From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 6782218062963671040 X-Received: by 2002:a17:906:af55:: with SMTP id ly21mr2119681ejb.115.1579168931013; Thu, 16 Jan 2020 02:02:11 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a17:906:1f97:: with SMTP id t23ls6095334ejr.11.gmail; Thu, 16 Jan 2020 02:02:10 -0800 (PST) X-Google-Smtp-Source: APXvYqxdSkbZrmz5mx6wqMPsnZOMPLwzRSfHBmAWvpZj98i3ib81gOoii6urSD+AFm8RK0MHPx4n X-Received: by 2002:a17:906:ecae:: with SMTP id qh14mr2080795ejb.229.1579168930339; Thu, 16 Jan 2020 02:02:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1579168930; cv=none; d=google.com; s=arc-20160816; b=nwc2GBF0PMkxlkSl2dR5LejGLiXnmvRkeIx6uQRQJhIAN1wMWYVy66wsF44CFGibIH WZLaUAFNEZ+aPjnBeEBGuoBn87GtLVQa1Dwf5oaokoPDCZDddeNJNZtkc9smwmsgZINw kKDDu8mmw46KjjRtQ1CjfO4RxOVvMQzcDjousNVdiIETUbEASqhaBw+mFhupHy6y8UBU gP7vCwFJrLxeYcPqp6LSvQyJ2juF4kh/AMTJHXbEllOGxVD9DrNfdBuADV/GHeo7/Jb2 oAzexFJ+NlR0w5ef5Z/gOs9tyMkT0ybpjyIf+zkc4fMfKcuYKJH9lq4pI6bOEkGIjHpx Kmcw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:content-language:in-reply-to:mime-version :user-agent:date:message-id:from:references:cc:to:subject; bh=8Mx9OvFM1/kstMq/Sw6bf2W39sRW7Pf9dO3p2IE4GF0=; b=bOFPx9Lr9NPytFT6K9BGIx63amlyty4CUSU7FiZA7OrtkTRNp8oxW1hlfP+XPQucBT lFaHadzTa5XXfnJEaW6AI0bTZEcirHi9UhAZpZPE0hLG44nVrY1nWh0LA+Snscv5rk87 hneHPnpEGeQdnb1aSsRil2H4d0QJyWCFVPuX8zKAKWCrWZCVZ+6fOa/bB+43OwE9P3KN 5dreIXmCqhdBoFLZWW4SXyNOuM0CwV197BWxtO6Y6KtoQqtZlyvqhtIySq0DvKGrtunj 6cYIUrSu0/7eeiwDJ4DwcE2Pm2fRrwFIN5UunwtsKJ1mWXqbe4AJUpd7mzutR3sTC/Xh KOfA== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of jan.kiszka@siemens.com designates 194.138.37.39 as permitted sender) smtp.mailfrom=jan.kiszka@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Return-Path: Received: from lizzard.sbs.de (lizzard.sbs.de. [194.138.37.39]) by gmr-mx.google.com with ESMTPS id n21si854098eja.0.2020.01.16.02.02.10 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 16 Jan 2020 02:02:10 -0800 (PST) Received-SPF: pass (google.com: domain of jan.kiszka@siemens.com designates 194.138.37.39 as permitted sender) client-ip=194.138.37.39; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of jan.kiszka@siemens.com designates 194.138.37.39 as permitted sender) smtp.mailfrom=jan.kiszka@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Received: from mail2.sbs.de (mail2.sbs.de [192.129.41.66]) by lizzard.sbs.de (8.15.2/8.15.2) with ESMTPS id 00GA29ht026991 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Thu, 16 Jan 2020 11:02:10 +0100 Received: from [139.23.78.127] ([139.23.78.127]) by mail2.sbs.de (8.15.2/8.15.2) with ESMTP id 00GA29mO030690; Thu, 16 Jan 2020 11:02:09 +0100 Subject: Re: [PATCH] doc: document how to best populate users home dirs and add example To: "[ext] Henning Schild" , isar-users@googlegroups.com Cc: "Q . Gylstorff" References: <20200115170954.20235-1-henning.schild@siemens.com> From: Jan Kiszka Message-ID: <53343feb-9076-db38-4941-7b67d122586f@siemens.com> Date: Thu, 16 Jan 2020 11:02:09 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.3.0 MIME-Version: 1.0 In-Reply-To: <20200115170954.20235-1-henning.schild@siemens.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-TUID: kk8sK/Dok5Vh On 15.01.20 18:09, [ext] Henning Schild wrote: > From: Henning Schild > > People that create users often also end up wanting to place content in > their home. Add a short section on how to best do that, including an > example implementation in example-raw. > > Signed-off-by: Henning Schild > --- > doc/user_manual.md | 11 +++++++++++ > .../recipes-app/example-raw/example-raw_0.3.bb | 5 +++++ > meta-isar/recipes-app/example-raw/files/postinst | 13 +++++++++++++ > 3 files changed, 29 insertions(+) > > diff --git a/doc/user_manual.md b/doc/user_manual.md > index d501a706..8f5bc936 100644 > --- a/doc/user_manual.md > +++ b/doc/user_manual.md > @@ -546,6 +546,17 @@ The `USERS` and `USER_` variable works similar to the `GROUPS` and `GR > - `system` - `useradd` will be called with `--system`. > - `allow-empty-password` - Even if the `password` flag is empty, it will still be set. This results in a login without password. > > +#### Home directory contents prefilling > + > +To cover all users simply use `/etc/skel`. Files in there will be available in every home directory under correct permissions. > +If you have just one user you might end up abusing this for large content, that is a waste of space. > + > +To place content into specific homes drop those files into position and create the user and possibly group in `postinst`. Now you can chown the contents because the user is known. > + > +The regular user and group configuration will still apply later, it will just change an existing user. > + > +meta-isar/recipes-app/example-raw contains an example > + > --- > > ## Create a Custom Image Recipe > diff --git a/meta-isar/recipes-app/example-raw/example-raw_0.3.bb b/meta-isar/recipes-app/example-raw/example-raw_0.3.bb > index d9f3a2e9..cc0d0591 100644 > --- a/meta-isar/recipes-app/example-raw/example-raw_0.3.bb > +++ b/meta-isar/recipes-app/example-raw/example-raw_0.3.bb > @@ -31,4 +31,9 @@ do_install() { > echo "# empty config file" > ${WORKDIR}/${PN}.conf > install -v -d ${D}/etc/ > install -v -m 644 ${WORKDIR}/${PN}.conf ${D}/etc/${PN}.conf > + > + bbnote "A user-specific HOME entry" > + echo "hello isar" > ${WORKDIR}/${PN}-isar.txt > + install -v -d ${D}/var/lib/isar/ > + install -v -m 644 ${WORKDIR}/${PN}-isar.txt ${S}/var/lib/isar/ > } > diff --git a/meta-isar/recipes-app/example-raw/files/postinst b/meta-isar/recipes-app/example-raw/files/postinst > index 416ff349..f48d993c 100644 > --- a/meta-isar/recipes-app/example-raw/files/postinst > +++ b/meta-isar/recipes-app/example-raw/files/postinst > @@ -2,4 +2,17 @@ > > set -e > > +if ! getent group isar >/dev/null; then > + addgroup --quiet --system isar > +fi > + > +if ! getent passwd isar >/dev/null; then > + useradd --system --gid isar --create-home \ > + --home /var/lib/isar --no-user-group \ > + --comment "My isar user" \ > + isar > +fi > + > +chown -R isar:isar /var/lib/isar > + > echo "isar" > /etc/hostname > Looks good to me - valuable information. Jan -- Siemens AG, Corporate Technology, CT RDA IOT SES-DE Corporate Competence Center Embedded Linux