADD_NSSCONFIG_HOOK \
SYSTEMD_INSTALL_INIT_HOOK \
SYSTEMD_INSTALL_MACHINEID_HOOK \
SYSTEMD_INSTALL_RESOLVCONF_HOOK
--
2.24.1
^ permalink raw reply related [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 02/10] package/systemd: add libnss-systemd to name resolution
2020-02-06 9:36 ` [Buildroot] [PATCH 02/10] package/systemd: add libnss-systemd to name resolution Norbert Lange
@ 2020-06-07 11:10 ` Jérémy ROSEN
2020-06-07 11:40 ` Yann E. MORIN
1 sibling, 0 replies; 40+ messages in thread
From: Jérémy ROSEN @ 2020-06-07 11:10 UTC (permalink / raw)
To: buildroot
I don't have enough knowledge of nss, to vet this patch, but
adding nss-systemd in nsswitch by itself is a great idea
Le jeu. 6 f?vr. 2020 ? 10:36, Norbert Lange <nolange79@gmail.com> a ?crit :
> The feature DynamicUser creates users/groups without
> touching the /etc/{passwd,group} files on disk.
> Adding the dynamic resolver to /etc/nsswitch.conf
> ensures the Names are resolved consistently.
>
> Signed-off-by: Norbert Lange <nolange79@gmail.com>
> ---
> package/systemd/systemd.mk | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
> index 05b07cfd1b..a390cdd1a9 100644
> --- a/package/systemd/systemd.mk
> +++ b/package/systemd/systemd.mk
> @@ -409,7 +409,15 @@ define SYSTEMD_INSTALL_MACHINEID_HOOK
> touch $(TARGET_DIR)/etc/machine-id
> endef
>
> +define SYSTEMD_ADD_NSSCONFIG_HOOK
> + grep >/dev/null '^passwd:.*systemd'
> $(TARGET_DIR)/etc/nsswitch.conf || \
> + sed '/^passwd:/ s/$$/ systemd/'
> $(TARGET_DIR)/etc/nsswitch.conf
> + grep >/dev/null '^group:.*systemd' $(TARGET_DIR)/etc/nsswitch.conf
> || \
> + sed '/^group:/ s/$$/ systemd/'
> $(TARGET_DIR)/etc/nsswitch.conf
> +endef
> +
> SYSTEMD_POST_INSTALL_TARGET_HOOKS += \
> + SYSTEMD_ADD_NSSCONFIG_HOOK \
> SYSTEMD_INSTALL_INIT_HOOK \
> SYSTEMD_INSTALL_MACHINEID_HOOK \
> SYSTEMD_INSTALL_RESOLVCONF_HOOK
> --
> 2.24.1
>
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot
>
--
[image: SMILE] <http://www.smile.eu/>
20 rue des Jardins
92600 Asni?res-sur-Seine
*J?r?my ROSEN*
Architecte technique
[image: email] jeremy.rosen at smile.fr
[image: phone] +33 6 88 25 87 42
[image: url] http://www.smile.eu
[image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
<https://www.facebook.com/smileopensource> [image: LinkedIn]
<https://www.linkedin.com/company/smile> [image: Github]
<https://github.com/Smile-SA>
[image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
<https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200607/7428896a/attachment.html>
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 02/10] package/systemd: add libnss-systemd to name resolution
2020-02-06 9:36 ` [Buildroot] [PATCH 02/10] package/systemd: add libnss-systemd to name resolution Norbert Lange
2020-06-07 11:10 ` Jérémy ROSEN
@ 2020-06-07 11:40 ` Yann E. MORIN
2020-06-07 19:35 ` Norbert Lange
1 sibling, 1 reply; 40+ messages in thread
From: Yann E. MORIN @ 2020-06-07 11:40 UTC (permalink / raw)
To: buildroot
Nrobert, All,
On 2020-02-06 10:36 +0100, Norbert Lange spake thusly:
> The feature DynamicUser creates users/groups without
> touching the /etc/{passwd,group} files on disk.
> Adding the dynamic resolver to /etc/nsswitch.conf
> ensures the Names are resolved consistently.
>
> Signed-off-by: Norbert Lange <nolange79@gmail.com>
> ---
> package/systemd/systemd.mk | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
> index 05b07cfd1b..a390cdd1a9 100644
> --- a/package/systemd/systemd.mk
> +++ b/package/systemd/systemd.mk
> @@ -409,7 +409,15 @@ define SYSTEMD_INSTALL_MACHINEID_HOOK
> touch $(TARGET_DIR)/etc/machine-id
> endef
>
> +define SYSTEMD_ADD_NSSCONFIG_HOOK
> + grep >/dev/null '^passwd:.*systemd' $(TARGET_DIR)/etc/nsswitch.conf || \
While this is valid sytx, we customarily put the redirection at the end
of the command.
However, in this case, you would want to use 'grep -q', as that does not
output anything.
> + sed '/^passwd:/ s/$$/ systemd/' $(TARGET_DIR)/etc/nsswitch.conf
How can that even work? By default, sed will out put to stdout, not
replace in-place.
This clearly has not been tested (or git-commit --amend was forgotten).
In this case, you want to use $(SED) that includes the -i option to do
in-place modifications.
> + grep >/dev/null '^group:.*systemd' $(TARGET_DIR)/etc/nsswitch.conf || \
Ditto grep -q.
> + sed '/^group:/ s/$$/ systemd/' $(TARGET_DIR)/etc/nsswitch.conf
Ditto $(SED).
Regards,
Yann E. MORIN.
> +endef
> +
> SYSTEMD_POST_INSTALL_TARGET_HOOKS += \
> + SYSTEMD_ADD_NSSCONFIG_HOOK \
> SYSTEMD_INSTALL_INIT_HOOK \
> SYSTEMD_INSTALL_MACHINEID_HOOK \
> SYSTEMD_INSTALL_RESOLVCONF_HOOK
> --
> 2.24.1
>
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 561 099 427 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 02/10] package/systemd: add libnss-systemd to name resolution
2020-06-07 11:40 ` Yann E. MORIN
@ 2020-06-07 19:35 ` Norbert Lange
2020-06-08 10:09 ` Jérémy ROSEN
0 siblings, 1 reply; 40+ messages in thread
From: Norbert Lange @ 2020-06-07 19:35 UTC (permalink / raw)
To: buildroot
Am So., 7. Juni 2020 um 13:40 Uhr schrieb Yann E. MORIN
<yann.morin.1998@free.fr>:
>
> Nrobert, All,
>
> On 2020-02-06 10:36 +0100, Norbert Lange spake thusly:
> > The feature DynamicUser creates users/groups without
> > touching the /etc/{passwd,group} files on disk.
> > Adding the dynamic resolver to /etc/nsswitch.conf
> > ensures the Names are resolved consistently.
> >
> > Signed-off-by: Norbert Lange <nolange79@gmail.com>
> > ---
> > package/systemd/systemd.mk | 8 ++++++++
> > 1 file changed, 8 insertions(+)
> >
> > diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
> > index 05b07cfd1b..a390cdd1a9 100644
> > --- a/package/systemd/systemd.mk
> > +++ b/package/systemd/systemd.mk
> > @@ -409,7 +409,15 @@ define SYSTEMD_INSTALL_MACHINEID_HOOK
> > touch $(TARGET_DIR)/etc/machine-id
> > endef
> >
> > +define SYSTEMD_ADD_NSSCONFIG_HOOK
> > + grep >/dev/null '^passwd:.*systemd' $(TARGET_DIR)/etc/nsswitch.conf || \
>
> While this is valid sytx, we customarily put the redirection at the end
> of the command.
>
> However, in this case, you would want to use 'grep -q', as that does not
> output anything.
I will do if thats preferred, but I usually redirect because
"Portable shell scripts should avoid both -q and -s and should
redirect standard and error output to /dev/null instead."
(https://www.gnu.org/software/grep/manual/html_node/General-Output-Control.html)
>
> > + sed '/^passwd:/ s/$$/ systemd/' $(TARGET_DIR)/etc/nsswitch.conf
>
> How can that even work? By default, sed will out put to stdout, not
> replace in-place.
Excellent point.
>
> This clearly has not been tested (or git-commit --amend was forgotten).
It's tested in a way, that I have the resulting file in the rootfs overlay ;)
>
> In this case, you want to use $(SED) that includes the -i option to do
> in-place modifications.
>
> > + grep >/dev/null '^group:.*systemd' $(TARGET_DIR)/etc/nsswitch.conf || \
>
> Ditto grep -q.
>
> > + sed '/^group:/ s/$$/ systemd/' $(TARGET_DIR)/etc/nsswitch.conf
>
> Ditto $(SED).
>
> Regards,
> Yann E. MORIN.
>
> > +endef
> > +
> > SYSTEMD_POST_INSTALL_TARGET_HOOKS += \
> > + SYSTEMD_ADD_NSSCONFIG_HOOK \
> > SYSTEMD_INSTALL_INIT_HOOK \
> > SYSTEMD_INSTALL_MACHINEID_HOOK \
> > SYSTEMD_INSTALL_RESOLVCONF_HOOK
> > --
> > 2.24.1
> >
>
> --
> .-----------------.--------------------.------------------.--------------------.
> | Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
> | +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
> | +33 561 099 427 `------------.-------: X AGAINST | \e/ There is no |
> | http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
> '------------------------------^-------^------------------^--------------------'
Come to think of it, systemd comes with 4 or so nss plugins, maybe
it's a better approach
to have a fully featured nsswitch.conf in the skeleton and then cut
out the plugins that are NOT built?
Or use the one from systemd (source: factory/etc/nsswitch.conf), after
a sed 's,compat,files,g'
Norbert
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 02/10] package/systemd: add libnss-systemd to name resolution
2020-06-07 19:35 ` Norbert Lange
@ 2020-06-08 10:09 ` Jérémy ROSEN
2020-06-08 10:38 ` Norbert Lange
0 siblings, 1 reply; 40+ messages in thread
From: Jérémy ROSEN @ 2020-06-08 10:09 UTC (permalink / raw)
To: buildroot
Le dim. 7 juin 2020 ? 21:35, Norbert Lange <nolange79@gmail.com> a ?crit :
> Am So., 7. Juni 2020 um 13:40 Uhr schrieb Yann E. MORIN
> <yann.morin.1998@free.fr>:
> >
> > Nrobert, All,
> >
> > On 2020-02-06 10:36 +0100, Norbert Lange spake thusly:
> > > The feature DynamicUser creates users/groups without
> > > touching the /etc/{passwd,group} files on disk.
> > > Adding the dynamic resolver to /etc/nsswitch.conf
> > > ensures the Names are resolved consistently.
> > >
> > > Signed-off-by: Norbert Lange <nolange79@gmail.com>
> > > ---
> > > package/systemd/systemd.mk | 8 ++++++++
> > > 1 file changed, 8 insertions(+)
> > >
> > > diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
> > > index 05b07cfd1b..a390cdd1a9 100644
> > > --- a/package/systemd/systemd.mk
> > > +++ b/package/systemd/systemd.mk
> > > @@ -409,7 +409,15 @@ define SYSTEMD_INSTALL_MACHINEID_HOOK
> > > touch $(TARGET_DIR)/etc/machine-id
> > > endef
> > >
> > > +define SYSTEMD_ADD_NSSCONFIG_HOOK
> > > + grep >/dev/null '^passwd:.*systemd'
> $(TARGET_DIR)/etc/nsswitch.conf || \
> >
> > While this is valid sytx, we customarily put the redirection at the end
> > of the command.
> >
> > However, in this case, you would want to use 'grep -q', as that does not
> > output anything.
>
> I will do if thats preferred, but I usually redirect because
>
> "Portable shell scripts should avoid both -q and -s and should
> redirect standard and error output to /dev/null instead."
> (
> https://www.gnu.org/software/grep/manual/html_node/General-Output-Control.html
> )
>
> >
> > > + sed '/^passwd:/ s/$$/ systemd/'
> $(TARGET_DIR)/etc/nsswitch.conf
> >
> > How can that even work? By default, sed will out put to stdout, not
> > replace in-place.
>
> Excellent point.
>
> >
> > This clearly has not been tested (or git-commit --amend was forgotten).
>
> It's tested in a way, that I have the resulting file in the rootfs overlay
> ;)
>
> >
> > In this case, you want to use $(SED) that includes the -i option to do
> > in-place modifications.
> >
> > > + grep >/dev/null '^group:.*systemd'
> $(TARGET_DIR)/etc/nsswitch.conf || \
> >
> > Ditto grep -q.
> >
> > > + sed '/^group:/ s/$$/ systemd/'
> $(TARGET_DIR)/etc/nsswitch.conf
> >
> > Ditto $(SED).
> >
> > Regards,
> > Yann E. MORIN.
> >
> > > +endef
> > > +
> > > SYSTEMD_POST_INSTALL_TARGET_HOOKS += \
> > > + SYSTEMD_ADD_NSSCONFIG_HOOK \
> > > SYSTEMD_INSTALL_INIT_HOOK \
> > > SYSTEMD_INSTALL_MACHINEID_HOOK \
> > > SYSTEMD_INSTALL_RESOLVCONF_HOOK
> > > --
> > > 2.24.1
> > >
> >
> > --
> >
> .-----------------.--------------------.------------------.--------------------.
> > | Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics'
> conspiracy: |
> > | +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___
> |
> > | +33 561 099 427 `------------.-------: X AGAINST | \e/ There
> is no |
> > | http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v
> conspiracy. |
> >
> '------------------------------^-------^------------------^--------------------'
>
> Come to think of it, systemd comes with 4 or so nss plugins, maybe
> it's a better approach
> to have a fully featured nsswitch.conf in the skeleton and then cut
> out the plugins that are NOT built?
> Or use the one from systemd (source: factory/etc/nsswitch.conf), after
> a sed 's,compat,files,g'
>
>
>
> Norbert
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot
>
For the record : systemd's upstream nsswitch.conf
# This file is part of systemd.
passwd: compat mymachines systemd
group: compat mymachines systemd
shadow: compat
hosts: files mymachines resolve [!UNAVAIL=return] dns myhostname
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
* mymachines add resolution for local (machinectl compatible) containers.
It also resolves UID/GID assigned to said-containers
* systemd adds UID/GID resolution for DynamicUser
DynamicUser allows a service to run with a dynamically determined UID,
thus simplifying configuration (no need for a line in /etc/passwd)
so independently of "how" I think it makes sense to always enable
nss-systemd
and enable mymachines when systemd-nspawn is compiled in.
--
[image: SMILE] <http://www.smile.eu/>
20 rue des Jardins
92600 Asni?res-sur-Seine
*J?r?my ROSEN*
Architecte technique
[image: email] jeremy.rosen at smile.fr
[image: phone] +33 6 88 25 87 42
[image: url] http://www.smile.eu
[image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
<https://www.facebook.com/smileopensource> [image: LinkedIn]
<https://www.linkedin.com/company/smile> [image: Github]
<https://github.com/Smile-SA>
[image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
<https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200608/eb84b6c0/attachment.html>
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 02/10] package/systemd: add libnss-systemd to name resolution
2020-06-08 10:09 ` Jérémy ROSEN
@ 2020-06-08 10:38 ` Norbert Lange
0 siblings, 0 replies; 40+ messages in thread
From: Norbert Lange @ 2020-06-08 10:38 UTC (permalink / raw)
To: buildroot
Am Mo., 8. Juni 2020 um 12:09 Uhr schrieb J?r?my ROSEN <jeremy.rosen@smile.fr>:
>
>
>
> Le dim. 7 juin 2020 ? 21:35, Norbert Lange <nolange79@gmail.com> a ?crit :
>>
>> Am So., 7. Juni 2020 um 13:40 Uhr schrieb Yann E. MORIN
>> <yann.morin.1998@free.fr>:
>> >
>> > Nrobert, All,
>> >
>> > On 2020-02-06 10:36 +0100, Norbert Lange spake thusly:
>> > > The feature DynamicUser creates users/groups without
>> > > touching the /etc/{passwd,group} files on disk.
>> > > Adding the dynamic resolver to /etc/nsswitch.conf
>> > > ensures the Names are resolved consistently.
>> > >
>> > > Signed-off-by: Norbert Lange <nolange79@gmail.com>
>> > > ---
>> > > package/systemd/systemd.mk | 8 ++++++++
>> > > 1 file changed, 8 insertions(+)
>> > >
>> > > diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
>> > > index 05b07cfd1b..a390cdd1a9 100644
>> > > --- a/package/systemd/systemd.mk
>> > > +++ b/package/systemd/systemd.mk
>> > > @@ -409,7 +409,15 @@ define SYSTEMD_INSTALL_MACHINEID_HOOK
>> > > touch $(TARGET_DIR)/etc/machine-id
>> > > endef
>> > >
>> > > +define SYSTEMD_ADD_NSSCONFIG_HOOK
>> > > + grep >/dev/null '^passwd:.*systemd' $(TARGET_DIR)/etc/nsswitch.conf || \
>> >
>> > While this is valid sytx, we customarily put the redirection at the end
>> > of the command.
>> >
>> > However, in this case, you would want to use 'grep -q', as that does not
>> > output anything.
>>
>> I will do if thats preferred, but I usually redirect because
>>
>> "Portable shell scripts should avoid both -q and -s and should
>> redirect standard and error output to /dev/null instead."
>> (https://www.gnu.org/software/grep/manual/html_node/General-Output-Control.html)
>>
>> >
>> > > + sed '/^passwd:/ s/$$/ systemd/' $(TARGET_DIR)/etc/nsswitch.conf
>> >
>> > How can that even work? By default, sed will out put to stdout, not
>> > replace in-place.
>>
>> Excellent point.
>>
>> >
>> > This clearly has not been tested (or git-commit --amend was forgotten).
>>
>> It's tested in a way, that I have the resulting file in the rootfs overlay ;)
>>
>> >
>> > In this case, you want to use $(SED) that includes the -i option to do
>> > in-place modifications.
>> >
>> > > + grep >/dev/null '^group:.*systemd' $(TARGET_DIR)/etc/nsswitch.conf || \
>> >
>> > Ditto grep -q.
>> >
>> > > + sed '/^group:/ s/$$/ systemd/' $(TARGET_DIR)/etc/nsswitch.conf
>> >
>> > Ditto $(SED).
>> >
>> > Regards,
>> > Yann E. MORIN.
>> >
>> > > +endef
>> > > +
>> > > SYSTEMD_POST_INSTALL_TARGET_HOOKS += \
>> > > + SYSTEMD_ADD_NSSCONFIG_HOOK \
>> > > SYSTEMD_INSTALL_INIT_HOOK \
>> > > SYSTEMD_INSTALL_MACHINEID_HOOK \
>> > > SYSTEMD_INSTALL_RESOLVCONF_HOOK
>> > > --
>> > > 2.24.1
>> > >
>> >
>> > --
>> > .-----------------.--------------------.------------------.--------------------.
>> > | Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
>> > | +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
>> > | +33 561 099 427 `------------.-------: X AGAINST | \e/ There is no |
>> > | http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
>> > '------------------------------^-------^------------------^--------------------'
>>
>> Come to think of it, systemd comes with 4 or so nss plugins, maybe
>> it's a better approach
>> to have a fully featured nsswitch.conf in the skeleton and then cut
>> out the plugins that are NOT built?
>> Or use the one from systemd (source: factory/etc/nsswitch.conf), after
>> a sed 's,compat,files,g'
>>
>>
>>
>> Norbert
>> _______________________________________________
>> buildroot mailing list
>> buildroot at busybox.net
>> http://lists.busybox.net/mailman/listinfo/buildroot
>
>
> For the record : systemd's upstream nsswitch.conf
>
> # This file is part of systemd.
>
> passwd: compat mymachines systemd
> group: compat mymachines systemd
> shadow: compat
>
> hosts: files mymachines resolve [!UNAVAIL=return] dns myhostname
> networks: files
>
> protocols: db files
> services: db files
> ethers: db files
> rpc: db files
>
> netgroup: nis
>
>
> * mymachines add resolution for local (machinectl compatible) containers.
> It also resolves UID/GID assigned to said-containers
> * systemd adds UID/GID resolution for DynamicUser
> DynamicUser allows a service to run with a dynamically determined UID,
> thus simplifying configuration (no need for a line in /etc/passwd)
>
> so independently of "how" I think it makes sense to always enable nss-systemd
> and enable mymachines when systemd-nspawn is compiled in.
Actually I would consider the rootfs broken if no nss-systemd is used,
some services that ship with systemd use this feature and might behave odd.
I havent re-rolled the entire series, but I changed the code to enable systemd,
myhostname and resolve. mymachines is a bit tricky with the placement
in the middle.
(thats why I would prefer using a "full-featured" and just removing
the non-existent ones, doesn't need a check to prevent adding multiple
times either)
>
> --
>
>
> 20 rue des Jardins
> 92600 Asni?res-sur-Seine
>
> J?r?my ROSEN
> Architecte technique
>
> jeremy.rosen at smile.fr
> +33 6 88 25 87 42
> http://www.smile.eu
>
>
>
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 03/10] package/systemd: remove unused user accounts
2020-02-06 9:36 [Buildroot] [PATCH 00/10] Improvements to systemd Norbert Lange
2020-02-06 9:36 ` [Buildroot] [PATCH 01/10] package/systemd: move preset-all HOOK to fakeroot stage Norbert Lange
2020-02-06 9:36 ` [Buildroot] [PATCH 02/10] package/systemd: add libnss-systemd to name resolution Norbert Lange
@ 2020-02-06 9:36 ` Norbert Lange
2020-02-07 9:11 ` Jérémy ROSEN
2020-02-06 9:36 ` [Buildroot] [PATCH 04/10] package/systemd: create "remote" user if the feature is enabled Norbert Lange
` (6 subsequent siblings)
9 siblings, 1 reply; 40+ messages in thread
From: Norbert Lange @ 2020-02-06 9:36 UTC (permalink / raw)
To: buildroot
Since V235 the "gateway" and "upload" services use DynamicUsers,
requiring no entries in /etc/passwd.
This functionality requires option nss-systemd, which is always
enabled in buildroot.
The "bus-proxy" user was removed in V230
Signed-off-by: Norbert Lange <nolange79@gmail.com>
---
package/systemd/systemd.mk | 3 ---
1 file changed, 3 deletions(-)
diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
index a390cdd1a9..b46c4fd540 100644
--- a/package/systemd/systemd.mk
+++ b/package/systemd/systemd.mk
@@ -431,10 +431,7 @@ define SYSTEMD_USERS
- - systemd-journal -1 * - - - Journal
- - render -1 * - - - DRI rendering nodes
- - kvm -1 * - - - kvm nodes
- systemd-bus-proxy -1 systemd-bus-proxy -1 * - - - Proxy D-Bus messages to/from a bus
- systemd-journal-gateway -1 systemd-journal-gateway -1 * /var/log/journal - - Journal Gateway
systemd-journal-remote -1 systemd-journal-remote -1 * /var/log/journal/remote - - Journal Remote
- systemd-journal-upload -1 systemd-journal-upload -1 * - - - Journal Upload
$(SYSTEMD_COREDUMP_USER)
$(SYSTEMD_NETWORKD_USER)
$(SYSTEMD_RESOLVED_USER)
--
2.24.1
^ permalink raw reply related [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 03/10] package/systemd: remove unused user accounts
2020-02-06 9:36 ` [Buildroot] [PATCH 03/10] package/systemd: remove unused user accounts Norbert Lange
@ 2020-02-07 9:11 ` Jérémy ROSEN
2020-02-07 12:41 ` Norbert Lange
0 siblings, 1 reply; 40+ messages in thread
From: Jérémy ROSEN @ 2020-02-07 9:11 UTC (permalink / raw)
To: buildroot
Yes...
Long term we should use systems-sysuser for that, so upstream trickles down
automatically
in the mean time,
Reviewed-by: J?r?my Rosen <jeremy.rosen@smile.fr>
Le jeu. 6 f?vr. 2020 ? 10:37, Norbert Lange <nolange79@gmail.com> a ?crit :
> Since V235 the "gateway" and "upload" services use DynamicUsers,
> requiring no entries in /etc/passwd.
> This functionality requires option nss-systemd, which is always
> enabled in buildroot.
>
> The "bus-proxy" user was removed in V230
>
> Signed-off-by: Norbert Lange <nolange79@gmail.com>
> ---
> package/systemd/systemd.mk | 3 ---
> 1 file changed, 3 deletions(-)
>
> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
> index a390cdd1a9..b46c4fd540 100644
> --- a/package/systemd/systemd.mk
> +++ b/package/systemd/systemd.mk
> @@ -431,10 +431,7 @@ define SYSTEMD_USERS
> - - systemd-journal -1 * - - - Journal
> - - render -1 * - - - DRI rendering nodes
> - - kvm -1 * - - - kvm nodes
> - systemd-bus-proxy -1 systemd-bus-proxy -1 * - - - Proxy D-Bus
> messages to/from a bus
> - systemd-journal-gateway -1 systemd-journal-gateway -1 *
> /var/log/journal - - Journal Gateway
> systemd-journal-remote -1 systemd-journal-remote -1 *
> /var/log/journal/remote - - Journal Remote
> - systemd-journal-upload -1 systemd-journal-upload -1 * - - -
> Journal Upload
> $(SYSTEMD_COREDUMP_USER)
> $(SYSTEMD_NETWORKD_USER)
> $(SYSTEMD_RESOLVED_USER)
> --
> 2.24.1
>
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot
>
--
[image: SMILE] <http://www.smile.eu/>
20 rue des Jardins
92600 Asni?res-sur-Seine
*J?r?my ROSEN*
Architecte technique
[image: email] jeremy.rosen at smile.fr
[image: phone] +33 6 88 25 87 42
[image: url] http://www.smile.eu
[image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
<https://www.facebook.com/smileopensource> [image: LinkedIn]
<https://www.linkedin.com/company/smile> [image: Github]
<https://github.com/Smile-SA>
[image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
<https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200207/01b5f147/attachment.html>
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 03/10] package/systemd: remove unused user accounts
2020-02-07 9:11 ` Jérémy ROSEN
@ 2020-02-07 12:41 ` Norbert Lange
2020-02-07 12:43 ` Jérémy ROSEN
0 siblings, 1 reply; 40+ messages in thread
From: Norbert Lange @ 2020-02-07 12:41 UTC (permalink / raw)
To: buildroot
Sure, but that could get tricky is you dont enable sysuser.d on the target,
then you would need to grab the files from the host installation and use
similar build-options as the target.
Some smart infrastructure work would be needed to not complicate things
between non-system, systemd with option x disabled,
and full systemd.
Am Fr., 7. Feb. 2020 um 10:11 Uhr schrieb J?r?my ROSEN <
jeremy.rosen@smile.fr>:
> Yes...
> Long term we should use systems-sysuser for that, so upstream trickles
> down automatically
>
> in the mean time,
>
> Reviewed-by: J?r?my Rosen <jeremy.rosen@smile.fr>
>
>
> Le jeu. 6 f?vr. 2020 ? 10:37, Norbert Lange <nolange79@gmail.com> a
> ?crit :
>
>> Since V235 the "gateway" and "upload" services use DynamicUsers,
>> requiring no entries in /etc/passwd.
>> This functionality requires option nss-systemd, which is always
>> enabled in buildroot.
>>
>> The "bus-proxy" user was removed in V230
>>
>> Signed-off-by: Norbert Lange <nolange79@gmail.com>
>> ---
>> package/systemd/systemd.mk | 3 ---
>> 1 file changed, 3 deletions(-)
>>
>> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
>> index a390cdd1a9..b46c4fd540 100644
>> --- a/package/systemd/systemd.mk
>> +++ b/package/systemd/systemd.mk
>> @@ -431,10 +431,7 @@ define SYSTEMD_USERS
>> - - systemd-journal -1 * - - - Journal
>> - - render -1 * - - - DRI rendering nodes
>> - - kvm -1 * - - - kvm nodes
>> - systemd-bus-proxy -1 systemd-bus-proxy -1 * - - - Proxy D-Bus
>> messages to/from a bus
>> - systemd-journal-gateway -1 systemd-journal-gateway -1 *
>> /var/log/journal - - Journal Gateway
>> systemd-journal-remote -1 systemd-journal-remote -1 *
>> /var/log/journal/remote - - Journal Remote
>> - systemd-journal-upload -1 systemd-journal-upload -1 * - - -
>> Journal Upload
>> $(SYSTEMD_COREDUMP_USER)
>> $(SYSTEMD_NETWORKD_USER)
>> $(SYSTEMD_RESOLVED_USER)
>> --
>> 2.24.1
>>
>> _______________________________________________
>> buildroot mailing list
>> buildroot at busybox.net
>> http://lists.busybox.net/mailman/listinfo/buildroot
>>
>
>
> --
> [image: SMILE] <http://www.smile.eu/>
>
> 20 rue des Jardins
> 92600 Asni?res-sur-Seine
> *J?r?my ROSEN*
> Architecte technique
>
> [image: email] jeremy.rosen at smile.fr
> [image: phone] +33 6 88 25 87 42
> [image: url] http://www.smile.eu
>
> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
> <https://www.facebook.com/smileopensource> [image: LinkedIn]
> <https://www.linkedin.com/company/smile> [image: Github]
> <https://github.com/Smile-SA>
>
> [image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200207/e674c793/attachment.html>
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 03/10] package/systemd: remove unused user accounts
2020-02-07 12:41 ` Norbert Lange
@ 2020-02-07 12:43 ` Jérémy ROSEN
2020-02-07 12:52 ` Norbert Lange
0 siblings, 1 reply; 40+ messages in thread
From: Jérémy ROSEN @ 2020-02-07 12:43 UTC (permalink / raw)
To: buildroot
That's already in place. We already build host-systemd whenever we build
systemd (host-sysuser is currently disabled but that's trivial to enable)
It's just a question of doing it, really... and teaching mkusers a few
trick to go with it
Le ven. 7 f?vr. 2020 ? 13:41, Norbert Lange <nolange79@gmail.com> a ?crit :
> Sure, but that could get tricky is you dont enable sysuser.d on the target,
> then you would need to grab the files from the host installation and use
> similar build-options as the target.
>
> Some smart infrastructure work would be needed to not complicate things
> between non-system, systemd with option x disabled,
> and full systemd.
>
> Am Fr., 7. Feb. 2020 um 10:11 Uhr schrieb J?r?my ROSEN <
> jeremy.rosen at smile.fr>:
>
>> Yes...
>> Long term we should use systems-sysuser for that, so upstream trickles
>> down automatically
>>
>> in the mean time,
>>
>> Reviewed-by: J?r?my Rosen <jeremy.rosen@smile.fr>
>>
>>
>> Le jeu. 6 f?vr. 2020 ? 10:37, Norbert Lange <nolange79@gmail.com> a
>> ?crit :
>>
>>> Since V235 the "gateway" and "upload" services use DynamicUsers,
>>> requiring no entries in /etc/passwd.
>>> This functionality requires option nss-systemd, which is always
>>> enabled in buildroot.
>>>
>>> The "bus-proxy" user was removed in V230
>>>
>>> Signed-off-by: Norbert Lange <nolange79@gmail.com>
>>> ---
>>> package/systemd/systemd.mk | 3 ---
>>> 1 file changed, 3 deletions(-)
>>>
>>> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
>>> index a390cdd1a9..b46c4fd540 100644
>>> --- a/package/systemd/systemd.mk
>>> +++ b/package/systemd/systemd.mk
>>> @@ -431,10 +431,7 @@ define SYSTEMD_USERS
>>> - - systemd-journal -1 * - - - Journal
>>> - - render -1 * - - - DRI rendering nodes
>>> - - kvm -1 * - - - kvm nodes
>>> - systemd-bus-proxy -1 systemd-bus-proxy -1 * - - - Proxy D-Bus
>>> messages to/from a bus
>>> - systemd-journal-gateway -1 systemd-journal-gateway -1 *
>>> /var/log/journal - - Journal Gateway
>>> systemd-journal-remote -1 systemd-journal-remote -1 *
>>> /var/log/journal/remote - - Journal Remote
>>> - systemd-journal-upload -1 systemd-journal-upload -1 * - - -
>>> Journal Upload
>>> $(SYSTEMD_COREDUMP_USER)
>>> $(SYSTEMD_NETWORKD_USER)
>>> $(SYSTEMD_RESOLVED_USER)
>>> --
>>> 2.24.1
>>>
>>> _______________________________________________
>>> buildroot mailing list
>>> buildroot at busybox.net
>>> http://lists.busybox.net/mailman/listinfo/buildroot
>>>
>>
>>
>> --
>> [image: SMILE] <http://www.smile.eu/>
>>
>> 20 rue des Jardins
>> 92600 Asni?res-sur-Seine
>> *J?r?my ROSEN*
>> Architecte technique
>>
>> [image: email] jeremy.rosen at smile.fr
>> [image: phone] +33 6 88 25 87 42
>> [image: url] http://www.smile.eu
>>
>> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
>> <https://www.facebook.com/smileopensource> [image: LinkedIn]
>> <https://www.linkedin.com/company/smile> [image: Github]
>> <https://github.com/Smile-SA>
>>
>> [image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
>> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>>
>
--
[image: SMILE] <http://www.smile.eu/>
20 rue des Jardins
92600 Asni?res-sur-Seine
*J?r?my ROSEN*
Architecte technique
[image: email] jeremy.rosen at smile.fr
[image: phone] +33 6 88 25 87 42
[image: url] http://www.smile.eu
[image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
<https://www.facebook.com/smileopensource> [image: LinkedIn]
<https://www.linkedin.com/company/smile> [image: Github]
<https://github.com/Smile-SA>
[image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
<https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200207/0d5a32cf/attachment.html>
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 03/10] package/systemd: remove unused user accounts
2020-02-07 12:43 ` Jérémy ROSEN
@ 2020-02-07 12:52 ` Norbert Lange
2020-02-07 12:57 ` Jérémy ROSEN
0 siblings, 1 reply; 40+ messages in thread
From: Norbert Lange @ 2020-02-07 12:52 UTC (permalink / raw)
To: buildroot
I mean if you dont enable host target sysuser, systemd and other packages
might not install the config files (these are after all just used for
preparing a system).
if you for example enable journal-remote and not sysuser on the target, you
would need to enable journal-remote and sysuser on the host, then grab the
config files from the host.
Sure, everything can be solved somehow, but it would be easier to figure
out the correct way *before* someone begins hacking ( see
https://github.com/systemd/systemd/issues/14806 ).
For ex. you could always enable sysuser on the target and just offer an
option to remove those files in the rootfs image afterwards.
Norbert
Am Fr., 7. Feb. 2020 um 13:44 Uhr schrieb J?r?my ROSEN <
jeremy.rosen@smile.fr>:
> That's already in place. We already build host-systemd whenever we build
> systemd (host-sysuser is currently disabled but that's trivial to enable)
>
> It's just a question of doing it, really... and teaching mkusers a few
> trick to go with it
>
> Le ven. 7 f?vr. 2020 ? 13:41, Norbert Lange <nolange79@gmail.com> a
> ?crit :
>
>> Sure, but that could get tricky is you dont enable sysuser.d on the
>> target,
>> then you would need to grab the files from the host installation and use
>> similar build-options as the target.
>>
>> Some smart infrastructure work would be needed to not complicate things
>> between non-system, systemd with option x disabled,
>> and full systemd.
>>
>> Am Fr., 7. Feb. 2020 um 10:11 Uhr schrieb J?r?my ROSEN <
>> jeremy.rosen at smile.fr>:
>>
>>> Yes...
>>> Long term we should use systems-sysuser for that, so upstream trickles
>>> down automatically
>>>
>>> in the mean time,
>>>
>>> Reviewed-by: J?r?my Rosen <jeremy.rosen@smile.fr>
>>>
>>>
>>> Le jeu. 6 f?vr. 2020 ? 10:37, Norbert Lange <nolange79@gmail.com> a
>>> ?crit :
>>>
>>>> Since V235 the "gateway" and "upload" services use DynamicUsers,
>>>> requiring no entries in /etc/passwd.
>>>> This functionality requires option nss-systemd, which is always
>>>> enabled in buildroot.
>>>>
>>>> The "bus-proxy" user was removed in V230
>>>>
>>>> Signed-off-by: Norbert Lange <nolange79@gmail.com>
>>>> ---
>>>> package/systemd/systemd.mk | 3 ---
>>>> 1 file changed, 3 deletions(-)
>>>>
>>>> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
>>>> index a390cdd1a9..b46c4fd540 100644
>>>> --- a/package/systemd/systemd.mk
>>>> +++ b/package/systemd/systemd.mk
>>>> @@ -431,10 +431,7 @@ define SYSTEMD_USERS
>>>> - - systemd-journal -1 * - - - Journal
>>>> - - render -1 * - - - DRI rendering nodes
>>>> - - kvm -1 * - - - kvm nodes
>>>> - systemd-bus-proxy -1 systemd-bus-proxy -1 * - - - Proxy D-Bus
>>>> messages to/from a bus
>>>> - systemd-journal-gateway -1 systemd-journal-gateway -1 *
>>>> /var/log/journal - - Journal Gateway
>>>> systemd-journal-remote -1 systemd-journal-remote -1 *
>>>> /var/log/journal/remote - - Journal Remote
>>>> - systemd-journal-upload -1 systemd-journal-upload -1 * - - -
>>>> Journal Upload
>>>> $(SYSTEMD_COREDUMP_USER)
>>>> $(SYSTEMD_NETWORKD_USER)
>>>> $(SYSTEMD_RESOLVED_USER)
>>>> --
>>>> 2.24.1
>>>>
>>>> _______________________________________________
>>>> buildroot mailing list
>>>> buildroot at busybox.net
>>>> http://lists.busybox.net/mailman/listinfo/buildroot
>>>>
>>>
>>>
>>> --
>>> [image: SMILE] <http://www.smile.eu/>
>>>
>>> 20 rue des Jardins
>>> 92600 Asni?res-sur-Seine
>>> *J?r?my ROSEN*
>>> Architecte technique
>>>
>>> [image: email] jeremy.rosen at smile.fr
>>> [image: phone] +33 6 88 25 87 42
>>> [image: url] http://www.smile.eu
>>>
>>> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
>>> <https://www.facebook.com/smileopensource> [image: LinkedIn]
>>> <https://www.linkedin.com/company/smile> [image: Github]
>>> <https://github.com/Smile-SA>
>>>
>>> [image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
>>> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>>>
>>
>
> --
> [image: SMILE] <http://www.smile.eu/>
>
> 20 rue des Jardins
> 92600 Asni?res-sur-Seine
> *J?r?my ROSEN*
> Architecte technique
>
> [image: email] jeremy.rosen at smile.fr
> [image: phone] +33 6 88 25 87 42
> [image: url] http://www.smile.eu
>
> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
> <https://www.facebook.com/smileopensource> [image: LinkedIn]
> <https://www.linkedin.com/company/smile> [image: Github]
> <https://github.com/Smile-SA>
>
> [image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200207/1b3fde0a/attachment.html>
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 03/10] package/systemd: remove unused user accounts
2020-02-07 12:52 ` Norbert Lange
@ 2020-02-07 12:57 ` Jérémy ROSEN
2020-02-07 13:07 ` Norbert Lange
0 siblings, 1 reply; 40+ messages in thread
From: Jérémy ROSEN @ 2020-02-07 12:57 UTC (permalink / raw)
To: buildroot
Le ven. 7 f?vr. 2020 ? 13:52, Norbert Lange <nolange79@gmail.com> a ?crit :
>
> I mean if you dont enable host target sysuser, systemd and other packages
> might not install the config files (these are after all just used for
> preparing a system).
>
hmm... interesting point.
How can a package detect if sysuser is enabled ? is there a pkg-config
option for that ?
> if you for example enable journal-remote and not sysuser on the target,
> you would need to enable journal-remote and sysuser on the host, then grab
> the config files from the host.
>
> yes, I see your point
maybe it would be simpler to configure with sysuser both for target and
host and remove the binary from the target ?
Thinking out-lout at this point. I'm not sure if that's a good idea.
> Sure, everything can be solved somehow, but it would be easier to figure
> out the correct way *before* someone begins hacking ( see
> https://github.com/systemd/systemd/issues/14806 ).
>
> For ex. you could always enable sysuser on the target and just offer an
> option to remove those files in the rootfs image afterwards.
>
>
Right.... Those files never make sense on the target anyway.
Buildroot philosophy is that you can't install software after the fact on
the target and it's ok to remove tools that are only used to install stuff
after the fact
(that's why the rules files for hwdb are never on the target)
so in a way... we always need sysuser on the host and we never use it on
the target.
This all needs more thinking. but there is no emergency. that's for a
future patch.
Norbert
>
> Am Fr., 7. Feb. 2020 um 13:44 Uhr schrieb J?r?my ROSEN <
> jeremy.rosen at smile.fr>:
>
>> That's already in place. We already build host-systemd whenever we build
>> systemd (host-sysuser is currently disabled but that's trivial to enable)
>>
>> It's just a question of doing it, really... and teaching mkusers a few
>> trick to go with it
>>
>> Le ven. 7 f?vr. 2020 ? 13:41, Norbert Lange <nolange79@gmail.com> a
>> ?crit :
>>
>>> Sure, but that could get tricky is you dont enable sysuser.d on the
>>> target,
>>> then you would need to grab the files from the host installation and use
>>> similar build-options as the target.
>>>
>>> Some smart infrastructure work would be needed to not complicate things
>>> between non-system, systemd with option x disabled,
>>> and full systemd.
>>>
>>> Am Fr., 7. Feb. 2020 um 10:11 Uhr schrieb J?r?my ROSEN <
>>> jeremy.rosen at smile.fr>:
>>>
>>>> Yes...
>>>> Long term we should use systems-sysuser for that, so upstream trickles
>>>> down automatically
>>>>
>>>> in the mean time,
>>>>
>>>> Reviewed-by: J?r?my Rosen <jeremy.rosen@smile.fr>
>>>>
>>>>
>>>> Le jeu. 6 f?vr. 2020 ? 10:37, Norbert Lange <nolange79@gmail.com> a
>>>> ?crit :
>>>>
>>>>> Since V235 the "gateway" and "upload" services use DynamicUsers,
>>>>> requiring no entries in /etc/passwd.
>>>>> This functionality requires option nss-systemd, which is always
>>>>> enabled in buildroot.
>>>>>
>>>>> The "bus-proxy" user was removed in V230
>>>>>
>>>>> Signed-off-by: Norbert Lange <nolange79@gmail.com>
>>>>> ---
>>>>> package/systemd/systemd.mk | 3 ---
>>>>> 1 file changed, 3 deletions(-)
>>>>>
>>>>> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
>>>>> index a390cdd1a9..b46c4fd540 100644
>>>>> --- a/package/systemd/systemd.mk
>>>>> +++ b/package/systemd/systemd.mk
>>>>> @@ -431,10 +431,7 @@ define SYSTEMD_USERS
>>>>> - - systemd-journal -1 * - - - Journal
>>>>> - - render -1 * - - - DRI rendering nodes
>>>>> - - kvm -1 * - - - kvm nodes
>>>>> - systemd-bus-proxy -1 systemd-bus-proxy -1 * - - - Proxy D-Bus
>>>>> messages to/from a bus
>>>>> - systemd-journal-gateway -1 systemd-journal-gateway -1 *
>>>>> /var/log/journal - - Journal Gateway
>>>>> systemd-journal-remote -1 systemd-journal-remote -1 *
>>>>> /var/log/journal/remote - - Journal Remote
>>>>> - systemd-journal-upload -1 systemd-journal-upload -1 * - - -
>>>>> Journal Upload
>>>>> $(SYSTEMD_COREDUMP_USER)
>>>>> $(SYSTEMD_NETWORKD_USER)
>>>>> $(SYSTEMD_RESOLVED_USER)
>>>>> --
>>>>> 2.24.1
>>>>>
>>>>> _______________________________________________
>>>>> buildroot mailing list
>>>>> buildroot at busybox.net
>>>>> http://lists.busybox.net/mailman/listinfo/buildroot
>>>>>
>>>>
>>>>
>>>> --
>>>> [image: SMILE] <http://www.smile.eu/>
>>>>
>>>> 20 rue des Jardins
>>>> 92600 Asni?res-sur-Seine
>>>> *J?r?my ROSEN*
>>>> Architecte technique
>>>>
>>>> [image: email] jeremy.rosen at smile.fr
>>>> [image: phone] +33 6 88 25 87 42
>>>> [image: url] http://www.smile.eu
>>>>
>>>> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
>>>> <https://www.facebook.com/smileopensource> [image: LinkedIn]
>>>> <https://www.linkedin.com/company/smile> [image: Github]
>>>> <https://github.com/Smile-SA>
>>>>
>>>> [image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
>>>> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>>>>
>>>
>>
>> --
>> [image: SMILE] <http://www.smile.eu/>
>>
>> 20 rue des Jardins
>> 92600 Asni?res-sur-Seine
>> *J?r?my ROSEN*
>> Architecte technique
>>
>> [image: email] jeremy.rosen at smile.fr
>> [image: phone] +33 6 88 25 87 42
>> [image: url] http://www.smile.eu
>>
>> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
>> <https://www.facebook.com/smileopensource> [image: LinkedIn]
>> <https://www.linkedin.com/company/smile> [image: Github]
>> <https://github.com/Smile-SA>
>>
>> [image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
>> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>>
>
--
[image: SMILE] <http://www.smile.eu/>
20 rue des Jardins
92600 Asni?res-sur-Seine
*J?r?my ROSEN*
Architecte technique
[image: email] jeremy.rosen at smile.fr
[image: phone] +33 6 88 25 87 42
[image: url] http://www.smile.eu
[image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
<https://www.facebook.com/smileopensource> [image: LinkedIn]
<https://www.linkedin.com/company/smile> [image: Github]
<https://github.com/Smile-SA>
[image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
<https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200207/86f4f707/attachment.html>
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 03/10] package/systemd: remove unused user accounts
2020-02-07 12:57 ` Jérémy ROSEN
@ 2020-02-07 13:07 ` Norbert Lange
0 siblings, 0 replies; 40+ messages in thread
From: Norbert Lange @ 2020-02-07 13:07 UTC (permalink / raw)
To: buildroot
Am Fr., 7. Feb. 2020 um 13:58 Uhr schrieb J?r?my ROSEN <
jeremy.rosen@smile.fr>:
>
>
> Le ven. 7 f?vr. 2020 ? 13:52, Norbert Lange <nolange79@gmail.com> a
> ?crit :
>
>>
>> I mean if you dont enable host target sysuser, systemd and other packages
>> might not install the config files (these are after all just used for
>> preparing a system).
>>
>
> hmm... interesting point.
> How can a package detect if sysuser is enabled ? is there a pkg-config
> option for that ?
>
No idea, its a recent addition so that's a hypothetical, its however
already true for systemd.
You could for ex. write checks for folders or the sysuser utility.
>
>
>
>> if you for example enable journal-remote and not sysuser on the target,
>> you would need to enable journal-remote and sysuser on the host, then grab
>> the config files from the host.
>>
>> yes, I see your point
> maybe it would be simpler to configure with sysuser both for target and
> host and remove the binary from the target ?
>
> Thinking out-lout at this point. I'm not sure if that's a good idea.
>
I think that's actually the best way. run the tool, then remove the folders
and the tool from the target.
Think of an overlayfs that defines users with sysuser configs and the
folders/files/permissions with tmpfiles configs.
>
>
>
>> Sure, everything can be solved somehow, but it would be easier to figure
>> out the correct way *before* someone begins hacking ( see
>> https://github.com/systemd/systemd/issues/14806 ).
>>
>> For ex. you could always enable sysuser on the target and just offer an
>> option to remove those files in the rootfs image afterwards.
>>
>>
> Right.... Those files never make sense on the target anyway.
> Buildroot philosophy is that you can't install software after the fact on
> the target and it's ok to remove tools that are only used to install stuff
> after the fact
> (that's why the rules files for hwdb are never on the target)
>
> so in a way... we always need sysuser on the host and we never use it on
> the target.
> This all needs more thinking. but there is no emergency. that's for a
> future patch.
>
The guy in the bug report supposedly (plans to) work on it. From
experience, iterations on this list can take a long time.
>
>
> Norbert
>>
>> Am Fr., 7. Feb. 2020 um 13:44 Uhr schrieb J?r?my ROSEN <
>> jeremy.rosen at smile.fr>:
>>
>>> That's already in place. We already build host-systemd whenever we build
>>> systemd (host-sysuser is currently disabled but that's trivial to enable)
>>>
>>> It's just a question of doing it, really... and teaching mkusers a few
>>> trick to go with it
>>>
>>> Le ven. 7 f?vr. 2020 ? 13:41, Norbert Lange <nolange79@gmail.com> a
>>> ?crit :
>>>
>>>> Sure, but that could get tricky is you dont enable sysuser.d on the
>>>> target,
>>>> then you would need to grab the files from the host installation and
>>>> use similar build-options as the target.
>>>>
>>>> Some smart infrastructure work would be needed to not complicate things
>>>> between non-system, systemd with option x disabled,
>>>> and full systemd.
>>>>
>>>> Am Fr., 7. Feb. 2020 um 10:11 Uhr schrieb J?r?my ROSEN <
>>>> jeremy.rosen at smile.fr>:
>>>>
>>>>> Yes...
>>>>> Long term we should use systems-sysuser for that, so upstream trickles
>>>>> down automatically
>>>>>
>>>>> in the mean time,
>>>>>
>>>>> Reviewed-by: J?r?my Rosen <jeremy.rosen@smile.fr>
>>>>>
>>>>>
>>>>> Le jeu. 6 f?vr. 2020 ? 10:37, Norbert Lange <nolange79@gmail.com> a
>>>>> ?crit :
>>>>>
>>>>>> Since V235 the "gateway" and "upload" services use DynamicUsers,
>>>>>> requiring no entries in /etc/passwd.
>>>>>> This functionality requires option nss-systemd, which is always
>>>>>> enabled in buildroot.
>>>>>>
>>>>>> The "bus-proxy" user was removed in V230
>>>>>>
>>>>>> Signed-off-by: Norbert Lange <nolange79@gmail.com>
>>>>>> ---
>>>>>> package/systemd/systemd.mk | 3 ---
>>>>>> 1 file changed, 3 deletions(-)
>>>>>>
>>>>>> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
>>>>>> index a390cdd1a9..b46c4fd540 100644
>>>>>> --- a/package/systemd/systemd.mk
>>>>>> +++ b/package/systemd/systemd.mk
>>>>>> @@ -431,10 +431,7 @@ define SYSTEMD_USERS
>>>>>> - - systemd-journal -1 * - - - Journal
>>>>>> - - render -1 * - - - DRI rendering nodes
>>>>>> - - kvm -1 * - - - kvm nodes
>>>>>> - systemd-bus-proxy -1 systemd-bus-proxy -1 * - - - Proxy D-Bus
>>>>>> messages to/from a bus
>>>>>> - systemd-journal-gateway -1 systemd-journal-gateway -1 *
>>>>>> /var/log/journal - - Journal Gateway
>>>>>> systemd-journal-remote -1 systemd-journal-remote -1 *
>>>>>> /var/log/journal/remote - - Journal Remote
>>>>>> - systemd-journal-upload -1 systemd-journal-upload -1 * - - -
>>>>>> Journal Upload
>>>>>> $(SYSTEMD_COREDUMP_USER)
>>>>>> $(SYSTEMD_NETWORKD_USER)
>>>>>> $(SYSTEMD_RESOLVED_USER)
>>>>>> --
>>>>>> 2.24.1
>>>>>>
>>>>>> _______________________________________________
>>>>>> buildroot mailing list
>>>>>> buildroot at busybox.net
>>>>>> http://lists.busybox.net/mailman/listinfo/buildroot
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> [image: SMILE] <http://www.smile.eu/>
>>>>>
>>>>> 20 rue des Jardins
>>>>> 92600 Asni?res-sur-Seine
>>>>> *J?r?my ROSEN*
>>>>> Architecte technique
>>>>>
>>>>> [image: email] jeremy.rosen at smile.fr
>>>>> [image: phone] +33 6 88 25 87 42
>>>>> [image: url] http://www.smile.eu
>>>>>
>>>>> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
>>>>> <https://www.facebook.com/smileopensource> [image: LinkedIn]
>>>>> <https://www.linkedin.com/company/smile> [image: Github]
>>>>> <https://github.com/Smile-SA>
>>>>>
>>>>> [image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
>>>>> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>>>>>
>>>>
>>>
>>> --
>>> [image: SMILE] <http://www.smile.eu/>
>>>
>>> 20 rue des Jardins
>>> 92600 Asni?res-sur-Seine
>>> *J?r?my ROSEN*
>>> Architecte technique
>>>
>>> [image: email] jeremy.rosen at smile.fr
>>> [image: phone] +33 6 88 25 87 42
>>> [image: url] http://www.smile.eu
>>>
>>> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
>>> <https://www.facebook.com/smileopensource> [image: LinkedIn]
>>> <https://www.linkedin.com/company/smile> [image: Github]
>>> <https://github.com/Smile-SA>
>>>
>>> [image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
>>> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>>>
>>
>
> --
> [image: SMILE] <http://www.smile.eu/>
>
> 20 rue des Jardins
> 92600 Asni?res-sur-Seine
> *J?r?my ROSEN*
> Architecte technique
>
> [image: email] jeremy.rosen at smile.fr
> [image: phone] +33 6 88 25 87 42
> [image: url] http://www.smile.eu
>
> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
> <https://www.facebook.com/smileopensource> [image: LinkedIn]
> <https://www.linkedin.com/company/smile> [image: Github]
> <https://github.com/Smile-SA>
>
> [image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200207/218cc83a/attachment.html>
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 04/10] package/systemd: create "remote" user if the feature is enabled
2020-02-06 9:36 [Buildroot] [PATCH 00/10] Improvements to systemd Norbert Lange
` (2 preceding siblings ...)
2020-02-06 9:36 ` [Buildroot] [PATCH 03/10] package/systemd: remove unused user accounts Norbert Lange
@ 2020-02-06 9:36 ` Norbert Lange
2020-02-07 9:11 ` Jérémy ROSEN
2020-02-06 9:36 ` [Buildroot] [PATCH 05/10] package/systemd: cosmetic rearrange list of users Norbert Lange
` (5 subsequent siblings)
9 siblings, 1 reply; 40+ messages in thread
From: Norbert Lange @ 2020-02-06 9:36 UTC (permalink / raw)
To: buildroot
Signed-off-by: Norbert Lange <nolange79@gmail.com>
---
package/systemd/systemd.mk | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
index b46c4fd540..b3e83b5d3b 100644
--- a/package/systemd/systemd.mk
+++ b/package/systemd/systemd.mk
@@ -181,6 +181,7 @@ endif
ifeq ($(BR2_PACKAGE_SYSTEMD_JOURNAL_REMOTE),y)
SYSTEMD_CONF_OPTS += -Dremote=true
+SYSTEMD_REMOTE_USER = systemd-journal-remote -1 systemd-journal-remote -1 * /var/log/journal/remote - - Journal Remote
else
SYSTEMD_CONF_OPTS += -Dremote=false
endif
@@ -431,7 +432,7 @@ define SYSTEMD_USERS
- - systemd-journal -1 * - - - Journal
- - render -1 * - - - DRI rendering nodes
- - kvm -1 * - - - kvm nodes
- systemd-journal-remote -1 systemd-journal-remote -1 * /var/log/journal/remote - - Journal Remote
+ $(SYSTEMD_REMOTE_USER)
$(SYSTEMD_COREDUMP_USER)
$(SYSTEMD_NETWORKD_USER)
$(SYSTEMD_RESOLVED_USER)
--
2.24.1
^ permalink raw reply related [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 04/10] package/systemd: create "remote" user if the feature is enabled
2020-02-06 9:36 ` [Buildroot] [PATCH 04/10] package/systemd: create "remote" user if the feature is enabled Norbert Lange
@ 2020-02-07 9:11 ` Jérémy ROSEN
0 siblings, 0 replies; 40+ messages in thread
From: Jérémy ROSEN @ 2020-02-07 9:11 UTC (permalink / raw)
To: buildroot
Reviewed-by: J?r?my Rosen <jeremy.rosen@smile.fr>
Le jeu. 6 f?vr. 2020 ? 10:37, Norbert Lange <nolange79@gmail.com> a ?crit :
> Signed-off-by: Norbert Lange <nolange79@gmail.com>
> ---
> package/systemd/systemd.mk | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
> index b46c4fd540..b3e83b5d3b 100644
> --- a/package/systemd/systemd.mk
> +++ b/package/systemd/systemd.mk
> @@ -181,6 +181,7 @@ endif
>
> ifeq ($(BR2_PACKAGE_SYSTEMD_JOURNAL_REMOTE),y)
> SYSTEMD_CONF_OPTS += -Dremote=true
> +SYSTEMD_REMOTE_USER = systemd-journal-remote -1 systemd-journal-remote -1
> * /var/log/journal/remote - - Journal Remote
> else
> SYSTEMD_CONF_OPTS += -Dremote=false
> endif
> @@ -431,7 +432,7 @@ define SYSTEMD_USERS
> - - systemd-journal -1 * - - - Journal
> - - render -1 * - - - DRI rendering nodes
> - - kvm -1 * - - - kvm nodes
> - systemd-journal-remote -1 systemd-journal-remote -1 *
> /var/log/journal/remote - - Journal Remote
> + $(SYSTEMD_REMOTE_USER)
> $(SYSTEMD_COREDUMP_USER)
> $(SYSTEMD_NETWORKD_USER)
> $(SYSTEMD_RESOLVED_USER)
> --
> 2.24.1
>
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot
>
--
[image: SMILE] <http://www.smile.eu/>
20 rue des Jardins
92600 Asni?res-sur-Seine
*J?r?my ROSEN*
Architecte technique
[image: email] jeremy.rosen at smile.fr
[image: phone] +33 6 88 25 87 42
[image: url] http://www.smile.eu
[image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
<https://www.facebook.com/smileopensource> [image: LinkedIn]
<https://www.linkedin.com/company/smile> [image: Github]
<https://github.com/Smile-SA>
[image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
<https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200207/241524fe/attachment.html>
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 05/10] package/systemd: cosmetic rearrange list of users
2020-02-06 9:36 [Buildroot] [PATCH 00/10] Improvements to systemd Norbert Lange
` (3 preceding siblings ...)
2020-02-06 9:36 ` [Buildroot] [PATCH 04/10] package/systemd: create "remote" user if the feature is enabled Norbert Lange
@ 2020-02-06 9:36 ` Norbert Lange
2020-02-07 9:13 ` Jérémy ROSEN
2020-02-06 9:36 ` [Buildroot] [PATCH 06/10] package/systemd: sync user comments to upstream Norbert Lange
` (4 subsequent siblings)
9 siblings, 1 reply; 40+ messages in thread
From: Norbert Lange @ 2020-02-06 9:36 UTC (permalink / raw)
To: buildroot
Signed-off-by: Norbert Lange <nolange79@gmail.com>
---
package/systemd/systemd.mk | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
index b3e83b5d3b..b6bd85f130 100644
--- a/package/systemd/systemd.mk
+++ b/package/systemd/systemd.mk
@@ -428,10 +428,12 @@ define SYSTEMD_INSTALL_IMAGES_CMDS
endef
define SYSTEMD_USERS
+ # udev user groups
- - input -1 * - - - Input device group
- - - systemd-journal -1 * - - - Journal
- - render -1 * - - - DRI rendering nodes
- - kvm -1 * - - - kvm nodes
+ # systemd user groups
+ - - systemd-journal -1 * - - - Journal
$(SYSTEMD_REMOTE_USER)
$(SYSTEMD_COREDUMP_USER)
$(SYSTEMD_NETWORKD_USER)
--
2.24.1
^ permalink raw reply related [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 05/10] package/systemd: cosmetic rearrange list of users
2020-02-06 9:36 ` [Buildroot] [PATCH 05/10] package/systemd: cosmetic rearrange list of users Norbert Lange
@ 2020-02-07 9:13 ` Jérémy ROSEN
2020-02-07 12:47 ` Norbert Lange
0 siblings, 1 reply; 40+ messages in thread
From: Jérémy ROSEN @ 2020-02-07 9:13 UTC (permalink / raw)
To: buildroot
could you add a line pointing to the corresponding file in systemd's source
code (i.e the sysuser file from upstream)
that would help future reviewers
apart from that
Reviewed-by: J?r?my Rosen <jeremy.rosen@smile.fr>
Le jeu. 6 f?vr. 2020 ? 10:37, Norbert Lange <nolange79@gmail.com> a ?crit :
> Signed-off-by: Norbert Lange <nolange79@gmail.com>
> ---
> package/systemd/systemd.mk | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
> index b3e83b5d3b..b6bd85f130 100644
> --- a/package/systemd/systemd.mk
> +++ b/package/systemd/systemd.mk
> @@ -428,10 +428,12 @@ define SYSTEMD_INSTALL_IMAGES_CMDS
> endef
>
> define SYSTEMD_USERS
> + # udev user groups
> - - input -1 * - - - Input device group
> - - - systemd-journal -1 * - - - Journal
> - - render -1 * - - - DRI rendering nodes
> - - kvm -1 * - - - kvm nodes
> + # systemd user groups
> + - - systemd-journal -1 * - - - Journal
> $(SYSTEMD_REMOTE_USER)
> $(SYSTEMD_COREDUMP_USER)
> $(SYSTEMD_NETWORKD_USER)
> --
> 2.24.1
>
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot
>
--
[image: SMILE] <http://www.smile.eu/>
20 rue des Jardins
92600 Asni?res-sur-Seine
*J?r?my ROSEN*
Architecte technique
[image: email] jeremy.rosen at smile.fr
[image: phone] +33 6 88 25 87 42
[image: url] http://www.smile.eu
[image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
<https://www.facebook.com/smileopensource> [image: LinkedIn]
<https://www.linkedin.com/company/smile> [image: Github]
<https://github.com/Smile-SA>
[image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
<https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200207/2efa99e0/attachment.html>
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 05/10] package/systemd: cosmetic rearrange list of users
2020-02-07 9:13 ` Jérémy ROSEN
@ 2020-02-07 12:47 ` Norbert Lange
2020-02-07 12:53 ` Jérémy ROSEN
0 siblings, 1 reply; 40+ messages in thread
From: Norbert Lange @ 2020-02-07 12:47 UTC (permalink / raw)
To: buildroot
Not sure if you meant to reply to patch #6 instead.
The main reference is the README, and the templates in sysusers.d.
You want me to add this as comment in the .mk file if I understood
correctly?
Also I am not sure why those users/groups aren't already in the systemd
skeleton.
Should I post just an amended Patch #5 or wait a while to redo the series
once I got feedback for the rest?
Am Fr., 7. Feb. 2020 um 10:13 Uhr schrieb J?r?my ROSEN <
jeremy.rosen@smile.fr>:
> could you add a line pointing to the corresponding file in
> systemd's source code (i.e the sysuser file from upstream)
> that would help future reviewers
>
> apart from that
>
> Reviewed-by: J?r?my Rosen <jeremy.rosen@smile.fr>
>
> Le jeu. 6 f?vr. 2020 ? 10:37, Norbert Lange <nolange79@gmail.com> a
> ?crit :
>
>> Signed-off-by: Norbert Lange <nolange79@gmail.com>
>> ---
>> package/systemd/systemd.mk | 4 +++-
>> 1 file changed, 3 insertions(+), 1 deletion(-)
>>
>> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
>> index b3e83b5d3b..b6bd85f130 100644
>> --- a/package/systemd/systemd.mk
>> +++ b/package/systemd/systemd.mk
>> @@ -428,10 +428,12 @@ define SYSTEMD_INSTALL_IMAGES_CMDS
>> endef
>>
>> define SYSTEMD_USERS
>> + # udev user groups
>> - - input -1 * - - - Input device group
>> - - - systemd-journal -1 * - - - Journal
>> - - render -1 * - - - DRI rendering nodes
>> - - kvm -1 * - - - kvm nodes
>> + # systemd user groups
>> + - - systemd-journal -1 * - - - Journal
>> $(SYSTEMD_REMOTE_USER)
>> $(SYSTEMD_COREDUMP_USER)
>> $(SYSTEMD_NETWORKD_USER)
>> --
>> 2.24.1
>>
>> _______________________________________________
>> buildroot mailing list
>> buildroot at busybox.net
>> http://lists.busybox.net/mailman/listinfo/buildroot
>>
>
>
> --
> [image: SMILE] <http://www.smile.eu/>
>
> 20 rue des Jardins
> 92600 Asni?res-sur-Seine
> *J?r?my ROSEN*
> Architecte technique
>
> [image: email] jeremy.rosen at smile.fr
> [image: phone] +33 6 88 25 87 42
> [image: url] http://www.smile.eu
>
> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
> <https://www.facebook.com/smileopensource> [image: LinkedIn]
> <https://www.linkedin.com/company/smile> [image: Github]
> <https://github.com/Smile-SA>
>
> [image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200207/11bea59e/attachment.html>
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 05/10] package/systemd: cosmetic rearrange list of users
2020-02-07 12:47 ` Norbert Lange
@ 2020-02-07 12:53 ` Jérémy ROSEN
2020-02-07 12:59 ` Norbert Lange
0 siblings, 1 reply; 40+ messages in thread
From: Jérémy ROSEN @ 2020-02-07 12:53 UTC (permalink / raw)
To: buildroot
Le ven. 7 f?vr. 2020 ? 13:47, Norbert Lange <nolange79@gmail.com> a ?crit :
> Not sure if you meant to reply to patch #6 instead.
>
> maybe :P
> The main reference is the README, and the templates in sysusers.d.
> You want me to add this as comment in the .mk file if I understood
> correctly?
>
> That's very minor... I meant pointing to the sysusers.d files so someone
that doesn't know systemd as well can check that nothing has changed
> Also I am not sure why those users/groups aren't already in the systemd
> skeleton.
>
> That's a pretty good question. Also, since they are created by
mkusers they have a UID > 1000 that confuses journald.
(they get their own journal files, as if they were normal users, instead of
being logged only in the system journals)
> Should I post just an amended Patch #5 or wait a while to redo the series
> once I got feedback for the rest?
>
> Wait for more feedback, that's too minor to have you respin just for that.
Cheers
Jeremy
> Am Fr., 7. Feb. 2020 um 10:13 Uhr schrieb J?r?my ROSEN <
> jeremy.rosen at smile.fr>:
>
>> could you add a line pointing to the corresponding file in
>> systemd's source code (i.e the sysuser file from upstream)
>> that would help future reviewers
>>
>> apart from that
>>
>> Reviewed-by: J?r?my Rosen <jeremy.rosen@smile.fr>
>>
>> Le jeu. 6 f?vr. 2020 ? 10:37, Norbert Lange <nolange79@gmail.com> a
>> ?crit :
>>
>>> Signed-off-by: Norbert Lange <nolange79@gmail.com>
>>> ---
>>> package/systemd/systemd.mk | 4 +++-
>>> 1 file changed, 3 insertions(+), 1 deletion(-)
>>>
>>> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
>>> index b3e83b5d3b..b6bd85f130 100644
>>> --- a/package/systemd/systemd.mk
>>> +++ b/package/systemd/systemd.mk
>>> @@ -428,10 +428,12 @@ define SYSTEMD_INSTALL_IMAGES_CMDS
>>> endef
>>>
>>> define SYSTEMD_USERS
>>> + # udev user groups
>>> - - input -1 * - - - Input device group
>>> - - - systemd-journal -1 * - - - Journal
>>> - - render -1 * - - - DRI rendering nodes
>>> - - kvm -1 * - - - kvm nodes
>>> + # systemd user groups
>>> + - - systemd-journal -1 * - - - Journal
>>> $(SYSTEMD_REMOTE_USER)
>>> $(SYSTEMD_COREDUMP_USER)
>>> $(SYSTEMD_NETWORKD_USER)
>>> --
>>> 2.24.1
>>>
>>> _______________________________________________
>>> buildroot mailing list
>>> buildroot at busybox.net
>>> http://lists.busybox.net/mailman/listinfo/buildroot
>>>
>>
>>
>> --
>> [image: SMILE] <http://www.smile.eu/>
>>
>> 20 rue des Jardins
>> 92600 Asni?res-sur-Seine
>> *J?r?my ROSEN*
>> Architecte technique
>>
>> [image: email] jeremy.rosen at smile.fr
>> [image: phone] +33 6 88 25 87 42
>> [image: url] http://www.smile.eu
>>
>> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
>> <https://www.facebook.com/smileopensource> [image: LinkedIn]
>> <https://www.linkedin.com/company/smile> [image: Github]
>> <https://github.com/Smile-SA>
>>
>> [image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
>> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>>
>
--
[image: SMILE] <http://www.smile.eu/>
20 rue des Jardins
92600 Asni?res-sur-Seine
*J?r?my ROSEN*
Architecte technique
[image: email] jeremy.rosen at smile.fr
[image: phone] +33 6 88 25 87 42
[image: url] http://www.smile.eu
[image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
<https://www.facebook.com/smileopensource> [image: LinkedIn]
<https://www.linkedin.com/company/smile> [image: Github]
<https://github.com/Smile-SA>
[image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
<https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200207/1cf7dd76/attachment.html>
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 05/10] package/systemd: cosmetic rearrange list of users
2020-02-07 12:53 ` Jérémy ROSEN
@ 2020-02-07 12:59 ` Norbert Lange
2020-02-07 13:07 ` Jérémy ROSEN
0 siblings, 1 reply; 40+ messages in thread
From: Norbert Lange @ 2020-02-07 12:59 UTC (permalink / raw)
To: buildroot
mkuser creating users by default if a Bug IMHO, the only non-system users
are those
that are explicitly defined.
Did not know journald acts differently based on UIDs btw.
I posted a patch to allow creating system users, but that would require
changing *every*
package adding users.
https://patchwork.ozlabs.org/patch/1222180/
Norbert
Am Fr., 7. Feb. 2020 um 13:53 Uhr schrieb J?r?my ROSEN <
jeremy.rosen@smile.fr>:
>
>
> Le ven. 7 f?vr. 2020 ? 13:47, Norbert Lange <nolange79@gmail.com> a
> ?crit :
>
>> Not sure if you meant to reply to patch #6 instead.
>>
>> maybe :P
>
>
>> The main reference is the README, and the templates in sysusers.d.
>> You want me to add this as comment in the .mk file if I understood
>> correctly?
>>
>> That's very minor... I meant pointing to the sysusers.d files so someone
> that doesn't know systemd as well can check that nothing has changed
>
>
>> Also I am not sure why those users/groups aren't already in the systemd
>> skeleton.
>>
>> That's a pretty good question. Also, since they are created by
> mkusers they have a UID > 1000 that confuses journald.
> (they get their own journal files, as if they were normal users, instead
> of being logged only in the system journals)
>
>
>> Should I post just an amended Patch #5 or wait a while to redo the series
>> once I got feedback for the rest?
>>
>> Wait for more feedback, that's too minor to have you respin just for that.
>
> Cheers
> Jeremy
>
>
>> Am Fr., 7. Feb. 2020 um 10:13 Uhr schrieb J?r?my ROSEN <
>> jeremy.rosen at smile.fr>:
>>
>>> could you add a line pointing to the corresponding file in
>>> systemd's source code (i.e the sysuser file from upstream)
>>> that would help future reviewers
>>>
>>> apart from that
>>>
>>> Reviewed-by: J?r?my Rosen <jeremy.rosen@smile.fr>
>>>
>>> Le jeu. 6 f?vr. 2020 ? 10:37, Norbert Lange <nolange79@gmail.com> a
>>> ?crit :
>>>
>>>> Signed-off-by: Norbert Lange <nolange79@gmail.com>
>>>> ---
>>>> package/systemd/systemd.mk | 4 +++-
>>>> 1 file changed, 3 insertions(+), 1 deletion(-)
>>>>
>>>> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
>>>> index b3e83b5d3b..b6bd85f130 100644
>>>> --- a/package/systemd/systemd.mk
>>>> +++ b/package/systemd/systemd.mk
>>>> @@ -428,10 +428,12 @@ define SYSTEMD_INSTALL_IMAGES_CMDS
>>>> endef
>>>>
>>>> define SYSTEMD_USERS
>>>> + # udev user groups
>>>> - - input -1 * - - - Input device group
>>>> - - - systemd-journal -1 * - - - Journal
>>>> - - render -1 * - - - DRI rendering nodes
>>>> - - kvm -1 * - - - kvm nodes
>>>> + # systemd user groups
>>>> + - - systemd-journal -1 * - - - Journal
>>>> $(SYSTEMD_REMOTE_USER)
>>>> $(SYSTEMD_COREDUMP_USER)
>>>> $(SYSTEMD_NETWORKD_USER)
>>>> --
>>>> 2.24.1
>>>>
>>>> _______________________________________________
>>>> buildroot mailing list
>>>> buildroot at busybox.net
>>>> http://lists.busybox.net/mailman/listinfo/buildroot
>>>>
>>>
>>>
>>> --
>>> [image: SMILE] <http://www.smile.eu/>
>>>
>>> 20 rue des Jardins
>>> 92600 Asni?res-sur-Seine
>>> *J?r?my ROSEN*
>>> Architecte technique
>>>
>>> [image: email] jeremy.rosen at smile.fr
>>> [image: phone] +33 6 88 25 87 42
>>> [image: url] http://www.smile.eu
>>>
>>> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
>>> <https://www.facebook.com/smileopensource> [image: LinkedIn]
>>> <https://www.linkedin.com/company/smile> [image: Github]
>>> <https://github.com/Smile-SA>
>>>
>>> [image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
>>> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>>>
>>
>
> --
> [image: SMILE] <http://www.smile.eu/>
>
> 20 rue des Jardins
> 92600 Asni?res-sur-Seine
> *J?r?my ROSEN*
> Architecte technique
>
> [image: email] jeremy.rosen at smile.fr
> [image: phone] +33 6 88 25 87 42
> [image: url] http://www.smile.eu
>
> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
> <https://www.facebook.com/smileopensource> [image: LinkedIn]
> <https://www.linkedin.com/company/smile> [image: Github]
> <https://github.com/Smile-SA>
>
> [image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200207/cbb6856d/attachment.html>
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 05/10] package/systemd: cosmetic rearrange list of users
2020-02-07 12:59 ` Norbert Lange
@ 2020-02-07 13:07 ` Jérémy ROSEN
2020-02-07 13:11 ` Norbert Lange
0 siblings, 1 reply; 40+ messages in thread
From: Jérémy ROSEN @ 2020-02-07 13:07 UTC (permalink / raw)
To: buildroot
Le ven. 7 f?vr. 2020 ? 13:59, Norbert Lange <nolange79@gmail.com> a ?crit :
> mkuser creating users by default if a Bug IMHO, the only non-system users
> are those
>
that are explicitly defined.
>
Agreed. I'm already working on that. Patch to follow soon
> Did not know journald acts differently based on UIDs btw.
>
>
It's linked to the "per-user journal" feature. That feature is only active
for UID > 1000 (or wherever the system/human UID split is configured
but 1000 is the recommanded default and what buildroot uses)
I posted a patch to allow creating system users, but that would require
changing *every*
> package adding users.
> https://patchwork.ozlabs.org/patch/1222180/
>
> Ok, I missed that patch (and reimplemented it :( my bad)
I'm in the process of changing every package, it's just a tedious grep
work, but it needs to be done.
> Norbert
>
> Am Fr., 7. Feb. 2020 um 13:53 Uhr schrieb J?r?my ROSEN <
> jeremy.rosen at smile.fr>:
>
>>
>>
>> Le ven. 7 f?vr. 2020 ? 13:47, Norbert Lange <nolange79@gmail.com> a
>> ?crit :
>>
>>> Not sure if you meant to reply to patch #6 instead.
>>>
>>> maybe :P
>>
>>
>>> The main reference is the README, and the templates in sysusers.d.
>>> You want me to add this as comment in the .mk file if I understood
>>> correctly?
>>>
>>> That's very minor... I meant pointing to the sysusers.d files so someone
>> that doesn't know systemd as well can check that nothing has changed
>>
>>
>>> Also I am not sure why those users/groups aren't already in the systemd
>>> skeleton.
>>>
>>> That's a pretty good question. Also, since they are created by
>> mkusers they have a UID > 1000 that confuses journald.
>> (they get their own journal files, as if they were normal users, instead
>> of being logged only in the system journals)
>>
>>
>>> Should I post just an amended Patch #5 or wait a while to redo the
>>> series once I got feedback for the rest?
>>>
>>> Wait for more feedback, that's too minor to have you respin just for
>> that.
>>
>> Cheers
>> Jeremy
>>
>>
>>> Am Fr., 7. Feb. 2020 um 10:13 Uhr schrieb J?r?my ROSEN <
>>> jeremy.rosen at smile.fr>:
>>>
>>>> could you add a line pointing to the corresponding file in
>>>> systemd's source code (i.e the sysuser file from upstream)
>>>> that would help future reviewers
>>>>
>>>> apart from that
>>>>
>>>> Reviewed-by: J?r?my Rosen <jeremy.rosen@smile.fr>
>>>>
>>>> Le jeu. 6 f?vr. 2020 ? 10:37, Norbert Lange <nolange79@gmail.com> a
>>>> ?crit :
>>>>
>>>>> Signed-off-by: Norbert Lange <nolange79@gmail.com>
>>>>> ---
>>>>> package/systemd/systemd.mk | 4 +++-
>>>>> 1 file changed, 3 insertions(+), 1 deletion(-)
>>>>>
>>>>> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
>>>>> index b3e83b5d3b..b6bd85f130 100644
>>>>> --- a/package/systemd/systemd.mk
>>>>> +++ b/package/systemd/systemd.mk
>>>>> @@ -428,10 +428,12 @@ define SYSTEMD_INSTALL_IMAGES_CMDS
>>>>> endef
>>>>>
>>>>> define SYSTEMD_USERS
>>>>> + # udev user groups
>>>>> - - input -1 * - - - Input device group
>>>>> - - - systemd-journal -1 * - - - Journal
>>>>> - - render -1 * - - - DRI rendering nodes
>>>>> - - kvm -1 * - - - kvm nodes
>>>>> + # systemd user groups
>>>>> + - - systemd-journal -1 * - - - Journal
>>>>> $(SYSTEMD_REMOTE_USER)
>>>>> $(SYSTEMD_COREDUMP_USER)
>>>>> $(SYSTEMD_NETWORKD_USER)
>>>>> --
>>>>> 2.24.1
>>>>>
>>>>> _______________________________________________
>>>>> buildroot mailing list
>>>>> buildroot at busybox.net
>>>>> http://lists.busybox.net/mailman/listinfo/buildroot
>>>>>
>>>>
>>>>
>>>> --
>>>> [image: SMILE] <http://www.smile.eu/>
>>>>
>>>> 20 rue des Jardins
>>>> 92600 Asni?res-sur-Seine
>>>> *J?r?my ROSEN*
>>>> Architecte technique
>>>>
>>>> [image: email] jeremy.rosen at smile.fr
>>>> [image: phone] +33 6 88 25 87 42
>>>> [image: url] http://www.smile.eu
>>>>
>>>> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
>>>> <https://www.facebook.com/smileopensource> [image: LinkedIn]
>>>> <https://www.linkedin.com/company/smile> [image: Github]
>>>> <https://github.com/Smile-SA>
>>>>
>>>> [image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
>>>> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>>>>
>>>
>>
>> --
>> [image: SMILE] <http://www.smile.eu/>
>>
>> 20 rue des Jardins
>> 92600 Asni?res-sur-Seine
>> *J?r?my ROSEN*
>> Architecte technique
>>
>> [image: email] jeremy.rosen at smile.fr
>> [image: phone] +33 6 88 25 87 42
>> [image: url] http://www.smile.eu
>>
>> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
>> <https://www.facebook.com/smileopensource> [image: LinkedIn]
>> <https://www.linkedin.com/company/smile> [image: Github]
>> <https://github.com/Smile-SA>
>>
>> [image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
>> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>>
>
--
[image: SMILE] <http://www.smile.eu/>
20 rue des Jardins
92600 Asni?res-sur-Seine
*J?r?my ROSEN*
Architecte technique
[image: email] jeremy.rosen at smile.fr
[image: phone] +33 6 88 25 87 42
[image: url] http://www.smile.eu
[image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
<https://www.facebook.com/smileopensource> [image: LinkedIn]
<https://www.linkedin.com/company/smile> [image: Github]
<https://github.com/Smile-SA>
[image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
<https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200207/b7020ed4/attachment.html>
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 05/10] package/systemd: cosmetic rearrange list of users
2020-02-07 13:07 ` Jérémy ROSEN
@ 2020-02-07 13:11 ` Norbert Lange
2020-02-07 13:22 ` Jérémy ROSEN
0 siblings, 1 reply; 40+ messages in thread
From: Norbert Lange @ 2020-02-07 13:11 UTC (permalink / raw)
To: buildroot
Am Fr., 7. Feb. 2020 um 14:07 Uhr schrieb J?r?my ROSEN <
jeremy.rosen@smile.fr>:
>
>
> Le ven. 7 f?vr. 2020 ? 13:59, Norbert Lange <nolange79@gmail.com> a
> ?crit :
>
>> mkuser creating users by default if a Bug IMHO, the only non-system users
>> are those
>>
> that are explicitly defined.
>>
>
> Agreed. I'm already working on that. Patch to follow soon
>
>
>> Did not know journald acts differently based on UIDs btw.
>>
>>
> It's linked to the "per-user journal" feature. That feature is only active
> for UID > 1000 (or wherever the system/human UID split is configured
> but 1000 is the recommanded default and what buildroot uses)
>
> I posted a patch to allow creating system users, but that would require
> changing *every*
>
>> package adding users.
>> https://patchwork.ozlabs.org/patch/1222180/
>>
>> Ok, I missed that patch (and reimplemented it :( my bad)
> I'm in the process of changing every package, it's just a tedious grep
> work, but it needs to be done.
>
Well, I am glad if I dont have to do that with private patchwork one day,
no matter how we get there.
what about changing mkuser default -1 to system user, adding a new value
('-2' or 'u') for normal user?
That way you just need to patch the 1-2 spots where normal users are
generated.
>
>> Norbert
>>
>> Am Fr., 7. Feb. 2020 um 13:53 Uhr schrieb J?r?my ROSEN <
>> jeremy.rosen at smile.fr>:
>>
>>>
>>>
>>> Le ven. 7 f?vr. 2020 ? 13:47, Norbert Lange <nolange79@gmail.com> a
>>> ?crit :
>>>
>>>> Not sure if you meant to reply to patch #6 instead.
>>>>
>>>> maybe :P
>>>
>>>
>>>> The main reference is the README, and the templates in sysusers.d.
>>>> You want me to add this as comment in the .mk file if I understood
>>>> correctly?
>>>>
>>>> That's very minor... I meant pointing to the sysusers.d files so
>>> someone that doesn't know systemd as well can check that nothing has changed
>>>
>>>
>>>> Also I am not sure why those users/groups aren't already in the systemd
>>>> skeleton.
>>>>
>>>> That's a pretty good question. Also, since they are created by
>>> mkusers they have a UID > 1000 that confuses journald.
>>> (they get their own journal files, as if they were normal users, instead
>>> of being logged only in the system journals)
>>>
>>>
>>>> Should I post just an amended Patch #5 or wait a while to redo the
>>>> series once I got feedback for the rest?
>>>>
>>>> Wait for more feedback, that's too minor to have you respin just for
>>> that.
>>>
>>> Cheers
>>> Jeremy
>>>
>>>
>>>> Am Fr., 7. Feb. 2020 um 10:13 Uhr schrieb J?r?my ROSEN <
>>>> jeremy.rosen at smile.fr>:
>>>>
>>>>> could you add a line pointing to the corresponding file in
>>>>> systemd's source code (i.e the sysuser file from upstream)
>>>>> that would help future reviewers
>>>>>
>>>>> apart from that
>>>>>
>>>>> Reviewed-by: J?r?my Rosen <jeremy.rosen@smile.fr>
>>>>>
>>>>> Le jeu. 6 f?vr. 2020 ? 10:37, Norbert Lange <nolange79@gmail.com> a
>>>>> ?crit :
>>>>>
>>>>>> Signed-off-by: Norbert Lange <nolange79@gmail.com>
>>>>>> ---
>>>>>> package/systemd/systemd.mk | 4 +++-
>>>>>> 1 file changed, 3 insertions(+), 1 deletion(-)
>>>>>>
>>>>>> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
>>>>>> index b3e83b5d3b..b6bd85f130 100644
>>>>>> --- a/package/systemd/systemd.mk
>>>>>> +++ b/package/systemd/systemd.mk
>>>>>> @@ -428,10 +428,12 @@ define SYSTEMD_INSTALL_IMAGES_CMDS
>>>>>> endef
>>>>>>
>>>>>> define SYSTEMD_USERS
>>>>>> + # udev user groups
>>>>>> - - input -1 * - - - Input device group
>>>>>> - - - systemd-journal -1 * - - - Journal
>>>>>> - - render -1 * - - - DRI rendering nodes
>>>>>> - - kvm -1 * - - - kvm nodes
>>>>>> + # systemd user groups
>>>>>> + - - systemd-journal -1 * - - - Journal
>>>>>> $(SYSTEMD_REMOTE_USER)
>>>>>> $(SYSTEMD_COREDUMP_USER)
>>>>>> $(SYSTEMD_NETWORKD_USER)
>>>>>> --
>>>>>> 2.24.1
>>>>>>
>>>>>> _______________________________________________
>>>>>> buildroot mailing list
>>>>>> buildroot at busybox.net
>>>>>> http://lists.busybox.net/mailman/listinfo/buildroot
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> [image: SMILE] <http://www.smile.eu/>
>>>>>
>>>>> 20 rue des Jardins
>>>>> 92600 Asni?res-sur-Seine
>>>>> *J?r?my ROSEN*
>>>>> Architecte technique
>>>>>
>>>>> [image: email] jeremy.rosen at smile.fr
>>>>> [image: phone] +33 6 88 25 87 42
>>>>> [image: url] http://www.smile.eu
>>>>>
>>>>> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
>>>>> <https://www.facebook.com/smileopensource> [image: LinkedIn]
>>>>> <https://www.linkedin.com/company/smile> [image: Github]
>>>>> <https://github.com/Smile-SA>
>>>>>
>>>>> [image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
>>>>> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>>>>>
>>>>
>>>
>>> --
>>> [image: SMILE] <http://www.smile.eu/>
>>>
>>> 20 rue des Jardins
>>> 92600 Asni?res-sur-Seine
>>> *J?r?my ROSEN*
>>> Architecte technique
>>>
>>> [image: email] jeremy.rosen at smile.fr
>>> [image: phone] +33 6 88 25 87 42
>>> [image: url] http://www.smile.eu
>>>
>>> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
>>> <https://www.facebook.com/smileopensource> [image: LinkedIn]
>>> <https://www.linkedin.com/company/smile> [image: Github]
>>> <https://github.com/Smile-SA>
>>>
>>> [image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
>>> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>>>
>>
>
> --
> [image: SMILE] <http://www.smile.eu/>
>
> 20 rue des Jardins
> 92600 Asni?res-sur-Seine
> *J?r?my ROSEN*
> Architecte technique
>
> [image: email] jeremy.rosen at smile.fr
> [image: phone] +33 6 88 25 87 42
> [image: url] http://www.smile.eu
>
> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
> <https://www.facebook.com/smileopensource> [image: LinkedIn]
> <https://www.linkedin.com/company/smile> [image: Github]
> <https://github.com/Smile-SA>
>
> [image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200207/7ca5313f/attachment-0001.html>
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 05/10] package/systemd: cosmetic rearrange list of users
2020-02-07 13:11 ` Norbert Lange
@ 2020-02-07 13:22 ` Jérémy ROSEN
2020-02-07 13:32 ` Norbert Lange
0 siblings, 1 reply; 40+ messages in thread
From: Jérémy ROSEN @ 2020-02-07 13:22 UTC (permalink / raw)
To: buildroot
Le ven. 7 f?vr. 2020 ? 14:11, Norbert Lange <nolange79@gmail.com> a ?crit :
>
>
>
> what about changing mkuser default -1 to system user, adding a new value
> ('-2' or 'u') for normal user?
> That way you just need to patch the 1-2 spots where normal users are
> generated.
>
>
There are no such spot that I could find at first glance in buildroot
itself, but that would break user packages...
so I don't think that's a good idea. It would fix more (harmless) bugs than
it would create, but the bugs
created would be more problematic than the bugs fixed....
--
[image: SMILE] <http://www.smile.eu/>
20 rue des Jardins
92600 Asni?res-sur-Seine
*J?r?my ROSEN*
Architecte technique
[image: email] jeremy.rosen at smile.fr
[image: phone] +33 6 88 25 87 42
[image: url] http://www.smile.eu
[image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
<https://www.facebook.com/smileopensource> [image: LinkedIn]
<https://www.linkedin.com/company/smile> [image: Github]
<https://github.com/Smile-SA>
[image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
<https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200207/72c85b6f/attachment.html>
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 05/10] package/systemd: cosmetic rearrange list of users
2020-02-07 13:22 ` Jérémy ROSEN
@ 2020-02-07 13:32 ` Norbert Lange
0 siblings, 0 replies; 40+ messages in thread
From: Norbert Lange @ 2020-02-07 13:32 UTC (permalink / raw)
To: buildroot
Define what you mean with break - chances are, its not worse than all of
packages suddenly creating system users.
I meant that the lists from BR2_ROOTFS_USERS_TABLES are handled special and
create normal users (uid >= 0),
while all packages (buildroot or user packages) create system users with
uid=-1.
new packages could use 's' and 'u' instead, with -1 being somewhat
ambiguous then (potentially being deprecated one day).
Am Fr., 7. Feb. 2020 um 14:23 Uhr schrieb J?r?my ROSEN <
jeremy.rosen@smile.fr>:
>
>
> Le ven. 7 f?vr. 2020 ? 14:11, Norbert Lange <nolange79@gmail.com> a
> ?crit :
>
>>
>>
>>
>> what about changing mkuser default -1 to system user, adding a new value
>> ('-2' or 'u') for normal user?
>> That way you just need to patch the 1-2 spots where normal users are
>> generated.
>>
>>
> There are no such spot that I could find at first glance in buildroot
> itself, but that would break user packages...
> so I don't think that's a good idea. It would fix more (harmless) bugs
> than it would create, but the bugs
> created would be more problematic than the bugs fixed....
>
> --
> [image: SMILE] <http://www.smile.eu/>
>
> 20 rue des Jardins
> 92600 Asni?res-sur-Seine
> *J?r?my ROSEN*
> Architecte technique
>
> [image: email] jeremy.rosen at smile.fr
> [image: phone] +33 6 88 25 87 42
> [image: url] http://www.smile.eu
>
> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
> <https://www.facebook.com/smileopensource> [image: LinkedIn]
> <https://www.linkedin.com/company/smile> [image: Github]
> <https://github.com/Smile-SA>
>
> [image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200207/d7c40351/attachment.html>
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 06/10] package/systemd: sync user comments to upstream
2020-02-06 9:36 [Buildroot] [PATCH 00/10] Improvements to systemd Norbert Lange
` (4 preceding siblings ...)
2020-02-06 9:36 ` [Buildroot] [PATCH 05/10] package/systemd: cosmetic rearrange list of users Norbert Lange
@ 2020-02-06 9:36 ` Norbert Lange
2020-02-06 9:36 ` [Buildroot] [PATCH 07/10] Makefile: Handle systemd catalogs in PURGE_LOCALES Norbert Lange
` (3 subsequent siblings)
9 siblings, 0 replies; 40+ messages in thread
From: Norbert Lange @ 2020-02-06 9:36 UTC (permalink / raw)
To: buildroot
Description is matched to the ones in the upstream sysusers.d
files. Remove homedirectory (upstream doesnt care either).
Signed-off-by: Norbert Lange <nolange79@gmail.com>
---
package/systemd/systemd.mk | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
index b6bd85f130..6ea25e3363 100644
--- a/package/systemd/systemd.mk
+++ b/package/systemd/systemd.mk
@@ -181,7 +181,7 @@ endif
ifeq ($(BR2_PACKAGE_SYSTEMD_JOURNAL_REMOTE),y)
SYSTEMD_CONF_OPTS += -Dremote=true
-SYSTEMD_REMOTE_USER = systemd-journal-remote -1 systemd-journal-remote -1 * /var/log/journal/remote - - Journal Remote
+SYSTEMD_REMOTE_USER = systemd-journal-remote -1 systemd-journal-remote -1 * - - - systemd Journal Remote
else
SYSTEMD_CONF_OPTS += -Dremote=false
endif
@@ -305,7 +305,7 @@ endif
ifeq ($(BR2_PACKAGE_SYSTEMD_COREDUMP),y)
SYSTEMD_CONF_OPTS += -Dcoredump=true
-SYSTEMD_COREDUMP_USER = systemd-coredump -1 systemd-coredump -1 * /var/lib/systemd/coredump - - Core Dumper
+SYSTEMD_COREDUMP_USER = systemd-coredump -1 systemd-coredump -1 * - - - systemd core dump processing
else
SYSTEMD_CONF_OPTS += -Dcoredump=false
endif
@@ -325,7 +325,7 @@ endif
ifeq ($(BR2_PACKAGE_SYSTEMD_NETWORKD),y)
SYSTEMD_CONF_OPTS += -Dnetworkd=true
-SYSTEMD_NETWORKD_USER = systemd-network -1 systemd-network -1 * - - - Network Manager
+SYSTEMD_NETWORKD_USER = systemd-network -1 systemd-network -1 * - - - systemd Network Management
SYSTEMD_NETWORKD_DHCP_IFACE = $(call qstrip,$(BR2_SYSTEM_DHCP))
ifneq ($(SYSTEMD_NETWORKD_DHCP_IFACE),)
define SYSTEMD_INSTALL_NETWORK_CONFS
@@ -344,14 +344,14 @@ define SYSTEMD_INSTALL_RESOLVCONF_HOOK
$(TARGET_DIR)/etc/resolv.conf
endef
SYSTEMD_CONF_OPTS += -Dresolve=true
-SYSTEMD_RESOLVED_USER = systemd-resolve -1 systemd-resolve -1 * - - - Network Name Resolution Manager
+SYSTEMD_RESOLVED_USER = systemd-resolve -1 systemd-resolve -1 * - - - systemd Resolver
else
SYSTEMD_CONF_OPTS += -Dresolve=false
endif
ifeq ($(BR2_PACKAGE_SYSTEMD_TIMESYNCD),y)
SYSTEMD_CONF_OPTS += -Dtimesyncd=true
-SYSTEMD_TIMESYNCD_USER = systemd-timesync -1 systemd-timesync -1 * - - - Network Time Synchronization
+SYSTEMD_TIMESYNCD_USER = systemd-timesync -1 systemd-timesync -1 * - - - systemd Time Synchronization
else
SYSTEMD_CONF_OPTS += -Dtimesyncd=false
endif
--
2.24.1
^ permalink raw reply related [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 07/10] Makefile: Handle systemd catalogs in PURGE_LOCALES
2020-02-06 9:36 [Buildroot] [PATCH 00/10] Improvements to systemd Norbert Lange
` (5 preceding siblings ...)
2020-02-06 9:36 ` [Buildroot] [PATCH 06/10] package/systemd: sync user comments to upstream Norbert Lange
@ 2020-02-06 9:36 ` Norbert Lange
2020-02-06 9:36 ` [Buildroot] [PATCH 08/10] package/systemd: add hook to update journalctl catalogs Norbert Lange
` (2 subsequent siblings)
9 siblings, 0 replies; 40+ messages in thread
From: Norbert Lange @ 2020-02-06 9:36 UTC (permalink / raw)
To: buildroot
journald supports localization with Catalog files with
a naming scheme <name>.<lang>.catalog.
We want to purge them like other locales.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
---
Makefile | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/Makefile b/Makefile
index a52f1c75fd..e6890e13c4 100644
--- a/Makefile
+++ b/Makefile
@@ -701,6 +701,14 @@ define PURGE_LOCALES
fi \
done; \
done
+ for cfile in $(wildcard $(TARGET_DIR)/usr/lib/systemd/catalog/*.catalog); \
+ do \
+ basename=$${cfile##*/}; \
+ basename=$${basename%.catalog}; \
+ langext=$${basename#*.}; \
+ [ "$$langext" != "$${basename}" ] || continue; \
+ grep -qx "$${langext}" $(LOCALE_WHITELIST) || rm -f "$$cfile"; \
+ done
if [ -d $(TARGET_DIR)/usr/share/X11/locale ]; \
then \
for lang in $(LOCALE_NOPURGE); \
--
2.24.1
^ permalink raw reply related [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 08/10] package/systemd: add hook to update journalctl catalogs
2020-02-06 9:36 [Buildroot] [PATCH 00/10] Improvements to systemd Norbert Lange
` (6 preceding siblings ...)
2020-02-06 9:36 ` [Buildroot] [PATCH 07/10] Makefile: Handle systemd catalogs in PURGE_LOCALES Norbert Lange
@ 2020-02-06 9:36 ` Norbert Lange
2020-06-07 11:14 ` Jérémy ROSEN
2020-06-07 15:56 ` Yann E. MORIN
2020-02-06 9:36 ` [Buildroot] [PATCH 09/10] package/systemd: option to delete all catalog files Norbert Lange
2020-02-06 9:36 ` [Buildroot] [PATCH 10/10] package/systemd: invoke systemd-tmpfilesd on final image Norbert Lange
9 siblings, 2 replies; 40+ messages in thread
From: Norbert Lange @ 2020-02-06 9:36 UTC (permalink / raw)
To: buildroot
journald supports catalog files, or rather a binary database of
those.
This add a hook to create said database from the available
catalog source files (which are not needed afterwards).
One ugly workaround is or ensuring that PURGE_LOCALES is
called before, we do this by adding this hook
(will then run twice during the finalize target step).
Signed-off-by: Norbert Lange <nolange79@gmail.com>
---
package/systemd/systemd.mk | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
index 6ea25e3363..8db3a1b117 100644
--- a/package/systemd/systemd.mk
+++ b/package/systemd/systemd.mk
@@ -500,6 +500,16 @@ define SYSTEMD_PRESET_ALL
endef
SYSTEMD_ROOTFS_PRE_CMD_HOOKS += SYSTEMD_PRESET_ALL
+define SYSTEMD_UPDATE_CATALOGS
+ $(HOST_DIR)/bin/journalctl --root=$(TARGET_DIR) --update-catalog
+endef
+
+# SYSTEMD_UPDATE_CATALOGS needs to run after PURGE_LOCALES
+ifeq ($(BR2_ENABLE_LOCALE_PURGE),y)
+SYSTEMD_TARGET_FINALIZE_HOOKS += PURGE_LOCALES
+endif
+SYSTEMD_TARGET_FINALIZE_HOOKS += SYSTEMD_UPDATE_CATALOGS
+
SYSTEMD_CONF_ENV = $(HOST_UTF8_LOCALE_ENV)
SYSTEMD_NINJA_ENV = $(HOST_UTF8_LOCALE_ENV)
@@ -577,6 +587,7 @@ HOST_SYSTEMD_DEPENDENCIES = \
# $(HOST_DIR)/lib
# * thus re-tweak rpath after the installation for all binaries that need it
HOST_SYSTEMD_HOST_TOOLS = \
+ journalctl \
systemd-analyze \
systemd-mount \
systemctl \
--
2.24.1
^ permalink raw reply related [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 08/10] package/systemd: add hook to update journalctl catalogs
2020-02-06 9:36 ` [Buildroot] [PATCH 08/10] package/systemd: add hook to update journalctl catalogs Norbert Lange
@ 2020-06-07 11:14 ` Jérémy ROSEN
2020-06-07 15:56 ` Yann E. MORIN
1 sibling, 0 replies; 40+ messages in thread
From: Jérémy ROSEN @ 2020-06-07 11:14 UTC (permalink / raw)
To: buildroot
LGTM
Le jeu. 6 f?vr. 2020 ? 10:37, Norbert Lange <nolange79@gmail.com> a ?crit :
> journald supports catalog files, or rather a binary database of
> those.
> This add a hook to create said database from the available
> catalog source files (which are not needed afterwards).
>
> One ugly workaround is or ensuring that PURGE_LOCALES is
> called before, we do this by adding this hook
> (will then run twice during the finalize target step).
>
> Signed-off-by: Norbert Lange <nolange79@gmail.com>
> ---
> package/systemd/systemd.mk | 11 +++++++++++
> 1 file changed, 11 insertions(+)
>
> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
> index 6ea25e3363..8db3a1b117 100644
> --- a/package/systemd/systemd.mk
> +++ b/package/systemd/systemd.mk
> @@ -500,6 +500,16 @@ define SYSTEMD_PRESET_ALL
> endef
> SYSTEMD_ROOTFS_PRE_CMD_HOOKS += SYSTEMD_PRESET_ALL
>
> +define SYSTEMD_UPDATE_CATALOGS
> + $(HOST_DIR)/bin/journalctl --root=$(TARGET_DIR) --update-catalog
> +endef
> +
> +# SYSTEMD_UPDATE_CATALOGS needs to run after PURGE_LOCALES
> +ifeq ($(BR2_ENABLE_LOCALE_PURGE),y)
> +SYSTEMD_TARGET_FINALIZE_HOOKS += PURGE_LOCALES
> +endif
> +SYSTEMD_TARGET_FINALIZE_HOOKS += SYSTEMD_UPDATE_CATALOGS
> +
> SYSTEMD_CONF_ENV = $(HOST_UTF8_LOCALE_ENV)
> SYSTEMD_NINJA_ENV = $(HOST_UTF8_LOCALE_ENV)
>
> @@ -577,6 +587,7 @@ HOST_SYSTEMD_DEPENDENCIES = \
> # $(HOST_DIR)/lib
> # * thus re-tweak rpath after the installation for all binaries that need
> it
> HOST_SYSTEMD_HOST_TOOLS = \
> + journalctl \
> systemd-analyze \
> systemd-mount \
> systemctl \
> --
> 2.24.1
>
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot
>
--
[image: SMILE] <http://www.smile.eu/>
20 rue des Jardins
92600 Asni?res-sur-Seine
*J?r?my ROSEN*
Architecte technique
[image: email] jeremy.rosen at smile.fr
[image: phone] +33 6 88 25 87 42
[image: url] http://www.smile.eu
[image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
<https://www.facebook.com/smileopensource> [image: LinkedIn]
<https://www.linkedin.com/company/smile> [image: Github]
<https://github.com/Smile-SA>
[image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
<https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200607/7bbb23c0/attachment.html>
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 08/10] package/systemd: add hook to update journalctl catalogs
2020-02-06 9:36 ` [Buildroot] [PATCH 08/10] package/systemd: add hook to update journalctl catalogs Norbert Lange
2020-06-07 11:14 ` Jérémy ROSEN
@ 2020-06-07 15:56 ` Yann E. MORIN
2020-06-07 20:05 ` Norbert Lange
1 sibling, 1 reply; 40+ messages in thread
From: Yann E. MORIN @ 2020-06-07 15:56 UTC (permalink / raw)
To: buildroot
Norbert, All,
On 2020-02-06 10:36 +0100, Norbert Lange spake thusly:
> journald supports catalog files, or rather a binary database of
> those.
> This add a hook to create said database from the available
> catalog source files (which are not needed afterwards).
>
> One ugly workaround is or ensuring that PURGE_LOCALES is
> called before, we do this by adding this hook
> (will then run twice during the finalize target step).
>
> Signed-off-by: Norbert Lange <nolange79@gmail.com>
> ---
> package/systemd/systemd.mk | 11 +++++++++++
> 1 file changed, 11 insertions(+)
>
> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
> index 6ea25e3363..8db3a1b117 100644
> --- a/package/systemd/systemd.mk
> +++ b/package/systemd/systemd.mk
> @@ -500,6 +500,16 @@ define SYSTEMD_PRESET_ALL
> endef
> SYSTEMD_ROOTFS_PRE_CMD_HOOKS += SYSTEMD_PRESET_ALL
>
> +define SYSTEMD_UPDATE_CATALOGS
> + $(HOST_DIR)/bin/journalctl --root=$(TARGET_DIR) --update-catalog
> +endef
> +
> +# SYSTEMD_UPDATE_CATALOGS needs to run after PURGE_LOCALES
> +ifeq ($(BR2_ENABLE_LOCALE_PURGE),y)
> +SYSTEMD_TARGET_FINALIZE_HOOKS += PURGE_LOCALES
> +endif
> +SYSTEMD_TARGET_FINALIZE_HOOKS += SYSTEMD_UPDATE_CATALOGS
> +
> SYSTEMD_CONF_ENV = $(HOST_UTF8_LOCALE_ENV)
> SYSTEMD_NINJA_ENV = $(HOST_UTF8_LOCALE_ENV)
>
> @@ -577,6 +587,7 @@ HOST_SYSTEMD_DEPENDENCIES = \
> # $(HOST_DIR)/lib
> # * thus re-tweak rpath after the installation for all binaries that need it
> HOST_SYSTEMD_HOST_TOOLS = \
> + journalctl \
Why are you adding journalctl to this list?
This list is only used to fix the RPATH in the prgrams. If the programs
do not need the RPATH, we don;t need to fix them up.
This list is not about identifying the host tools we are using (indeed,
most entries in that list are not used at all).
If however, you foudn a case where journalctl needs an RPATH entry,
then:
- explain why: identify the libraries involved, and add explicit
dependencies on the packages providign those libraries,
- send that change in a separate patch.
Regards,
Yann E. MORIN.
> systemd-analyze \
> systemd-mount \
> systemctl \
> --
> 2.24.1
>
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 561 099 427 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 08/10] package/systemd: add hook to update journalctl catalogs
2020-06-07 15:56 ` Yann E. MORIN
@ 2020-06-07 20:05 ` Norbert Lange
0 siblings, 0 replies; 40+ messages in thread
From: Norbert Lange @ 2020-06-07 20:05 UTC (permalink / raw)
To: buildroot
Am So., 7. Juni 2020 um 17:57 Uhr schrieb Yann E. MORIN
<yann.morin.1998@free.fr>:
>
> Norbert, All,
>
> On 2020-02-06 10:36 +0100, Norbert Lange spake thusly:
> > journald supports catalog files, or rather a binary database of
> > those.
> > This add a hook to create said database from the available
> > catalog source files (which are not needed afterwards).
> >
> > One ugly workaround is or ensuring that PURGE_LOCALES is
> > called before, we do this by adding this hook
> > (will then run twice during the finalize target step).
> >
> > Signed-off-by: Norbert Lange <nolange79@gmail.com>
> > ---
> > package/systemd/systemd.mk | 11 +++++++++++
> > 1 file changed, 11 insertions(+)
> >
> > diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
> > index 6ea25e3363..8db3a1b117 100644
> > --- a/package/systemd/systemd.mk
> > +++ b/package/systemd/systemd.mk
> > @@ -500,6 +500,16 @@ define SYSTEMD_PRESET_ALL
> > endef
> > SYSTEMD_ROOTFS_PRE_CMD_HOOKS += SYSTEMD_PRESET_ALL
> >
> > +define SYSTEMD_UPDATE_CATALOGS
> > + $(HOST_DIR)/bin/journalctl --root=$(TARGET_DIR) --update-catalog
> > +endef
> > +
> > +# SYSTEMD_UPDATE_CATALOGS needs to run after PURGE_LOCALES
> > +ifeq ($(BR2_ENABLE_LOCALE_PURGE),y)
> > +SYSTEMD_TARGET_FINALIZE_HOOKS += PURGE_LOCALES
> > +endif
> > +SYSTEMD_TARGET_FINALIZE_HOOKS += SYSTEMD_UPDATE_CATALOGS
> > +
> > SYSTEMD_CONF_ENV = $(HOST_UTF8_LOCALE_ENV)
> > SYSTEMD_NINJA_ENV = $(HOST_UTF8_LOCALE_ENV)
> >
> > @@ -577,6 +587,7 @@ HOST_SYSTEMD_DEPENDENCIES = \
> > # $(HOST_DIR)/lib
> > # * thus re-tweak rpath after the installation for all binaries that need it
> > HOST_SYSTEMD_HOST_TOOLS = \
> > + journalctl \
>
> Why are you adding journalctl to this list?
Been some months or a year, can only speculate, might be that I
originally had to enable building this tool aswell (before rebases).
>
> This list is only used to fix the RPATH in the prgrams. If the programs
> do not need the RPATH, we don;t need to fix them up.
>
> This list is not about identifying the host tools we are using (indeed,
> most entries in that list are not used at all).
>
> If however, you foudn a case where journalctl needs an RPATH entry,
> then:
> - explain why: identify the libraries involved, and add explicit
> dependencies on the packages providign those libraries,
> - send that change in a separate patch.
Ok. I believe most if not all of systemd's tools depend on
libsystemd-*-245.so. If that's the case then a regex might be easier?
% for s in system* journa*; do readelf -d $s | grep -q
libsystemd-shared-245.so && echo $s; done
systemd-analyze
systemd-ask-password
systemd-cat
systemd-cgls
systemd-cgtop
systemd-delta
systemd-detect-virt
systemd-escape
systemd-id128
systemd-machine-id-setup
systemd-mount
systemd-notify
systemd-nspawn
systemd-path
systemd-run
systemd-socket-activate
systemd-stdio-bridge
systemd-tmpfiles
systemd-tty-ask-password-agent
systemd-umount
journalctl
Norbert
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 09/10] package/systemd: option to delete all catalog files
2020-02-06 9:36 [Buildroot] [PATCH 00/10] Improvements to systemd Norbert Lange
` (7 preceding siblings ...)
2020-02-06 9:36 ` [Buildroot] [PATCH 08/10] package/systemd: add hook to update journalctl catalogs Norbert Lange
@ 2020-02-06 9:36 ` Norbert Lange
2020-02-06 9:36 ` [Buildroot] [PATCH 10/10] package/systemd: invoke systemd-tmpfilesd on final image Norbert Lange
9 siblings, 0 replies; 40+ messages in thread
From: Norbert Lange @ 2020-02-06 9:36 UTC (permalink / raw)
To: buildroot
Unless you need to rebuild the database, there is
no need for the (source) catalog files.
This option removes the files in a ROOTFS_PRE_CMD_HOOK
Signed-off-by: Norbert Lange <nolange79@gmail.com>
---
package/systemd/Config.in | 12 ++++++++++++
package/systemd/systemd.mk | 8 ++++++++
2 files changed, 20 insertions(+)
diff --git a/package/systemd/Config.in b/package/systemd/Config.in
index c727082a1a..c0727db94a 100644
--- a/package/systemd/Config.in
+++ b/package/systemd/Config.in
@@ -224,6 +224,18 @@ config BR2_PACKAGE_SYSTEMD_IMPORTD
http://www.freedesktop.org/software/systemd/man/machinectl.html#Image%20Transfer%20Commands
+config BR2_PACKAGE_SYSTEMD_RETAIN_CATALOGS
+ bool "retain source catalog files"
+ help
+ catalog files are used to provide extended and potentially localized
+ messages for the journal.
+ The files reside in /usr/lib/systemd/catalog, but arent used directly,
+ instead a binary database will be built using these files.
+
+ Only if the database needs to be rebuilt later they need to be retained.
+
+ https://www.freedesktop.org/wiki/Software/systemd/catalog/
+
config BR2_PACKAGE_SYSTEMD_LOCALED
bool "enable locale daemon"
help
diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
index 8db3a1b117..4d6ff0be45 100644
--- a/package/systemd/systemd.mk
+++ b/package/systemd/systemd.mk
@@ -401,6 +401,14 @@ ifneq ($(SYSTEMD_FALLBACK_HOSTNAME),)
SYSTEMD_CONF_OPTS += -Dfallback-hostname=$(SYSTEMD_FALLBACK_HOSTNAME)
endif
+ifneq ($(BR2_PACKAGE_SYSTEMD_RETAIN_CATALOGS),y)
+define SYSTEMD_RM_SOURCE_CATALOGS_HOOK
+ rm -rf $(TARGET_DIR)/usr/lib/systemd/catalog
+endef
+
+SYSTEMD_ROOTFS_PRE_CMD_HOOKS += SYSTEMD_RM_SOURCE_CATALOGS_HOOK
+endif
+
define SYSTEMD_INSTALL_INIT_HOOK
ln -fs multi-user.target \
$(TARGET_DIR)/usr/lib/systemd/system/default.target
--
2.24.1
^ permalink raw reply related [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 10/10] package/systemd: invoke systemd-tmpfilesd on final image
2020-02-06 9:36 [Buildroot] [PATCH 00/10] Improvements to systemd Norbert Lange
` (8 preceding siblings ...)
2020-02-06 9:36 ` [Buildroot] [PATCH 09/10] package/systemd: option to delete all catalog files Norbert Lange
@ 2020-02-06 9:36 ` Norbert Lange
2020-06-07 11:15 ` Jérémy ROSEN
9 siblings, 1 reply; 40+ messages in thread
From: Norbert Lange @ 2020-02-06 9:36 UTC (permalink / raw)
To: buildroot
Especially for read-only filesystems it is helpfull to
pre-create all folders for non-volatile paths.
This needs to run under fakeroot to allow setting uids/gids/perms
Signed-off-by: Norbert Lange <nolange79@gmail.com>
---
package/systemd/systemd.mk | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
index 4d6ff0be45..69e2e1bf41 100644
--- a/package/systemd/systemd.mk
+++ b/package/systemd/systemd.mk
@@ -518,6 +518,12 @@ SYSTEMD_TARGET_FINALIZE_HOOKS += PURGE_LOCALES
endif
SYSTEMD_TARGET_FINALIZE_HOOKS += SYSTEMD_UPDATE_CATALOGS
+define SYSTEMD_CREATE_TMPFILES_HOOK
+ $(HOST_DIR)/bin/systemd-tmpfiles --root=$(TARGET_DIR) --create --boot \
+ $(addprefix --exclude-prefix=/,dev mnt proc run sys tmp) || :
+endef
+SYSTEMD_ROOTFS_PRE_CMD_HOOKS += SYSTEMD_CREATE_TMPFILES_HOOK
+
SYSTEMD_CONF_ENV = $(HOST_UTF8_LOCALE_ENV)
SYSTEMD_NINJA_ENV = $(HOST_UTF8_LOCALE_ENV)
@@ -559,7 +565,7 @@ HOST_SYSTEMD_CONF_OPTS = \
-Dvconsole=false \
-Dquotacheck=false \
-Dsysusers=false \
- -Dtmpfiles=false \
+ -Dtmpfiles=true \
-Dimportd=false \
-Dhwdb=false \
-Drfkill=false \
@@ -598,6 +604,7 @@ HOST_SYSTEMD_HOST_TOOLS = \
journalctl \
systemd-analyze \
systemd-mount \
+ systemd-tmpfiles \
systemctl \
udevadm
--
2.24.1
^ permalink raw reply related [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 10/10] package/systemd: invoke systemd-tmpfilesd on final image
2020-02-06 9:36 ` [Buildroot] [PATCH 10/10] package/systemd: invoke systemd-tmpfilesd on final image Norbert Lange
@ 2020-06-07 11:15 ` Jérémy ROSEN
2020-06-07 19:26 ` Norbert Lange
0 siblings, 1 reply; 40+ messages in thread
From: Jérémy ROSEN @ 2020-06-07 11:15 UTC (permalink / raw)
To: buildroot
Awesome, LGTM
Le jeu. 6 f?vr. 2020 ? 10:37, Norbert Lange <nolange79@gmail.com> a ?crit :
> Especially for read-only filesystems it is helpfull to
> pre-create all folders for non-volatile paths.
>
> This needs to run under fakeroot to allow setting uids/gids/perms
>
> Signed-off-by: Norbert Lange <nolange79@gmail.com>
> ---
> package/systemd/systemd.mk | 9 ++++++++-
> 1 file changed, 8 insertions(+), 1 deletion(-)
>
> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
> index 4d6ff0be45..69e2e1bf41 100644
> --- a/package/systemd/systemd.mk
> +++ b/package/systemd/systemd.mk
> @@ -518,6 +518,12 @@ SYSTEMD_TARGET_FINALIZE_HOOKS += PURGE_LOCALES
> endif
> SYSTEMD_TARGET_FINALIZE_HOOKS += SYSTEMD_UPDATE_CATALOGS
>
> +define SYSTEMD_CREATE_TMPFILES_HOOK
> + $(HOST_DIR)/bin/systemd-tmpfiles --root=$(TARGET_DIR) --create
> --boot \
> + $(addprefix --exclude-prefix=/,dev mnt proc run sys tmp)
> || :
> +endef
> +SYSTEMD_ROOTFS_PRE_CMD_HOOKS += SYSTEMD_CREATE_TMPFILES_HOOK
> +
> SYSTEMD_CONF_ENV = $(HOST_UTF8_LOCALE_ENV)
> SYSTEMD_NINJA_ENV = $(HOST_UTF8_LOCALE_ENV)
>
> @@ -559,7 +565,7 @@ HOST_SYSTEMD_CONF_OPTS = \
> -Dvconsole=false \
> -Dquotacheck=false \
> -Dsysusers=false \
> - -Dtmpfiles=false \
> + -Dtmpfiles=true \
> -Dimportd=false \
> -Dhwdb=false \
> -Drfkill=false \
> @@ -598,6 +604,7 @@ HOST_SYSTEMD_HOST_TOOLS = \
> journalctl \
> systemd-analyze \
> systemd-mount \
> + systemd-tmpfiles \
> systemctl \
> udevadm
>
> --
> 2.24.1
>
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot
>
--
[image: SMILE] <http://www.smile.eu/>
20 rue des Jardins
92600 Asni?res-sur-Seine
*J?r?my ROSEN*
Architecte technique
[image: email] jeremy.rosen at smile.fr
[image: phone] +33 6 88 25 87 42
[image: url] http://www.smile.eu
[image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
<https://www.facebook.com/smileopensource> [image: LinkedIn]
<https://www.linkedin.com/company/smile> [image: Github]
<https://github.com/Smile-SA>
[image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
<https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200607/b4cd22bf/attachment.html>
^ permalink raw reply [flat|nested] 40+ messages in thread
* [Buildroot] [PATCH 10/10] package/systemd: invoke systemd-tmpfilesd on final image
2020-06-07 11:15 ` Jérémy ROSEN
@ 2020-06-07 19:26 ` Norbert Lange
0 siblings, 0 replies; 40+ messages in thread
From: Norbert Lange @ 2020-06-07 19:26 UTC (permalink / raw)
To: buildroot
Am So., 7. Juni 2020 um 13:15 Uhr schrieb J?r?my ROSEN <jeremy.rosen@smile.fr>:
>
> Awesome, LGTM
>
> Le jeu. 6 f?vr. 2020 ? 10:37, Norbert Lange <nolange79@gmail.com> a ?crit :
>>
>> Especially for read-only filesystems it is helpfull to
>> pre-create all folders for non-volatile paths.
>>
>> This needs to run under fakeroot to allow setting uids/gids/perms
>>
>> Signed-off-by: Norbert Lange <nolange79@gmail.com>
>> ---
>> package/systemd/systemd.mk | 9 ++++++++-
>> 1 file changed, 8 insertions(+), 1 deletion(-)
>>
>> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
>> index 4d6ff0be45..69e2e1bf41 100644
>> --- a/package/systemd/systemd.mk
>> +++ b/package/systemd/systemd.mk
>> @@ -518,6 +518,12 @@ SYSTEMD_TARGET_FINALIZE_HOOKS += PURGE_LOCALES
>> endif
>> SYSTEMD_TARGET_FINALIZE_HOOKS += SYSTEMD_UPDATE_CATALOGS
>>
>> +define SYSTEMD_CREATE_TMPFILES_HOOK
>> + $(HOST_DIR)/bin/systemd-tmpfiles --root=$(TARGET_DIR) --create --boot \
>> + $(addprefix --exclude-prefix=/,dev mnt proc run sys tmp) || :
>> +endef
>> +SYSTEMD_ROOTFS_PRE_CMD_HOOKS += SYSTEMD_CREATE_TMPFILES_HOOK
>> +
>> SYSTEMD_CONF_ENV = $(HOST_UTF8_LOCALE_ENV)
>> SYSTEMD_NINJA_ENV = $(HOST_UTF8_LOCALE_ENV)
>>
>> @@ -559,7 +565,7 @@ HOST_SYSTEMD_CONF_OPTS = \
>> -Dvconsole=false \
>> -Dquotacheck=false \
>> -Dsysusers=false \
>> - -Dtmpfiles=false \
>> + -Dtmpfiles=true \
>> -Dimportd=false \
>> -Dhwdb=false \
>> -Drfkill=false \
>> @@ -598,6 +604,7 @@ HOST_SYSTEMD_HOST_TOOLS = \
>> journalctl \
>> systemd-analyze \
>> systemd-mount \
>> + systemd-tmpfiles \
>> systemctl \
>> udevadm
>>
>> --
>> 2.24.1
>>
>> _______________________________________________
>> buildroot mailing list
>> buildroot at busybox.net
>> http://lists.busybox.net/mailman/listinfo/buildroot
>
>
>
> --
>
>
> 20 rue des Jardins
> 92600 Asni?res-sur-Seine
>
> J?r?my ROSEN
> Architecte technique
>
> jeremy.rosen at smile.fr
> +33 6 88 25 87 42
> http://www.smile.eu
>
>
>
Well, not entirely good, it currently still needs a systemd patch
(upstream commit) to work correctly, which I haven't posted on the ML.
(waited for some feedback before respinning)
Norbert
^ permalink raw reply [flat|nested] 40+ messages in thread