All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] libpam: split /etc/environment into pam-plugin-env package
@ 2023-11-24 14:12 Martin Hundebøll
  2023-11-26 22:00 ` [OE-core] " Peter Kjellerstedt
  0 siblings, 1 reply; 2+ messages in thread
From: Martin Hundebøll @ 2023-11-24 14:12 UTC (permalink / raw)
  To: openembedded-core; +Cc: Martin Hundebøll

Since systemd-v255, pam-plugin-umask is pulled in by by the logind
package config for systemd. This causes /etc/environment to by installed
as part of libpam-runtime. In our case, this broke do_rootfs for our
image, because /etc/environment is already provided another (custom)
recipe.

Fix this by making the /etc/environment file part of the pam-plugin-env
package, which isn't automatically pulled in by systemd-logind. It also
happens to be the where it should be, as the file is installed as by the
pam_env plugin.

Signed-off-by: Martin Hundebøll <martin@geanix.com>
---
 meta/recipes-extended/pam/libpam_1.5.3.bb | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/meta/recipes-extended/pam/libpam_1.5.3.bb b/meta/recipes-extended/pam/libpam_1.5.3.bb
index 1aa307af4d..c2ba1e6899 100644
--- a/meta/recipes-extended/pam/libpam_1.5.3.bb
+++ b/meta/recipes-extended/pam/libpam_1.5.3.bb
@@ -51,9 +51,14 @@ PACKAGECONFIG[userdb] = "--enable-db=db,--enable-db=no,db,"
 PACKAGES += "${PN}-runtime ${PN}-xtests"
 FILES:${PN} = "${base_libdir}/lib*${SOLIBS}"
 FILES:${PN}-dev += "${base_libdir}/security/*.la ${base_libdir}/*.la ${base_libdir}/lib*${SOLIBSDEV}"
-FILES:${PN}-runtime = "${sysconfdir} ${sbindir} ${systemd_system_unitdir}"
+FILES:${PN}-runtime = "${sysconfdir}/pam.d ${sysconfdir}/security ${sysconfdir}/tmpfiles.d ${sbindir} ${systemd_system_unitdir}"
 FILES:${PN}-xtests = "${datadir}/Linux-PAM/xtests"
 
+# libpam installs /etc/environment for use with the pam_env plugin. Make sure it is
+# packaged with the pam-plugin-env package to avoid breaking installations which
+# install that file via other packages
+FILES:pam-plugin-env = "/etc/environment"
+
 PACKAGES_DYNAMIC += "^${MLPREFIX}pam-plugin-.*"
 
 def get_multilib_bit(d):
-- 
2.42.0



^ permalink raw reply related	[flat|nested] 2+ messages in thread
* RE: [OE-core] [PATCH] libpam: split /etc/environment into pam-plugin-env package
  2023-11-24 14:12 [PATCH] libpam: split /etc/environment into pam-plugin-env package Martin Hundebøll
@ 2023-11-26 22:00 ` Peter Kjellerstedt
  0 siblings, 0 replies; 2+ messages in thread
From: Peter Kjellerstedt @ 2023-11-26 22:00 UTC (permalink / raw)
  To: Martin Hundeb?ll, openembedded-core

> -----Original Message-----
> From: openembedded-core@lists.openembedded.org <openembedded-core@lists.openembedded.org> On Behalf Of Martin Hundeb?ll
> Sent: den 24 november 2023 15:12
> To: openembedded-core@lists.openembedded.org
> Cc: Martin Hundebøll <martin@geanix.com>
> Subject: [OE-core] [PATCH] libpam: split /etc/environment into pam-plugin-env package
> 
> Since systemd-v255, pam-plugin-umask is pulled in by by the logind
> package config for systemd. This causes /etc/environment to by installed

Change "by" to "be".

> as part of libpam-runtime. In our case, this broke do_rootfs for our
> image, because /etc/environment is already provided another (custom)

Change "another" to "by another".

> recipe.
> 
> Fix this by making the /etc/environment file part of the pam-plugin-env
> package, which isn't automatically pulled in by systemd-logind. It also
> happens to be the where it should be, as the file is installed as by the
> pam_env plugin.
> 
> Signed-off-by: Martin Hundebøll <martin@geanix.com>
> ---
>  meta/recipes-extended/pam/libpam_1.5.3.bb | 7 ++++++-
>  1 file changed, 6 insertions(+), 1 deletion(-)
> 
> diff --git a/meta/recipes-extended/pam/libpam_1.5.3.bb b/meta/recipes-extended/pam/libpam_1.5.3.bb
> index 1aa307af4d..c2ba1e6899 100644
> --- a/meta/recipes-extended/pam/libpam_1.5.3.bb
> +++ b/meta/recipes-extended/pam/libpam_1.5.3.bb
> @@ -51,9 +51,14 @@ PACKAGECONFIG[userdb] = "--enable-db=db,--enable-db=no,db,"
>  PACKAGES += "${PN}-runtime ${PN}-xtests"
>  FILES:${PN} = "${base_libdir}/lib*${SOLIBS}"
>  FILES:${PN}-dev += "${base_libdir}/security/*.la ${base_libdir}/*.la ${base_libdir}/lib*${SOLIBSDEV}"
> -FILES:${PN}-runtime = "${sysconfdir} ${sbindir} ${systemd_system_unitdir}"
> +FILES:${PN}-runtime = "${sysconfdir}/pam.d ${sysconfdir}/security ${sysconfdir}/tmpfiles.d ${sbindir} ${systemd_system_unitdir}"

This is prone to errors if libpam adds anything else to /etc in the future. 
If you instead add `prepend=True` as argument to the do_split_packages() 
call that creates the pam-plugin packages, this should not be needed.

>  FILES:${PN}-xtests = "${datadir}/Linux-PAM/xtests"
> 
> +# libpam installs /etc/environment for use with the pam_env plugin. Make sure it is
> +# packaged with the pam-plugin-env package to avoid breaking installations which
> +# install that file via other packages
> +FILES:pam-plugin-env = "/etc/environment"

Change /etc to ${sysconfir}.

> +
>  PACKAGES_DYNAMIC += "^${MLPREFIX}pam-plugin-.*"
> 
>  def get_multilib_bit(d):
> --
> 2.42.0

//Peter


^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-11-26 22:00 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-11-24 14:12 [PATCH] libpam: split /etc/environment into pam-plugin-env package Martin Hundebøll
2023-11-26 22:00 ` [OE-core] " Peter Kjellerstedt

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.