From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 7096466322200985600 X-Received: by 2002:a2e:a70a:0:b0:250:baa1:6fa8 with SMTP id s10-20020a2ea70a000000b00250baa16fa8mr14975143lje.422.1652334811425; Wed, 11 May 2022 22:53:31 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a05:6512:b1c:b0:472:38f0:bc75 with SMTP id w28-20020a0565120b1c00b0047238f0bc75ls1056610lfu.0.gmail; Wed, 11 May 2022 22:53:30 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwH9+ul1es/mGjk+VsIAdIuzpm0fH9ahK1bdiXtg5hFi6FwMR4xrlkeeljvHYstCpJC2+0q X-Received: by 2002:a05:6512:3405:b0:473:a5e5:1659 with SMTP id i5-20020a056512340500b00473a5e51659mr22102934lfr.379.1652334809933; Wed, 11 May 2022 22:53:29 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1652334809; cv=pass; d=google.com; s=arc-20160816; b=UeqJ38SkXN04jjRiKH+hasT2zgf4SzhQ/9GdNuLyDwQI06Yfi34Ea7wy8zo/PUWBK4 mwgF3TyvbZ1iSZ4x6qaxqoVJWVxcRVQdlWt7tcD8mUA3/oaAu/n10Ub5/DGzhdaMoSVe Gjagbf/cfTYZEeNz+lv440Mebnsjs5V4DM9Fo1Ev0g7azIGceUwsXP0BIZK+1YiEtrtm iURPQszBl9C2tz7O2r2UfnmwMttKjUf2jheuViIWtwH0B1F7mU2E6WZM+a37L0iPzphc 63lmim+nKnIV3Wd21Yu5rmuGMnfI8gcCZALwYkKEDXtp4op+XX48vRmMg8rWgLvhxK6z 1qxA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :dkim-signature; bh=jUlaTmy8mBnhAPgroxRnNvJUAHIJPuON5xNg5tBlu84=; b=e2fH4CeE2cVU5DPmmR8SQUaMjTcAGv1128rilcMLnRCjE5pwrIxulIinIiUBBtl9qm Y9VGgqv8IcVWBkmda8I03DL0aCAj80FZTUGisY5j0IKLW2Ac8ok/t8+AMPNgQJn2fbcz QewZmZZCOPdgYoGNTIdZrmjNKtiWB8XfaQzMKOBZcRkfEh/Q6exAnvRVFm276cMNha51 mCjOPb+lMz21Irnwq21KpSeegSO4LYhQ7py/mN5Sy+mzSWqDuiqI6qKOtyrfPlSpbp0u kPoIUmcqtOW6yNjSOuhzI0Ood3AvDGAMbuG2k6jvjGZsHtvoBVRGybHIy3sIq88P/+Ou 5J6Q== ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=CwQ3p9qp; arc=pass (i=1 spf=pass spfdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of jan.kiszka@siemens.com designates 2a01:111:f400:fe0e::607 as permitted sender) smtp.mailfrom=jan.kiszka@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Return-Path: Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-vi1eur04on0607.outbound.protection.outlook.com. [2a01:111:f400:fe0e::607]) by gmr-mx.google.com with ESMTPS id t16-20020a056512209000b004723ec9fc4asi213097lfr.0.2022.05.11.22.53.29 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 11 May 2022 22:53:29 -0700 (PDT) Received-SPF: pass (google.com: domain of jan.kiszka@siemens.com designates 2a01:111:f400:fe0e::607 as permitted sender) client-ip=2a01:111:f400:fe0e::607; Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=CwQ3p9qp; arc=pass (i=1 spf=pass spfdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of jan.kiszka@siemens.com designates 2a01:111:f400:fe0e::607 as permitted sender) smtp.mailfrom=jan.kiszka@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mds/VyBq9/qldVCKbC68lGv/OsojWbPsqVFNADFn9li/Loth/6Uwpfr6t6KfGZf5zFOVN9nNMqRNPZ51WoIny/h6XaocrACwuA35Gasd1X/0bxXs7/WJKPls1Fd0bT8KKIpgohB7Yxzlgf95H9tOBF1yWcPZNuTzPCqYm4z6tob0uD48UoYsF67a1P4P1ZG8NKxkxJeSewQEvoy49EXUAca6l+IEh7Bgt0sXK4oC9EdE/JeWCsAw4lX7HkeQH849tGTJyPqg0tiS+OGrdPClUbfwunfef2u0Gi59+czcl0O5mICKjz7su5PGd4KrkshILKWWTJtdxdiymtlkDnBcpg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jUlaTmy8mBnhAPgroxRnNvJUAHIJPuON5xNg5tBlu84=; b=eZ2t2ySZ3MUZqm5oy+cbhLx3sxyE6+kLjBw9vLayUOtPo0Rh43snsQCNbNwsZ8VDnIfcX88xoVVN7iQMlsgs9WLGBoN9+hpJH6Z3SHku+5ZVJ9P0YgehU2+oVHWj5pZhtn+InSpqcRlW3UvfOfxzJDYT7WAKOBlpbSRSlXDy+4ZVq3Bx1fHdU0n/OGwXP5ZUwDcz5nG+e+s1ljJvmyUa102Aa6XbrwBkHlNgSROCmuzI8AcpukDZjgvE7VSqUYQvqYVgOrvDXktVfmOd4Z70wtE7m2TNlDPVTqR6udrCFI2wmw9IpDdEuSIOtmEcz6ZgUD+Jxyh8mUReCrXBzq/2Dg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 194.138.21.72) smtp.rcpttodomain=googlegroups.com smtp.mailfrom=siemens.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=siemens.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jUlaTmy8mBnhAPgroxRnNvJUAHIJPuON5xNg5tBlu84=; b=CwQ3p9qp9uZbHGxyqnZDNHkQsHM5HdQ1IZ1wZcolpH0Bsmplky8473j00Ara3Ql/KltxTTYMw0pb63WRRty4Zz1/93dvq0ystvyfaD+Hx0fr4BD6Hgtsl+bv3G3QF2BlalLMkD2RFQZkAYk0ThLRCpdUd8c8kWZSS5aVeDSidofMYzF1FPaZ4vOV9hSclfOen7/vi1dkNZ77j3/zIPIOgKa2We/ivG68z9uDliAQZjaWoWRNtRLsk/AynyWn3U3QXKLtznXQUhYVeJM+e1b/UkKjliAscOMJZ23WBx/IBIjoMVAfb6h45tRFoLkr2Nv//fukx3SRT9nIAgPQO8GuTA== Received: from DB7PR05CA0066.eurprd05.prod.outlook.com (2603:10a6:10:2e::43) by PAXPR10MB4687.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:102:157::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5227.22; Thu, 12 May 2022 05:53:28 +0000 Received: from DB5EUR01FT011.eop-EUR01.prod.protection.outlook.com (2603:10a6:10:2e:cafe::c7) by DB7PR05CA0066.outlook.office365.com (2603:10a6:10:2e::43) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5250.14 via Frontend Transport; Thu, 12 May 2022 05:53:28 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 194.138.21.72) smtp.mailfrom=siemens.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=siemens.com; Received-SPF: Pass (protection.outlook.com: domain of siemens.com designates 194.138.21.72 as permitted sender) receiver=protection.outlook.com; client-ip=194.138.21.72; helo=hybrid.siemens.com; Received: from hybrid.siemens.com (194.138.21.72) by DB5EUR01FT011.mail.protection.outlook.com (10.152.5.3) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.5250.13 via Frontend Transport; Thu, 12 May 2022 05:53:28 +0000 Received: from DEMCHDC89XA.ad011.siemens.net (139.25.226.103) by DEMCHDC9SMA.ad011.siemens.net (194.138.21.72) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Thu, 12 May 2022 07:53:28 +0200 Received: from [167.87.0.83] (167.87.0.83) by DEMCHDC89XA.ad011.siemens.net (139.25.226.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Thu, 12 May 2022 07:53:27 +0200 Message-ID: <72da34bf-9bb5-d3ce-3027-95bfc65bca68@siemens.com> Date: Thu, 12 May 2022 07:53:20 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.8.0 Subject: Re: [PATCH 1/2] classes/image-account-extension:Move account configuration to post-process Content-Language: en-US To: Henning Schild , Quirin Gylstorff CC: References: <20220511131338.450234-1-Quirin.Gylstorff@siemens.com> <20220511131338.450234-2-Quirin.Gylstorff@siemens.com> <20220511165740.18011f63@md1za8fc.ad001.siemens.net> From: Jan Kiszka In-Reply-To: <20220511165740.18011f63@md1za8fc.ad001.siemens.net> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit Return-Path: jan.kiszka@siemens.com X-Originating-IP: [167.87.0.83] X-ClientProxiedBy: DEMCHDC8A0A.ad011.siemens.net (139.25.226.106) To DEMCHDC89XA.ad011.siemens.net (139.25.226.103) X-TM-AS-Product-Ver: SMEX-14.0.0.3080-8.6.1018-26680.007 X-TM-AS-Result: No-10--26.177800-8.000000 X-TMASE-MatchedRID: fd9c05JWinDdDS6etHbe21vsExJdwcaGPg9yfk4YC0ZqVGpA+EcxPnFa /hQHt1A133lGdNqhdtLVRob0b3Q+oIYVsNxRREEl6aiLMFdItvucfX6Ug1yFMJGA/MAGSrEgeFy zQYzPQ+SwcSh5kytY+cTFvmr6ouga2OBZermV4ICtGDjygHelCiZ4b73DIo21Kwi7MItzaY0O9z +P2gwiBcM5LQWFwBdK/ZtvMoqbxwxo9B6ImFTETJFLLXK4O58bhhAcwEAn8bnGL//8mlodA/moZ 6x4ZgCUaApFkSbMIpkhvk2mor77mjwjuxUGY0mqUlYqnfctydFHL6fZeZnRW5volHFU9p0ws62u dj2MqLDLN5nQQXYmElpwgWwusAwSaaqfso8uAhQZnYoQZ1kM13DAzxVFgG3AmIe0I1iNyQynU+N xqV3DDX16C7GFcvkyZ4eWk5EoTKlcm4Tw3Ne2vyC67BvMtfczONBUE72/hwZ1BumBmrnKW9oKfg OoKJc2TJDyHMXec/bX6TGug1j07poeAu418tOBxpZlI8ORWMzDmsS2PwIow15hVZTm4dD8QX5CV imNCmkK1YKSPbUVZKPFjJEFr+olA9Mriq0CDAgBi3kqJOK62QtuKBGekqUpPjKoPgsq7cA= X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--26.177800-8.000000 X-TMASE-Version: SMEX-14.0.0.3080-8.6.1018-26680.007 X-TM-SNTS-SMTP: 4139EB604DC635A1E9CF80C423106E5FAD8384504A61C2CFE1769709F40004672000:8 X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: eb32c506-043f-4f2e-62cb-08da33dbbcdc X-MS-TrafficTypeDiagnostic: PAXPR10MB4687:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: VhdCRAk7swkEm0z6AaOe8kdlA9AlIaT8NP46KXanLAfvKKe67aRNu625JNrhT52TghYIfnmL8g49AEGYwsZSiJ15g2nH5Txr35DlC05uZ0mu7NFLgRrzIP1bqFvz7xhiO5PTT6DOzu7r0zt96ZvZUpNHKkYX2LIKw2qq2nKAwky9xuIeAfW9xD+RY2MeNy5TTTKibCwSFEwRwR3lYxtb+IrMOyvAwIezwXIulq4xZSu5lsoE1jhDYYPY31LsTYUsNaI3e3Z/ZPiZ98EgBnjdVAR3yd77nRwG3sGAUPpAtTRkF7A20X1W8HW92XuvDu8Bslreie93+Tv4v3JKRnSRY+JnbIb4y9gzahXXb/9w37+yJpdHyGjQyZEzGr7E/c3/kIxLCqRH/OhDmnVHwmxPjCnt2iYUQZgQtAQw0Bt4Ojo2swKc5PkFnRdl4fdBg4D32Z9SenWU0NlNTploFdIZpOOmcihtdWk372jTqJQCWBZkmcf+/D8kKzxyMRbxtedztb0I5gE/Z8WfjmY3kQ9/VygVVufNgauHCkDtMumg256h1SdwDAcORg/lePp9ineE9hevy+Y31oB/vZReCB2W9Jh2kkSqLZAhgyqz/Gu4t6rPTfHusI+SNj5XaZJZW6JuJoXfoAEPJPeBhI/sHlOiXsSWlKnTyJa0Bf7+GeAc9LFFCIJodkBSbZ0h/N3piGox8KVdeUyiHnnlJjs/MA+eRmFbPUgB6H0fbwkpcaWyi+F17Oefz4TcJ6S//tX+v83P2Gv5uCMjYtuKyrv+RjxpOw== X-Forefront-Antispam-Report: CIP:194.138.21.72;CTRY:DE;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:hybrid.siemens.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230001)(4636009)(40470700004)(36840700001)(46966006)(26005)(81166007)(53546011)(15650500001)(8936002)(36756003)(31686004)(2906002)(5660300002)(44832011)(6666004)(16576012)(6706004)(6636002)(82310400005)(83380400001)(316002)(40460700003)(186003)(110136005)(82960400001)(356005)(47076005)(508600001)(70206006)(86362001)(8676002)(70586007)(36860700001)(956004)(4326008)(2616005)(16526019)(31696002)(336012)(3940600001)(36900700001)(43740500002);DIR:OUT;SFP:1101; X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 May 2022 05:53:28.4979 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: eb32c506-043f-4f2e-62cb-08da33dbbcdc X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=38ae3bcd-9579-4fd4-adda-b42e1495d55a;Ip=[194.138.21.72];Helo=[hybrid.siemens.com] X-MS-Exchange-CrossTenant-AuthSource: DB5EUR01FT011.eop-EUR01.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAXPR10MB4687 X-TUID: vGMu0GFGbJE5 On 11.05.22 16:57, Henning Schild wrote: > I once had this in the context of adding users to groups which are > coming from packages. i.e. the docker group > > In order to add a user to that group one will also have to add the > group, and essentially copy that group creation from the postinst from > the group creating package. Like what type of group, or a fixed gid and > things like that. > > So moving the user creation into postinst is imho a really good idea. > However a significant change that might be worth a changelog entry. I > would have to drop group creation of "docker" or "www" and things like > that from some layers. > Good points, and second reason to actually change the ordering. Then let's do this, with a proper changelog. Jan > regards, > Henning > > Am Wed, 11 May 2022 15:13:37 +0200 > schrieb Quirin Gylstorff : > >> From: Quirin Gylstorff >> >> If the root account is deactivate during rootfs configuration >> , e.g. by setting 'USER_root[expire]="01-01-1970"', the following >> error occurs if a packages tries to create/modifies a user account. >> >> ``` >> Setting up systemd (247.3-7) ... >> Created symlink >> /etc/systemd/system/getty.target.wants/getty@tty1.service -> >> /lib/systemd/system/getty@.service. Created symlink >> /etc/systemd/system/multi-user.target.wants/remote-fs.target -> >> /lib/systemd/system/remote-fs.target. Created symlink >> /etc/systemd/system/sysinit.target.wants/systemd-pstore.service -> >> /lib/systemd/system/systemd-pstore.service. Initializing machine ID >> from random generator. Your account has expired; please contact your >> system administrator. chfn: PAM: Authentication failure adduser: >> `/bin/chfn -f systemd Network Management systemd-network' returned >> error code 1. Exiting. dpkg: error processing package systemd >> (--configure): installed systemd package post-installation script >> subprocess returned error exit status 1 Setting up dmsetup >> (2:1.02.175-2.1) ... Errors were encountered while processing: >> systemd E: Sub-process /usr/bin/dpkg returned an error code (1) >> WARNING: exit code 100 from a shell command. ``` >> >> This move also allows /etc/skel modification to be applicable to >> all users. >> >> Signed-off-by: Quirin Gylstorff >> --- >> meta/classes/image-account-extension.bbclass | 3 +-- >> 1 file changed, 1 insertion(+), 2 deletions(-) >> >> diff --git a/meta/classes/image-account-extension.bbclass >> b/meta/classes/image-account-extension.bbclass index >> c9bebe85..caa962a0 100644 --- >> a/meta/classes/image-account-extension.bbclass +++ >> b/meta/classes/image-account-extension.bbclass @@ -58,8 +58,7 @@ >> IMAGE_ACCOUNTS_GROUPS =+ "${@gen_accounts_array(d, 'GROUPS', 'GROUP', >> ['gid', 'f do_rootfs_install[vardeps] += "${IMAGE_ACCOUNTS_GROUPS} >> ${IMAGE_ACCOUNTS_USERS}" >> -ROOTFS_CONFIGURE_COMMAND += "image_configure_accounts" >> -image_configure_accounts[weight] = "3" >> +ROOTFS_POSTPROCESS_COMMAND += "image_configure_accounts" >> image_configure_accounts() { >> # Create groups >> # Add space to the end of the list: > -- Siemens AG, Technology Competence Center Embedded Linux