* [RFC PATCH 0/2] Centralize root password and hostname setting @ 2019-02-05 13:42 claudius.heine.ext 2019-02-05 13:42 ` [RFC PATCH 1/2] meta: add isar-cfg-rootpw recipe for setting root password claudius.heine.ext 2019-02-05 13:42 ` [RFC PATCH 2/2] meta: add isar-cfg-hostname recipe for setting the hostname claudius.heine.ext 0 siblings, 2 replies; 5+ messages in thread From: claudius.heine.ext @ 2019-02-05 13:42 UTC (permalink / raw) To: isar-users; +Cc: Claudius Heine From: Claudius Heine <ch@denx.de> Hi, it would be nice if isar would provide a central approach of setting the root password and hostname of the image. I prepared some patches for this based on the template system patchset to demonstrate this. How should those packages be selected? Manually or maybe via some switch or feature array? Should those packages be grouped together? How is the UX of this? Name of variables etc.? I think it would also be nice to be able to create users similar to how OE does it with the 'useradd.bbclass'[1]. What do you think? Good idea? Thanks for the feedback, Claudius [1] https://www.yoctoproject.org/docs/latest/mega-manual/mega-manual.html#ref-classes-useradd Claudius Heine (2): meta: add isar-cfg-rootpw recipe for setting root password meta: add isar-cfg-hostname recipe for setting the hostname meta-isar/conf/local.conf.sample | 3 ++- .../recipes-app/example-raw/files/postinst | 6 ------ .../isar-cfg-hostname/files/postinst.tmpl | 8 ++++++++ .../isar-cfg-hostname/isar-cfg-hostname.bb | 16 ++++++++++++++++ .../isar-cfg-rootpw/files/postinst.tmpl | 11 +++++++++++ .../isar-cfg-rootpw/isar-cfg-rootpw.bb | 19 +++++++++++++++++++ 6 files changed, 56 insertions(+), 7 deletions(-) create mode 100644 meta/recipes-support/isar-cfg-hostname/files/postinst.tmpl create mode 100644 meta/recipes-support/isar-cfg-hostname/isar-cfg-hostname.bb create mode 100644 meta/recipes-support/isar-cfg-rootpw/files/postinst.tmpl create mode 100644 meta/recipes-support/isar-cfg-rootpw/isar-cfg-rootpw.bb -- 2.20.1 ^ permalink raw reply [flat|nested] 5+ messages in thread
* [RFC PATCH 1/2] meta: add isar-cfg-rootpw recipe for setting root password 2019-02-05 13:42 [RFC PATCH 0/2] Centralize root password and hostname setting claudius.heine.ext @ 2019-02-05 13:42 ` claudius.heine.ext 2019-02-06 12:12 ` Henning Schild 2019-02-05 13:42 ` [RFC PATCH 2/2] meta: add isar-cfg-hostname recipe for setting the hostname claudius.heine.ext 1 sibling, 1 reply; 5+ messages in thread From: claudius.heine.ext @ 2019-02-05 13:42 UTC (permalink / raw) To: isar-users; +Cc: Claudius Heine From: Claudius Heine <ch@denx.de> The isar-cfg-rootpw recipe is a central point to set the root password for images. It provides the `CFG_ROOT_LOCKED` and `CFG_ROOT_PW` variables, that can be set from any `.conf` file or via `isar-cfg-rootpw.bbappend`. The `CFG_ROOT_LOCKED` variable that can be set to "1" in order to lock the root account, other values leave the account unlocked. The `CFG_ROOT_RW` variable contains either a root password, or is empty, in which case login without password is possible. Signed-off-by: Claudius Heine <ch@denx.de> --- meta-isar/conf/local.conf.sample | 3 ++- .../recipes-app/example-raw/files/postinst | 4 ---- .../isar-cfg-rootpw/files/postinst.tmpl | 11 +++++++++++ .../isar-cfg-rootpw/isar-cfg-rootpw.bb | 19 +++++++++++++++++++ 4 files changed, 32 insertions(+), 5 deletions(-) create mode 100644 meta/recipes-support/isar-cfg-rootpw/files/postinst.tmpl create mode 100644 meta/recipes-support/isar-cfg-rootpw/isar-cfg-rootpw.bb diff --git a/meta-isar/conf/local.conf.sample b/meta-isar/conf/local.conf.sample index a671b20..a2bdd7e 100644 --- a/meta-isar/conf/local.conf.sample +++ b/meta-isar/conf/local.conf.sample @@ -161,7 +161,8 @@ CONF_VERSION = "1" # # The default list of extra packages to be installed. -IMAGE_INSTALL = "hello-isar example-raw example-module-${KERNEL_NAME} enable-fsck" +IMAGE_INSTALL = "hello-isar example-raw example-module-${KERNEL_NAME} enable-fsck \ + isar-cfg-rootpw" # # Enable cross-compilation support diff --git a/meta-isar/recipes-app/example-raw/files/postinst b/meta-isar/recipes-app/example-raw/files/postinst index f60be8c..f48d993 100644 --- a/meta-isar/recipes-app/example-raw/files/postinst +++ b/meta-isar/recipes-app/example-raw/files/postinst @@ -15,8 +15,4 @@ fi chown -R isar:isar /var/lib/isar -# this wins over meta-isar/recipes-core/images/files/*configscript.sh -# but we take the same password for this example -echo "root:root" | chpasswd - echo "isar" > /etc/hostname diff --git a/meta/recipes-support/isar-cfg-rootpw/files/postinst.tmpl b/meta/recipes-support/isar-cfg-rootpw/files/postinst.tmpl new file mode 100644 index 0000000..51e901e --- /dev/null +++ b/meta/recipes-support/isar-cfg-rootpw/files/postinst.tmpl @@ -0,0 +1,11 @@ +#!/bin/sh +set -e +if [ "${CFG_ROOT_LOCKED}" == "1" ]; then + passwd -l root +else + if [ -n "${CFG_ROOT_PW}" ]; then + echo "root:${CFG_ROOT_PW}" | chpasswd + else + passwd -d root + fi +fi diff --git a/meta/recipes-support/isar-cfg-rootpw/isar-cfg-rootpw.bb b/meta/recipes-support/isar-cfg-rootpw/isar-cfg-rootpw.bb new file mode 100644 index 0000000..adee3b5 --- /dev/null +++ b/meta/recipes-support/isar-cfg-rootpw/isar-cfg-rootpw.bb @@ -0,0 +1,19 @@ +# This software is a part of ISAR. + +DESCRIPTION = "Isar configuration package for root password" +MAINTAINER = "isar-users <isar-users@googlegroups.com>" +DEBIAN_DEPENDS = "passwd" + +SRC_URI = "file://postinst.tmpl" + +TEMPLATE_FILES = "postinst.tmpl" +TEMPLATE_VARS = "CFG_ROOT_PW CFG_ROOT_LOCKED" + +CFG_ROOT_PW ??= "" +CFG_ROOT_LOCKED ??= "0" + +inherit dpkg-raw + +do_install() { + echo "intentionally left blank" +} -- 2.20.1 ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [RFC PATCH 1/2] meta: add isar-cfg-rootpw recipe for setting root password 2019-02-05 13:42 ` [RFC PATCH 1/2] meta: add isar-cfg-rootpw recipe for setting root password claudius.heine.ext @ 2019-02-06 12:12 ` Henning Schild 0 siblings, 0 replies; 5+ messages in thread From: Henning Schild @ 2019-02-06 12:12 UTC (permalink / raw) To: [ext] claudius.heine.ext@siemens.com; +Cc: isar-users, Claudius Heine Good idea to tackle the password problem! The current way of not having a fallback in Isar means that every layer has to somehow deal with the rootpw, and once you start combining layers you get conflicts of multiple packages wanting to set the password. The result is a "random" password depending on the install order of the several packages. We need one central way (fallback) again. One that supports one/emtpy/no passwd cases just like your suggestion. What i do not like is the fact that the package will always have the same PN-PV, even if the content is different. Say you find the .dep somewhere and install it with "dpkg -i", the result will be pretty random again, depending on where you found the .deb. Henning Am Tue, 5 Feb 2019 14:42:34 +0100 schrieb "[ext] claudius.heine.ext@siemens.com" <claudius.heine.ext@siemens.com>: > From: Claudius Heine <ch@denx.de> > > The isar-cfg-rootpw recipe is a central point to set the root password > for images. It provides the `CFG_ROOT_LOCKED` and `CFG_ROOT_PW` > variables, that can be set from any `.conf` file or via > `isar-cfg-rootpw.bbappend`. > > The `CFG_ROOT_LOCKED` variable that can be set to "1" in order to lock > the root account, other values leave the account unlocked. > > The `CFG_ROOT_RW` variable contains either a root password, or is > empty, in which case login without password is possible. > > Signed-off-by: Claudius Heine <ch@denx.de> > --- > meta-isar/conf/local.conf.sample | 3 ++- > .../recipes-app/example-raw/files/postinst | 4 ---- > .../isar-cfg-rootpw/files/postinst.tmpl | 11 +++++++++++ > .../isar-cfg-rootpw/isar-cfg-rootpw.bb | 19 > +++++++++++++++++++ 4 files changed, 32 insertions(+), 5 deletions(-) > create mode 100644 > meta/recipes-support/isar-cfg-rootpw/files/postinst.tmpl create mode > 100644 meta/recipes-support/isar-cfg-rootpw/isar-cfg-rootpw.bb > > diff --git a/meta-isar/conf/local.conf.sample > b/meta-isar/conf/local.conf.sample index a671b20..a2bdd7e 100644 > --- a/meta-isar/conf/local.conf.sample > +++ b/meta-isar/conf/local.conf.sample > @@ -161,7 +161,8 @@ CONF_VERSION = "1" > > # > # The default list of extra packages to be installed. > -IMAGE_INSTALL = "hello-isar example-raw > example-module-${KERNEL_NAME} enable-fsck" +IMAGE_INSTALL = > "hello-isar example-raw example-module-${KERNEL_NAME} enable-fsck \ > + isar-cfg-rootpw" > > # > # Enable cross-compilation support > diff --git a/meta-isar/recipes-app/example-raw/files/postinst > b/meta-isar/recipes-app/example-raw/files/postinst index > f60be8c..f48d993 100644 --- > a/meta-isar/recipes-app/example-raw/files/postinst +++ > b/meta-isar/recipes-app/example-raw/files/postinst @@ -15,8 +15,4 @@ > fi > chown -R isar:isar /var/lib/isar > > -# this wins over meta-isar/recipes-core/images/files/*configscript.sh > -# but we take the same password for this example > -echo "root:root" | chpasswd > - > echo "isar" > /etc/hostname > diff --git a/meta/recipes-support/isar-cfg-rootpw/files/postinst.tmpl > b/meta/recipes-support/isar-cfg-rootpw/files/postinst.tmpl new file > mode 100644 index 0000000..51e901e > --- /dev/null > +++ b/meta/recipes-support/isar-cfg-rootpw/files/postinst.tmpl > @@ -0,0 +1,11 @@ > +#!/bin/sh > +set -e > +if [ "${CFG_ROOT_LOCKED}" == "1" ]; then > + passwd -l root > +else > + if [ -n "${CFG_ROOT_PW}" ]; then > + echo "root:${CFG_ROOT_PW}" | chpasswd > + else > + passwd -d root > + fi > +fi > diff --git a/meta/recipes-support/isar-cfg-rootpw/isar-cfg-rootpw.bb > b/meta/recipes-support/isar-cfg-rootpw/isar-cfg-rootpw.bb new file > mode 100644 index 0000000..adee3b5 > --- /dev/null > +++ b/meta/recipes-support/isar-cfg-rootpw/isar-cfg-rootpw.bb > @@ -0,0 +1,19 @@ > +# This software is a part of ISAR. > + > +DESCRIPTION = "Isar configuration package for root password" > +MAINTAINER = "isar-users <isar-users@googlegroups.com>" > +DEBIAN_DEPENDS = "passwd" > + > +SRC_URI = "file://postinst.tmpl" > + > +TEMPLATE_FILES = "postinst.tmpl" > +TEMPLATE_VARS = "CFG_ROOT_PW CFG_ROOT_LOCKED" > + > +CFG_ROOT_PW ??= "" > +CFG_ROOT_LOCKED ??= "0" > + > +inherit dpkg-raw > + > +do_install() { > + echo "intentionally left blank" > +} ^ permalink raw reply [flat|nested] 5+ messages in thread
* [RFC PATCH 2/2] meta: add isar-cfg-hostname recipe for setting the hostname 2019-02-05 13:42 [RFC PATCH 0/2] Centralize root password and hostname setting claudius.heine.ext 2019-02-05 13:42 ` [RFC PATCH 1/2] meta: add isar-cfg-rootpw recipe for setting root password claudius.heine.ext @ 2019-02-05 13:42 ` claudius.heine.ext 2019-02-06 12:15 ` Henning Schild 1 sibling, 1 reply; 5+ messages in thread From: claudius.heine.ext @ 2019-02-05 13:42 UTC (permalink / raw) To: isar-users; +Cc: Claudius Heine From: Claudius Heine <ch@denx.de> The isar-cfg-hostname recipe is a central point to set the hostname for images. It provides the `CFG_HOSTNAME` variables, which can be set from any `.conf` file or via `isar-cfg-hostname.bbappend` to the hostname that should be used. The default is 'isar'. Signed-off-by: Claudius Heine <ch@denx.de> --- meta-isar/conf/local.conf.sample | 2 +- meta-isar/recipes-app/example-raw/files/postinst | 2 -- .../isar-cfg-hostname/files/postinst.tmpl | 8 ++++++++ .../isar-cfg-hostname/isar-cfg-hostname.bb | 16 ++++++++++++++++ 4 files changed, 25 insertions(+), 3 deletions(-) create mode 100644 meta/recipes-support/isar-cfg-hostname/files/postinst.tmpl create mode 100644 meta/recipes-support/isar-cfg-hostname/isar-cfg-hostname.bb diff --git a/meta-isar/conf/local.conf.sample b/meta-isar/conf/local.conf.sample index a2bdd7e..ddd15a4 100644 --- a/meta-isar/conf/local.conf.sample +++ b/meta-isar/conf/local.conf.sample @@ -162,7 +162,7 @@ CONF_VERSION = "1" # # The default list of extra packages to be installed. IMAGE_INSTALL = "hello-isar example-raw example-module-${KERNEL_NAME} enable-fsck \ - isar-cfg-rootpw" + isar-cfg-rootpw isar-cfg-hostname" # # Enable cross-compilation support diff --git a/meta-isar/recipes-app/example-raw/files/postinst b/meta-isar/recipes-app/example-raw/files/postinst index f48d993..a28afa3 100644 --- a/meta-isar/recipes-app/example-raw/files/postinst +++ b/meta-isar/recipes-app/example-raw/files/postinst @@ -14,5 +14,3 @@ if ! getent passwd isar >/dev/null; then fi chown -R isar:isar /var/lib/isar - -echo "isar" > /etc/hostname diff --git a/meta/recipes-support/isar-cfg-hostname/files/postinst.tmpl b/meta/recipes-support/isar-cfg-hostname/files/postinst.tmpl new file mode 100644 index 0000000..b46433b --- /dev/null +++ b/meta/recipes-support/isar-cfg-hostname/files/postinst.tmpl @@ -0,0 +1,8 @@ +#!/bin/sh +set -e +if [ ! -e "/etc/hostname" ]; then + echo "${CFG_HOSTNAME}" > /etc/hostname +else + echo "/etc/hostname already exists, error" >&2 + exit -1 +fi diff --git a/meta/recipes-support/isar-cfg-hostname/isar-cfg-hostname.bb b/meta/recipes-support/isar-cfg-hostname/isar-cfg-hostname.bb new file mode 100644 index 0000000..aa41f73 --- /dev/null +++ b/meta/recipes-support/isar-cfg-hostname/isar-cfg-hostname.bb @@ -0,0 +1,16 @@ +# This software is a part of ISAR. + +DESCRIPTION = "Isar configuration package for hostname" +MAINTAINER = "isar-users <isar-users@googlegroups.com>" + +SRC_URI = "file://postinst.tmpl" + +TEMPLATE_FILES = "postinst.tmpl" +TEMPLATE_VARS = "CFG_HOSTNAME" +CFG_HOSTNAME ??= "isar" + +inherit dpkg-raw + +do_install() { + echo "intentionally left blank" +} -- 2.20.1 ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [RFC PATCH 2/2] meta: add isar-cfg-hostname recipe for setting the hostname 2019-02-05 13:42 ` [RFC PATCH 2/2] meta: add isar-cfg-hostname recipe for setting the hostname claudius.heine.ext @ 2019-02-06 12:15 ` Henning Schild 0 siblings, 0 replies; 5+ messages in thread From: Henning Schild @ 2019-02-06 12:15 UTC (permalink / raw) To: [ext] claudius.heine.ext@siemens.com; +Cc: isar-users, Claudius Heine This one is similar to the rootpw, but it is not as important. An unexpected hostname will only render your target not-usable if you made a few more mistakes. So i guess this one should wait until we have a pattern from the password recipe. Henning Am Tue, 5 Feb 2019 14:42:35 +0100 schrieb "[ext] claudius.heine.ext@siemens.com" <claudius.heine.ext@siemens.com>: > From: Claudius Heine <ch@denx.de> > > The isar-cfg-hostname recipe is a central point to set the hostname > for images. It provides the `CFG_HOSTNAME` variables, which can be set > from any `.conf` file or via `isar-cfg-hostname.bbappend` to the > hostname that should be used. The default is 'isar'. > > Signed-off-by: Claudius Heine <ch@denx.de> > --- > meta-isar/conf/local.conf.sample | 2 +- > meta-isar/recipes-app/example-raw/files/postinst | 2 -- > .../isar-cfg-hostname/files/postinst.tmpl | 8 ++++++++ > .../isar-cfg-hostname/isar-cfg-hostname.bb | 16 > ++++++++++++++++ 4 files changed, 25 insertions(+), 3 deletions(-) > create mode 100644 > meta/recipes-support/isar-cfg-hostname/files/postinst.tmpl create > mode 100644 > meta/recipes-support/isar-cfg-hostname/isar-cfg-hostname.bb > > diff --git a/meta-isar/conf/local.conf.sample > b/meta-isar/conf/local.conf.sample index a2bdd7e..ddd15a4 100644 > --- a/meta-isar/conf/local.conf.sample > +++ b/meta-isar/conf/local.conf.sample > @@ -162,7 +162,7 @@ CONF_VERSION = "1" > # > # The default list of extra packages to be installed. > IMAGE_INSTALL = "hello-isar example-raw > example-module-${KERNEL_NAME} enable-fsck \ > - isar-cfg-rootpw" > + isar-cfg-rootpw isar-cfg-hostname" > > # > # Enable cross-compilation support > diff --git a/meta-isar/recipes-app/example-raw/files/postinst > b/meta-isar/recipes-app/example-raw/files/postinst index > f48d993..a28afa3 100644 --- > a/meta-isar/recipes-app/example-raw/files/postinst +++ > b/meta-isar/recipes-app/example-raw/files/postinst @@ -14,5 +14,3 @@ > if ! getent passwd isar >/dev/null; then fi > > chown -R isar:isar /var/lib/isar > - > -echo "isar" > /etc/hostname > diff --git > a/meta/recipes-support/isar-cfg-hostname/files/postinst.tmpl > b/meta/recipes-support/isar-cfg-hostname/files/postinst.tmpl new file > mode 100644 index 0000000..b46433b --- /dev/null > +++ b/meta/recipes-support/isar-cfg-hostname/files/postinst.tmpl > @@ -0,0 +1,8 @@ > +#!/bin/sh > +set -e > +if [ ! -e "/etc/hostname" ]; then > + echo "${CFG_HOSTNAME}" > /etc/hostname > +else > + echo "/etc/hostname already exists, error" >&2 > + exit -1 > +fi > diff --git > a/meta/recipes-support/isar-cfg-hostname/isar-cfg-hostname.bb > b/meta/recipes-support/isar-cfg-hostname/isar-cfg-hostname.bb new > file mode 100644 index 0000000..aa41f73 --- /dev/null > +++ b/meta/recipes-support/isar-cfg-hostname/isar-cfg-hostname.bb > @@ -0,0 +1,16 @@ > +# This software is a part of ISAR. > + > +DESCRIPTION = "Isar configuration package for hostname" > +MAINTAINER = "isar-users <isar-users@googlegroups.com>" > + > +SRC_URI = "file://postinst.tmpl" > + > +TEMPLATE_FILES = "postinst.tmpl" > +TEMPLATE_VARS = "CFG_HOSTNAME" > +CFG_HOSTNAME ??= "isar" > + > +inherit dpkg-raw > + > +do_install() { > + echo "intentionally left blank" > +} ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2019-02-06 12:15 UTC | newest] Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2019-02-05 13:42 [RFC PATCH 0/2] Centralize root password and hostname setting claudius.heine.ext 2019-02-05 13:42 ` [RFC PATCH 1/2] meta: add isar-cfg-rootpw recipe for setting root password claudius.heine.ext 2019-02-06 12:12 ` Henning Schild 2019-02-05 13:42 ` [RFC PATCH 2/2] meta: add isar-cfg-hostname recipe for setting the hostname claudius.heine.ext 2019-02-06 12:15 ` Henning Schild
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox