Change the old user/group creation mechanism to use systemd's sysusers mechanism instead.
This is a bit of a tricky part, because before systemd we do not have this binary. So at first we have to push the sysusers files to the jails sysusers directory and use the previous compiled and installed systemd-sysusers binary in order to create the groups/users which are part of systemd inside the jail.
After that, everything works quite normal when modifying the files or direcotry owners.
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org --- systemd/systemd.nm | 65 ++++++++++++++++++++++++++++------------------ 1 file changed, 40 insertions(+), 25 deletions(-)
diff --git a/systemd/systemd.nm b/systemd/systemd.nm index 2c409694c..db57e4142 100644 --- a/systemd/systemd.nm +++ b/systemd/systemd.nm @@ -5,7 +5,7 @@
name = systemd version = 253 -release = 4 +release = 5
maintainer = Stefan Schantl stefan.schantl@ipfire.org groups = System/Base @@ -77,6 +77,9 @@ build configure_options = \ -Dsysvinit-path= \ -Dsysvrcnd-path= \ + -Dnobody-user=nobody \ + -Dnobody-group=nobody \ + -Dfallback-hostname="localhost" \ -Dzlib=true \ -Dman=true \ -Dsmack=false \ @@ -93,9 +96,26 @@ build -Dtimedated=false \ -Dpolkit=false
- prepare_cmds - %{create_groups} - end + # Assign group ids + configure_options += \ + -Dadm-gid=4 \ + -Dtty-gid=5 \ + -Ddisk-gid=6 \ + -Dlp-gid=7 \ + -Dkmem-gid=9 \ + -Dwheel-gid=10 \ + -Dcdrom-gid=11 \ + -Ddialout-gid=18 \ + -Dutmp-gid=22 \ + -Dtape-gid=33 \ + -Dkvm-gid=36 \ + -Dvideo-gid=39 \ + -Daudio-gid=63 \ + -Dusers-gid=100 \ + -Dinput-gid=104 \ + -Drender-gid=105 \ + -Dsgx-gid=106 \ + -Dsystemd-journal-gid=190
build # Call meson and pass configure options. @@ -117,6 +137,10 @@ build # Install systemd. %{meson_install}
+ # Use the installed files to create all users and groups + # in one shot. + %{create_groups} + # Create folder in log to store the journal. mkdir -pv %{BUILDROOT}/var/log/journal
@@ -202,22 +226,17 @@ build end
create_groups - # Create groups for udev. - getent group cdrom >/dev/null || groupadd -g 11 cdrom || : - getent group tape >/dev/null || groupadd -g 33 tape || : - getent group dialout >/dev/null || groupadd -g 18 dialout || : - getent group floppy >/dev/null || groupadd -g 19 floppy || : - getent group input >/dev/null || groupadd -r input || : - getent group utmp >/dev/null || groupadd -r -g 22 utmp || : - - # Create group for journald. - getent group systemd-journal >/dev/null || /usr/sbin/groupadd -r systemd-journal -end + # Create the sysusers folder in the jail. + mkdir -pv %{sysusersdir}
-quality-agent - whitelist_rpath - %{prefix}/lib/systemd - end + # Copy all sysusers files from BUILDROOT into the jail's sysusers directory. + install -v -m 644 %{BUILDROOT}%{sysusersdir}/*.conf %{sysusersdir} + + # We do not have a libsystemd or systemd-sysusers binary, so + # call the installed one inside BUILDROOT to create all users and + # groups in one shot. + LD_LIBRARY_PATH="%{BUILDROOT}%{libdir}/systemd/" \ + %{BUILDROOT}%{bindir}/systemd-sysusers end
packages @@ -273,10 +292,6 @@ packages /etc/vconsole.conf end
- script prein - %{create_groups} - end - script postin # Reexec systemd daemon. /usr/bin/systemctl daemon-reexec > /dev/null 2>&1 || : @@ -344,8 +359,8 @@ packages
# Only ship the sysusers.d folder without # any config files. - /usr/lib/sysusers.d - !/usr/lib/sysusers.d/*.conf + %{sysusersdir} + !%{sysusersdir}/*.conf end end