* [PATCH] useradd-staticids.bbclass: Support recipes specifying static IDs
@ 2017-03-11 5:27 Peter Kjellerstedt
2017-03-13 13:55 ` Mark Hatle
0 siblings, 1 reply; 6+ messages in thread
From: Peter Kjellerstedt @ 2017-03-11 5:27 UTC (permalink / raw)
To: openembedded-core
If this bblcass is used and a recipe specifies a static ID for a
user/group as part of the USERADD_PARAM_${PN} or GROUPADD_PARAM_${PN},
the build would fail with and error like this if there was no
corresponding ID in the passwd/group files specified via
USERADD_UID_TABLES/USERADD_GID_TABLES:
ERROR: meta-oe/recipes-support/postgresql/postgresql_9.4.11.bb:
meta-oe/recipes-support/postgresql/postgresql_9.4.11.bb inherits
useradd but doesn't set USERADD_PARAM, GROUPADD_PARAM or
GROUPMEMS_PARAM for package postgresql
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
---
meta/classes/useradd-staticids.bbclass | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/classes/useradd-staticids.bbclass b/meta/classes/useradd-staticids.bbclass
index a65c3f69cb..9b194df490 100644
--- a/meta/classes/useradd-staticids.bbclass
+++ b/meta/classes/useradd-staticids.bbclass
@@ -125,6 +125,7 @@ def update_useradd_static_config(d):
if uaargs.LOGIN not in users:
if not uaargs.uid or not uaargs.uid.isdigit() or not uaargs.gid:
handle_missing_id(uaargs.LOGIN, 'user', pkg)
+ newparams.append(param)
continue
field = users[uaargs.LOGIN]
@@ -260,6 +261,7 @@ def update_useradd_static_config(d):
if gaargs.GROUP not in groups:
if not gaargs.gid or not gaargs.gid.isdigit():
handle_missing_id(gaargs.GROUP, 'group', pkg)
+ newparams.append(param)
continue
field = groups[gaargs.GROUP]
--
2.12.0
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH] useradd-staticids.bbclass: Support recipes specifying static IDs
2017-03-11 5:27 [PATCH] useradd-staticids.bbclass: Support recipes specifying static IDs Peter Kjellerstedt
@ 2017-03-13 13:55 ` Mark Hatle
2017-03-13 16:11 ` Peter Kjellerstedt
0 siblings, 1 reply; 6+ messages in thread
From: Mark Hatle @ 2017-03-13 13:55 UTC (permalink / raw)
To: Peter Kjellerstedt, openembedded-core
On 3/10/17 11:27 PM, Peter Kjellerstedt wrote:
> If this bblcass is used and a recipe specifies a static ID for a
> user/group as part of the USERADD_PARAM_${PN} or GROUPADD_PARAM_${PN},
> the build would fail with and error like this if there was no
> corresponding ID in the passwd/group files specified via
> USERADD_UID_TABLES/USERADD_GID_TABLES:
If the system is set in warning mode, it should warn if this is done (but allow it).
If the system is set to error mode, it should error.
The useradd-staticids class is expecting the files (tables) to contain all of
the entries. This is specifically to avoid the situation where a new recipe is
introduced that adds a new user or group (dynamic or static -- static because it
could conflict with one of your existing static entries.)
I agree the error message below looks wrong, do the existing warning/error
messages about it not being defined int he useradd tables still occur with this
patch?
--Mark
> ERROR: meta-oe/recipes-support/postgresql/postgresql_9.4.11.bb:
> meta-oe/recipes-support/postgresql/postgresql_9.4.11.bb inherits
> useradd but doesn't set USERADD_PARAM, GROUPADD_PARAM or
> GROUPMEMS_PARAM for package postgresql
>
> Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
> ---
> meta/classes/useradd-staticids.bbclass | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/meta/classes/useradd-staticids.bbclass b/meta/classes/useradd-staticids.bbclass
> index a65c3f69cb..9b194df490 100644
> --- a/meta/classes/useradd-staticids.bbclass
> +++ b/meta/classes/useradd-staticids.bbclass
> @@ -125,6 +125,7 @@ def update_useradd_static_config(d):
> if uaargs.LOGIN not in users:
> if not uaargs.uid or not uaargs.uid.isdigit() or not uaargs.gid:
> handle_missing_id(uaargs.LOGIN, 'user', pkg)
> + newparams.append(param)
> continue
>
> field = users[uaargs.LOGIN]
> @@ -260,6 +261,7 @@ def update_useradd_static_config(d):
> if gaargs.GROUP not in groups:
> if not gaargs.gid or not gaargs.gid.isdigit():
> handle_missing_id(gaargs.GROUP, 'group', pkg)
> + newparams.append(param)
> continue
>
> field = groups[gaargs.GROUP]
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] useradd-staticids.bbclass: Support recipes specifying static IDs
2017-03-13 13:55 ` Mark Hatle
@ 2017-03-13 16:11 ` Peter Kjellerstedt
2017-03-13 16:50 ` Mark Hatle
0 siblings, 1 reply; 6+ messages in thread
From: Peter Kjellerstedt @ 2017-03-13 16:11 UTC (permalink / raw)
To: Mark Hatle, openembedded-core
> -----Original Message-----
> From: Mark Hatle [mailto:mark.hatle@windriver.com]
> Sent: den 13 mars 2017 14:56
> To: Peter Kjellerstedt; openembedded-core@lists.openembedded.org
> Subject: Re: [OE-core] [PATCH] useradd-staticids.bbclass: Support
> recipes specifying static IDs
>
> On 3/10/17 11:27 PM, Peter Kjellerstedt wrote:
> > If this bblcass is used and a recipe specifies a static ID for a
> > user/group as part of the USERADD_PARAM_${PN} or GROUPADD_PARAM_${PN},
> > the build would fail with and error like this if there was no
> > corresponding ID in the passwd/group files specified via
> > USERADD_UID_TABLES/USERADD_GID_TABLES:
>
> If the system is set in warning mode, it should warn if this is done
> (but allow it).
>
> If the system is set to error mode, it should error.
>
> The useradd-staticids class is expecting the files (tables) to contain
> all of the entries. This is specifically to avoid the situation where
> a new recipe is introduced that adds a new user or group (dynamic or
> static -- static because it could conflict with one of your existing
> static entries.)
AFAICT, even before my rewrite of much of this code in 3149319a and
subsequent correction in adc0f830, if a static ID was specified as part
of USERADD_PARAM_${PN} then no error would be issued. However, we can
certainly change the code to always fail/warn if no ID is specified
in any of the passwd/groups files. It should just be a matter of
removing the if statements preceding the calls to handle_missing_id()
below. (I will do some verification and send an updated patch tomorrow
if this is the way the class should work.)
> I agree the error message below looks wrong, do the existing warning/
> error messages about it not being defined int he useradd tables still
> occur with this patch?
The error message below occurred because before my fix it forgot all
the parameters that were specified in USERADD_PARAM_${PN} when it took
the continue.
> --Mark
>
> > ERROR: meta-oe/recipes-support/postgresql/postgresql_9.4.11.bb:
> > meta-oe/recipes-support/postgresql/postgresql_9.4.11.bb inherits
> > useradd but doesn't set USERADD_PARAM, GROUPADD_PARAM or
> > GROUPMEMS_PARAM for package postgresql
> >
> > Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
> > ---
> > meta/classes/useradd-staticids.bbclass | 2 ++
> > 1 file changed, 2 insertions(+)
> >
> > diff --git a/meta/classes/useradd-staticids.bbclass
> b/meta/classes/useradd-staticids.bbclass
> > index a65c3f69cb..9b194df490 100644
> > --- a/meta/classes/useradd-staticids.bbclass
> > +++ b/meta/classes/useradd-staticids.bbclass
> > @@ -125,6 +125,7 @@ def update_useradd_static_config(d):
> > if uaargs.LOGIN not in users:
> > if not uaargs.uid or not uaargs.uid.isdigit() or not uaargs.gid:
> > handle_missing_id(uaargs.LOGIN, 'user', pkg)
> > + newparams.append(param)
> > continue
> >
> > field = users[uaargs.LOGIN]
> > @@ -260,6 +261,7 @@ def update_useradd_static_config(d):
> > if gaargs.GROUP not in groups:
> > if not gaargs.gid or not gaargs.gid.isdigit():
> > handle_missing_id(gaargs.GROUP, 'group', pkg)
> > + newparams.append(param)
> > continue
> >
> > field = groups[gaargs.GROUP]
> >
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] useradd-staticids.bbclass: Support recipes specifying static IDs
2017-03-13 16:11 ` Peter Kjellerstedt
@ 2017-03-13 16:50 ` Mark Hatle
2017-03-14 0:47 ` Peter Kjellerstedt
0 siblings, 1 reply; 6+ messages in thread
From: Mark Hatle @ 2017-03-13 16:50 UTC (permalink / raw)
To: Peter Kjellerstedt, openembedded-core
On 3/13/17 11:11 AM, Peter Kjellerstedt wrote:
>> -----Original Message-----
>> From: Mark Hatle [mailto:mark.hatle@windriver.com]
>> Sent: den 13 mars 2017 14:56
>> To: Peter Kjellerstedt; openembedded-core@lists.openembedded.org
>> Subject: Re: [OE-core] [PATCH] useradd-staticids.bbclass: Support
>> recipes specifying static IDs
>>
>> On 3/10/17 11:27 PM, Peter Kjellerstedt wrote:
>>> If this bblcass is used and a recipe specifies a static ID for a
>>> user/group as part of the USERADD_PARAM_${PN} or GROUPADD_PARAM_${PN},
>>> the build would fail with and error like this if there was no
>>> corresponding ID in the passwd/group files specified via
>>> USERADD_UID_TABLES/USERADD_GID_TABLES:
>>
>> If the system is set in warning mode, it should warn if this is done
>> (but allow it).
>>
>> If the system is set to error mode, it should error.
>>
>> The useradd-staticids class is expecting the files (tables) to contain
>> all of the entries. This is specifically to avoid the situation where
>> a new recipe is introduced that adds a new user or group (dynamic or
>> static -- static because it could conflict with one of your existing
>> static entries.)
>
> AFAICT, even before my rewrite of much of this code in 3149319a and
> subsequent correction in adc0f830, if a static ID was specified as part
> of USERADD_PARAM_${PN} then no error would be issued. However, we can
> certainly change the code to always fail/warn if no ID is specified
> in any of the passwd/groups files. It should just be a matter of
> removing the if statements preceding the calls to handle_missing_id()
> below. (I will do some verification and send an updated patch tomorrow
> if this is the way the class should work.)
The intention was always that the uname/gname had to be specified in the useradd
tables in some way, or a warning/error would occur.
If the fields were blank in the tables, the system would use the versions
located in the recipe -- otherwise it would use the version in the table. (At
one point, but I don't think this was ever pushed in -- if a static ID was set
in the recipe, there was a verification that the static version in both the
recipe and the table files was the same -- otherwise it could indicate the
package may not be built properly.)
>> I agree the error message below looks wrong, do the existing warning/
>> error messages about it not being defined int he useradd tables still
>> occur with this patch?
>
> The error message below occurred because before my fix it forgot all
> the parameters that were specified in USERADD_PARAM_${PN} when it took
> the continue.
Ok, we need to fix that bug first then.
We should then verify the second issue and fix it in a subsequent commit. The
key being that of the user/group was not in the table we warn them (or error) --
preventing unexpected users from showing up.
The check both static IDs are the same could very well be a TODO item (that is
never done) -- but something that should be considered.
Thanks!
--Mark
>> --Mark
>>
>>> ERROR: meta-oe/recipes-support/postgresql/postgresql_9.4.11.bb:
>>> meta-oe/recipes-support/postgresql/postgresql_9.4.11.bb inherits
>>> useradd but doesn't set USERADD_PARAM, GROUPADD_PARAM or
>>> GROUPMEMS_PARAM for package postgresql
>>>
>>> Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
>>> ---
>>> meta/classes/useradd-staticids.bbclass | 2 ++
>>> 1 file changed, 2 insertions(+)
>>>
>>> diff --git a/meta/classes/useradd-staticids.bbclass
>> b/meta/classes/useradd-staticids.bbclass
>>> index a65c3f69cb..9b194df490 100644
>>> --- a/meta/classes/useradd-staticids.bbclass
>>> +++ b/meta/classes/useradd-staticids.bbclass
>>> @@ -125,6 +125,7 @@ def update_useradd_static_config(d):
>>> if uaargs.LOGIN not in users:
>>> if not uaargs.uid or not uaargs.uid.isdigit() or not uaargs.gid:
>>> handle_missing_id(uaargs.LOGIN, 'user', pkg)
>>> + newparams.append(param)
>>> continue
>>>
>>> field = users[uaargs.LOGIN]
>>> @@ -260,6 +261,7 @@ def update_useradd_static_config(d):
>>> if gaargs.GROUP not in groups:
>>> if not gaargs.gid or not gaargs.gid.isdigit():
>>> handle_missing_id(gaargs.GROUP, 'group', pkg)
>>> + newparams.append(param)
>>> continue
>>>
>>> field = groups[gaargs.GROUP]
>>>
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] useradd-staticids.bbclass: Support recipes specifying static IDs
2017-03-13 16:50 ` Mark Hatle
@ 2017-03-14 0:47 ` Peter Kjellerstedt
2017-03-14 1:35 ` Mark Hatle
0 siblings, 1 reply; 6+ messages in thread
From: Peter Kjellerstedt @ 2017-03-14 0:47 UTC (permalink / raw)
To: Mark Hatle, openembedded-core
> -----Original Message-----
> From: Mark Hatle [mailto:mark.hatle@windriver.com]
> Sent: den 13 mars 2017 17:50
> To: Peter Kjellerstedt; openembedded-core@lists.openembedded.org
> Subject: Re: [OE-core] [PATCH] useradd-staticids.bbclass: Support
> recipes specifying static IDs
>
> On 3/13/17 11:11 AM, Peter Kjellerstedt wrote:
> >> -----Original Message-----
> >> From: Mark Hatle [mailto:mark.hatle@windriver.com]
> >> Sent: den 13 mars 2017 14:56
> >> To: Peter Kjellerstedt; openembedded-core@lists.openembedded.org
> >> Subject: Re: [OE-core] [PATCH] useradd-staticids.bbclass: Support
> >> recipes specifying static IDs
> >>
> >> On 3/10/17 11:27 PM, Peter Kjellerstedt wrote:
> >>> If this bblcass is used and a recipe specifies a static ID for a
> >>> user/group as part of the USERADD_PARAM_${PN} or
> GROUPADD_PARAM_${PN},
> >>> the build would fail with and error like this if there was no
> >>> corresponding ID in the passwd/group files specified via
> >>> USERADD_UID_TABLES/USERADD_GID_TABLES:
> >>
> >> If the system is set in warning mode, it should warn if this is done
> >> (but allow it).
> >>
> >> If the system is set to error mode, it should error.
> >>
> >> The useradd-staticids class is expecting the files (tables) to
> contain
> >> all of the entries. This is specifically to avoid the situation
> where
> >> a new recipe is introduced that adds a new user or group (dynamic or
> >> static -- static because it could conflict with one of your existing
> >> static entries.)
> >
> > AFAICT, even before my rewrite of much of this code in 3149319a and
> > subsequent correction in adc0f830, if a static ID was specified as
> part
> > of USERADD_PARAM_${PN} then no error would be issued. However, we can
> > certainly change the code to always fail/warn if no ID is specified
> > in any of the passwd/groups files. It should just be a matter of
> > removing the if statements preceding the calls to handle_missing_id()
> > below. (I will do some verification and send an updated patch
> > tomorrow if this is the way the class should work.)
>
> The intention was always that the uname/gname had to be specified in
> the useradd tables in some way, or a warning/error would occur.
>
> If the fields were blank in the tables, the system would use the
> versions located in the recipe -- otherwise it would use the version in
> the table. (At one point, but I don't think this was ever pushed in --
> if a static ID was set in the recipe, there was a verification that the
> static version in both the recipe and the table files was the same --
> otherwise it could indicate the package may not be built properly.)
>
> >> I agree the error message below looks wrong, do the existing
> >> warning/error messages about it not being defined int he useradd
> >> tables still occur with this patch?
> >
> > The error message below occurred because before my fix it forgot all
> > the parameters that were specified in USERADD_PARAM_${PN} when it
> > took the continue.
>
> Ok, we need to fix that bug first then.
>
> We should then verify the second issue and fix it in a subsequent
> commit. The key being that of the user/group was not in the table
> we warn them (or error) -- preventing unexpected users from showing up.
I have verified now that removing the if statements will get us the wanted
behavior that all users/group must have static IDs in the passwd/groups
files even if they have static IDs defined in the recipe. I had intended
to just squash that change with the first one, but I can do it as two
separate commits.
> The check both static IDs are the same could very well be a TODO item
> (that is never done) -- but something that should be considered.
There is a warning if a static ID is specified in the recipe and it is
changed due to having a different value in the passwd file. I think that
is good enough.
> Thanks!
> --Mark
//Peter
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] useradd-staticids.bbclass: Support recipes specifying static IDs
2017-03-14 0:47 ` Peter Kjellerstedt
@ 2017-03-14 1:35 ` Mark Hatle
0 siblings, 0 replies; 6+ messages in thread
From: Mark Hatle @ 2017-03-14 1:35 UTC (permalink / raw)
To: Peter Kjellerstedt, openembedded-core
On 3/13/17 7:47 PM, Peter Kjellerstedt wrote:
>> -----Original Message-----
>> From: Mark Hatle [mailto:mark.hatle@windriver.com]
>> Sent: den 13 mars 2017 17:50
>> To: Peter Kjellerstedt; openembedded-core@lists.openembedded.org
>> Subject: Re: [OE-core] [PATCH] useradd-staticids.bbclass: Support
>> recipes specifying static IDs
>>
>> On 3/13/17 11:11 AM, Peter Kjellerstedt wrote:
>>>> -----Original Message-----
>>>> From: Mark Hatle [mailto:mark.hatle@windriver.com]
>>>> Sent: den 13 mars 2017 14:56
>>>> To: Peter Kjellerstedt; openembedded-core@lists.openembedded.org
>>>> Subject: Re: [OE-core] [PATCH] useradd-staticids.bbclass: Support
>>>> recipes specifying static IDs
>>>>
>>>> On 3/10/17 11:27 PM, Peter Kjellerstedt wrote:
>>>>> If this bblcass is used and a recipe specifies a static ID for a
>>>>> user/group as part of the USERADD_PARAM_${PN} or
>> GROUPADD_PARAM_${PN},
>>>>> the build would fail with and error like this if there was no
>>>>> corresponding ID in the passwd/group files specified via
>>>>> USERADD_UID_TABLES/USERADD_GID_TABLES:
>>>>
>>>> If the system is set in warning mode, it should warn if this is done
>>>> (but allow it).
>>>>
>>>> If the system is set to error mode, it should error.
>>>>
>>>> The useradd-staticids class is expecting the files (tables) to
>> contain
>>>> all of the entries. This is specifically to avoid the situation
>> where
>>>> a new recipe is introduced that adds a new user or group (dynamic or
>>>> static -- static because it could conflict with one of your existing
>>>> static entries.)
>>>
>>> AFAICT, even before my rewrite of much of this code in 3149319a and
>>> subsequent correction in adc0f830, if a static ID was specified as
>> part
>>> of USERADD_PARAM_${PN} then no error would be issued. However, we can
>>> certainly change the code to always fail/warn if no ID is specified
>>> in any of the passwd/groups files. It should just be a matter of
>>> removing the if statements preceding the calls to handle_missing_id()
>>> below. (I will do some verification and send an updated patch
>>> tomorrow if this is the way the class should work.)
>>
>> The intention was always that the uname/gname had to be specified in
>> the useradd tables in some way, or a warning/error would occur.
>>
>> If the fields were blank in the tables, the system would use the
>> versions located in the recipe -- otherwise it would use the version in
>> the table. (At one point, but I don't think this was ever pushed in --
>> if a static ID was set in the recipe, there was a verification that the
>> static version in both the recipe and the table files was the same --
>> otherwise it could indicate the package may not be built properly.)
>>
>>>> I agree the error message below looks wrong, do the existing
>>>> warning/error messages about it not being defined int he useradd
>>>> tables still occur with this patch?
>>>
>>> The error message below occurred because before my fix it forgot all
>>> the parameters that were specified in USERADD_PARAM_${PN} when it
>>> took the continue.
>>
>> Ok, we need to fix that bug first then.
>>
>> We should then verify the second issue and fix it in a subsequent
>> commit. The key being that of the user/group was not in the table
>> we warn them (or error) -- preventing unexpected users from showing up.
>
> I have verified now that removing the if statements will get us the wanted
> behavior that all users/group must have static IDs in the passwd/groups
> files even if they have static IDs defined in the recipe. I had intended
> to just squash that change with the first one, but I can do it as two
> separate commits.
>
>> The check both static IDs are the same could very well be a TODO item
>> (that is never done) -- but something that should be considered.
>
> There is a warning if a static ID is specified in the recipe and it is
> changed due to having a different value in the passwd file. I think that
> is good enough.
Perfect! Thank you for checking all of this.
--Mark
>> Thanks!
>> --Mark
>
> //Peter
>
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2017-03-14 1:35 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-03-11 5:27 [PATCH] useradd-staticids.bbclass: Support recipes specifying static IDs Peter Kjellerstedt
2017-03-13 13:55 ` Mark Hatle
2017-03-13 16:11 ` Peter Kjellerstedt
2017-03-13 16:50 ` Mark Hatle
2017-03-14 0:47 ` Peter Kjellerstedt
2017-03-14 1:35 ` Mark Hatle
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.