From patchwork Mon Jun 15 07:20:41 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Norbert Lange X-Patchwork-Id: 1309254 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net (client-ip=140.211.166.137; helo=fraxinus.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=N/mN+WY8; dkim-atps=neutral Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49ljS33QWcz9sQx for ; Mon, 15 Jun 2020 17:21:22 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 6A79886FE9; Mon, 15 Jun 2020 07:21:20 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IVvap0BweldK; Mon, 15 Jun 2020 07:21:19 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by fraxinus.osuosl.org (Postfix) with ESMTP id CA81F86FFD; Mon, 15 Jun 2020 07:21:19 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by ash.osuosl.org (Postfix) with ESMTP id 0ADA31BF4E7 for ; Mon, 15 Jun 2020 07:21:17 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 07ACC8815A for ; Mon, 15 Jun 2020 07:21:17 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hDP7ZAYEL3MG for ; Mon, 15 Jun 2020 07:21:14 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-wm1-f68.google.com (mail-wm1-f68.google.com [209.85.128.68]) by whitealder.osuosl.org (Postfix) with ESMTPS id D4D0D87DC5 for ; Mon, 15 Jun 2020 07:21:13 +0000 (UTC) Received: by mail-wm1-f68.google.com with SMTP id y20so13664273wmi.2 for ; Mon, 15 Jun 2020 00:21:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=W/iSPBCtymVbkxRdFDNbzx6w0AFdwP3XYqKogLjhwHU=; b=N/mN+WY8FZ1TmaxppgAq4no+Mj55ZBot2RMaElhtAxQqVo1KsNeLPTlkije8iKmI4h sKmvAZGVxm4SYO9xftw0m9AI3acauJIsbbVhhWcO6gL9M92gOvsyaCrXCihD83w/Y9ux kSb7oqbQ1z/8AbWBi5EJOrOJdnY4a+IzPZVpCltXfKjX7zsohEYOEr/aOkYFElwunuC8 ybzBNpLWXc1z4F37hS9CK+qBPrTgUblUdwwGHxXCRMaECDE2EAPYulvtcSgp0cuPZ1QP jAWsibMEPxyqs90pclcWZ3aCzkfmfOHDoTZQPSB7EYUuBIyJyX7l8wVQUDT6/dpBvEIQ QwXA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=W/iSPBCtymVbkxRdFDNbzx6w0AFdwP3XYqKogLjhwHU=; b=pPiCaIJLnUuYlJVOecDbyvPMxJp5hEKqDyKjMWzoWCUzgJEj01RKbKXfuqHx8cjKfw d2cPbUVTZNbv7xpzar6rtqGyf+1eTP0mC9ZYfkmyip64QU1bzgeRVBdTFBXV+IfA2kY/ q0euEyQdJ4YMKzuT/9y0uIaK/kJwoqKTH8JtsQb7AXdmihY5dRcITDQG4T5mUP15rE8+ n+hhBELXBXuY60yB2Ks5LxTL7FYSwdt1l/50UP+AKOMmtqb5vdsvPEX1Qjv68IZWm1AL Ij4GgyAp0rWe4m+1BSmJNJd6+09V5X0K+TPwNcxW2VwhBPEUQgF3rNPxNRSlM54HICSw l1Ng== X-Gm-Message-State: AOAM531roQqak9wqwQxIf9DJnjommUeGX/KU/FSsOBONLTIePoLqAlvs IeryO0KUMoi9mmzU/UttXMv7/L8ncu5juw== X-Google-Smtp-Source: ABdhPJzqDwXiYAYjYZZyS2sP2IrlrjHcf1TdJl7e5ksbUA4xnNnoI2tSDnMDFlpP+Nrix1dXYUQZeg== X-Received: by 2002:a1c:f204:: with SMTP id s4mr12236074wmc.159.1592205672005; Mon, 15 Jun 2020 00:21:12 -0700 (PDT) Received: from localhost.localdomain (84-114-45-16.cable.dynamic.surfer.at. [84.114.45.16]) by smtp.gmail.com with ESMTPSA id q4sm5605291wmc.1.2020.06.15.00.21.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 15 Jun 2020 00:21:11 -0700 (PDT) From: Norbert Lange To: buildroot@buildroot.org Date: Mon, 15 Jun 2020 09:20:41 +0200 Message-Id: <20200615072055.2083-2-nolange79@gmail.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200615072055.2083-1-nolange79@gmail.com> References: <20200615072055.2083-1-nolange79@gmail.com> MIME-Version: 1.0 Subject: [Buildroot] [PATCH v2 01/14] package/systemd: configure nss plugins in nsswitch.conf X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Norbert Lange , jeremy.rosen@smile.fr, "Yann E. MORIN" , Adam Duskett , Maxime Hadjinlian Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" This adds configuration of the nsswitch.conf file, it does so by pathing the template provided by systemd. The template is fully populated, the services that are not available are removed. If the plugin nss-compat is not available, the entries will be replaced with nss-files. nss-systemd is used for the DynamicUser features, which is a defacto necessity for systemd. It handles transient users/groups without touching the /etc/{passwd,group} files on disk. nss-myhostname allows resolving the hostname, again without touching files in /etc. Enabling this feature requires configuring the plugin. nss-resolve is part of resolved, and required for consistent dns lookups. nss-mymachines adds name resolution from containers. Signed-off-by: Norbert Lange --- package/systemd/systemd.mk | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk index e61cec80f0..cf6c0f9576 100644 --- a/package/systemd/systemd.mk +++ b/package/systemd/systemd.mk @@ -472,7 +472,23 @@ define SYSTEMD_INSTALL_MACHINEID_HOOK touch $(TARGET_DIR)/etc/machine-id endef +define SYSTEMD_NSSCONFIG_HOOK + [ -r "$$(find $(TARGET_DIR)/usr/lib -name libnss_compat.so.*)" ] || \ + sed 's,\bcompat\b,files,g' -i $(TARGET_DIR)/usr/share/factory/etc/nsswitch.conf + [ "$(BR2_PACKAGE_SYSTEMD_RESOLVED)" = "y" ] || \ + sed -e 's,\bresolve[[:space:]][[:space:]]*\[[^]]*\][[:space:]]*,,g' \ + -e 's,\bresolve\b[[:space:]]*,,g' -i $(TARGET_DIR)/usr/share/factory/etc/nsswitch.conf + [ "$(BR2_PACKAGE_SYSTEMD_MYHOSTNAME)" = "y" ] || \ + sed -e 's,\bmyhostname[[:space:]][[:space:]]*\[[^]]*\][[:space:]]*,,g' \ + -e 's,\bmyhostname\b[[:space:]]*,,g' -i $(TARGET_DIR)/usr/share/factory/etc/nsswitch.conf + [ "$(BR2_PACKAGE_SYSTEMD_MACHINED)" = "y" ] || \ + sed -e 's,\bmymachines[[:space:]][[:space:]]*\[[^]]*\][[:space:]]*,,g' \ + -e 's,\bmymachines\b[[:space:]]*,,g' -i $(TARGET_DIR)/usr/share/factory/etc/nsswitch.conf + install -m644 $(TARGET_DIR)/usr/share/factory/etc/nsswitch.conf $(TARGET_DIR)/etc/nsswitch.conf +endef + SYSTEMD_POST_INSTALL_TARGET_HOOKS += \ + SYSTEMD_NSSCONFIG_HOOK \ SYSTEMD_INSTALL_INIT_HOOK \ SYSTEMD_INSTALL_MACHINEID_HOOK \ SYSTEMD_INSTALL_RESOLVCONF_HOOK