gid 37 was referenced in /etc/passwd but not in /etc/group
Signed-off-by: Jérôme Pouiller <jezz@sysmic.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In commit 3dde19e5f3, the ftp user was
removed from /etc/passwd, /etc/group and /home in the skeleton, but
the corresponding entry was not removed from /etc/shadow. This commit
fixes that.
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
systemd is increasingly expecting things to live in /usr/bin, /usr/sbin
or /usr/lib nad not in /bin, /sbin or /lib. It has inherited those
expectations from a Fedora change:
https://fedoraproject.org/wiki/Features/UsrMove
Note however, that systemd does support /usr being on a separate
filesystem; it just expects an initramfs to mount it before the final
switchroot over to the actual rootfs.
But the traditional use-case for Buildroot is not to boot with an
initramfs; although that is totally feasible, that's probably not what
is commonly done in the vast majority of cases.
However, a lot of packages still install stuff directly into /bin,
/sbin or /lib, which systemd may need early-on in the boot process,
even before it may have a chance to mount /usr. Even though we can
tell systemd, at configure-time, where it should expect programs to
be at runtime, it does not make sense to go head-first against an
upstream wa^Hill.
Add an option so that /bin, /sbin and /lib be symlinks to /usr/bin
and /usr/sbin. That option is forcibly enabled when the init system
is systemd.
Note: we need not handle /lib32 or /lib64, as they already are symlinks
to /lib, which means they will automatically be redirected to /usr/lib,
as /usr/lib32 and /usr/lib64 already are.
Furthermore, this means we're no longer supporting a split-usr setup, so
the corresponding configure options have been removed as well for
systemd and, when using a merged /usr, for eudev as well.
In Buildroot, we decided (with this patch) not to support a split-usr
when systemd is used as an init system. This is a design decision, not
a systemd issue. Thus the select is with BR2_INIT_SYSTEMD rather than
with BR2_PACKAGE_SYSTEMD.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Mike Williams <mike@mikebwilliams.com>
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Cc: Baruch Siach <baruch@tkos.co.il>
Tested-by: Mike Williams <mike@mikebwilliams.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fix indent and put PATH on a single line.
Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Reviewed-by: Luca Ceresoli <luca@lucaceresoli.net>
Tested-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
There's a lot of code in /etc/profile, which doesn't really belong in a
minimal default skeleton.
Also, add an 'unset i' to avoid clutter.
If the user has a specific needs, it needs to be added in
/etc/profile.d/ by a post-build script.
Signed-off-by Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Reviewed-by: Luca Ceresoli <luca@lucaceresoli.net>
Tested-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The "Dynamic using mdev" and "Dynamic using eudev" /dev management
methods are using devtmpfs, just like "Dynamic using devtmpfs only",
on top of which they add either mdev or eudev. But their names might
suggest they use mdev only or eudev only.
Clarify their descriptions by adding "devtmpfs +" to make it
unambiguous.
[Thomas: rewrap the paragraphs in the manual. It makes the diff a lot
less readable, but we actually want the result to be wrapped.]
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
/dev/shm is needed for systems using shared memory. On init-based systems
this directory is usually created in the inittab along with /dev/pts, by
the lines:
package/busybox/inittab:
::sysinit:/bin/mkdir -p /dev/pts
::sysinit:/bin/mkdir -p /dev/shm
package/sysvinit/inittab:
si2::sysinit:/bin/mkdir -p /dev/pts
si3::sysinit:/bin/mkdir -p /dev/shm
However this is broken when static /dev management is selected and the root
filesystem is read-only, showing during boot the error:
mkdir: can't create directory '/dev/shm': Read-only file system
Fix it by creating the empty /dev/shm directory, just like /dev/pts.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Making the getty option a menuconfig instead of a simple config
automatically moves its dependees into a menu without the need to
manually declare such a menu.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Reviewed-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Tested-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The comment line that explains that systemd needs a glibc toolchain and
kernel headers >= 3.10 doesn't fit in the dialog box, which makes it
look as if headers >= 3.1 are needed.
Abbreviate the comment a little by removing an 'an'. It still doesn't
fit completely (only one trailing * is shown), but at least it's
readable.
While we're at it, change the quoting style to " like we always use.
Reported-by: eschu on IRC
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Create a proper package for the skeleton.
The main Makefile is modified to remove the skeleton support.
The 'dirs' target, will create the $(TARGET_DIR).
The file 'output/target/.root' doesn't exists anymore, as there's no
Make rule to statisfy.
The infrastructure are modified to filter host-skeleton.
It's needed becauses the host-dependencies are derived from the
dependencies of the target package where 'host-' is preprended to the
depedency name.
In the pkg-generic we add skeleton as a dependency to every package.
The whole system/system.mk is now removed at the profit of
package/skeleton/skeleton.mk
[Thomas:
- rebase on top of master and fix some minor conflicts
- remove the 'select BR2_PACKAGE_SKELETON' in
BR2_ROOTFS_SKELETON_DEFAULT and BR2_ROOTFS_SKELETON_CUSTOM, since
anyway the skeleton package is always enabled.
- fixup a few mistakes in the getty handling due to misnamed
variables.]
Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Following the introduction of the initscripts package in commit
89d39fc7a3 ("initscripts: new package"),
the /etc/inittab file is no longer part of the skeleton, and therefore
is not always installed.
However, system/system.mk tweaks the inittab for getty and filesystem
remount as rw, without taking the precautions of whether the init
system is Busybox or SysV. This commit fixes that by adding the
necessary conditions around the code adjusting the inittab file.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The folder init.d is currently installed by default since it's part of
our skeleton.
This patch creates a package out of it and make busybox/sysvinit depends
on it.
This way, if you chose another init, you don't end up with a useless
init.d folder.
[Thomas:
- make the initscripts package selectable via a hidden bool
- remove some unneeded changes in sysvinit.mk.]
Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Add /etc/profile.d/locale.sh script from Arch Linux to /etc/profile.
This script looks for locale.conf, sources it, and exports the LANG and
LC_* variables.
[Arnout: put in /etc/profile in the skeleton rather than making it
systemd specific.]
Signed-off-by: Maxim Mikityanskiy <maxtram95@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
securetty is supposed to restrict the terminals root is allowed to
login from. As it happens, login from busybox (w/ securetty support)
is actually enforcing use of securetty, while login from util-linux
is completely ignoring securetty altogether.
Remove securetty from our skeleton altogether and stop worrying about
it.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
A random-seed from a read-only filesystem is useless.
Also, drop the check for /etc/random-seed existence; it must exist after a
touch.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Seeding the entropy pool with a known seed makes more harm than good. This is
especially bad for when /etc is not on a persistent writable storage, so the
entropy pool is seeded with the same value on every boot. Just drop it.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently, there are only two possibilities regarding the root account:
- it is enabled with no password (the default)
- it is enabled, using a clear-text, user-provided password
This is deemed insufficient in many cases, especially when the .config
file has to be published (e.g. for the GPL compliance, or any other
reason.).
Fix that in two ways:
- add a boolean option that allows/disallows root login altogether,
which defaults to 'y' to keep backward compatibility;
- accept already-encoded passwords, which we recognise as starting
with either of $1$, $5$ or $6$ (resp. for md5, sha256 or sha512).
Signed-off-by: Lorenzo M. Catucci <lorenzo@sancho.ccd.uniroma2.it>
[yann.morin.1998@free.fr:
- don't add a choice to select between clear-text/encoded password,
use a single prompt;
- differentiate in the password hook itself;
- rewrite parts of the help entry;
- rewrite and expand the commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Tested-by: "Lorenzo M. Catucci" <lorenzo@sancho.ccd.uniroma2.it>
Acked-by: "Lorenzo M. Catucci" <lorenzo@sancho.ccd.uniroma2.it>
Tested-by: Gergely Imreh <imrehg@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
These are not used by the busybox or Debian ifupdown implementation. Instead
if-up.d is run after the per-interface up tasks (E.G. post-up) and
if-down.d is run before the per-interface down tasks (E.G. pre-down).
So drop them as they only cause confusion.
grep execute_all output/build/busybox-1.23.2/networking/ifupdown.c
static int execute_all(struct interface_defn_t *ifd, const char *opt)
if (!execute_all(iface, "pre-up")) return 0;
if (!execute_all(iface, "up")) return 0;
if (!execute_all(iface, "down")) return 0;
if (!execute_all(iface, "post-down")) return 0;
grep execute_script output/build/ifupdown-0.7.49/execute.c
int execute_scripts(interface_defn * ifd, execfn * exec, char *opt)
if (!execute_scripts(iface, doit, "pre-up"))
if (!execute_scripts(iface, doit, "up"))
if (!execute_scripts(iface, doit, "down"))
if (!execute_scripts(iface, doit, "post-down"))
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The symlink created by buildroot for /bin/sh is the full path to
a shell. This does not match what busybox and other Linux
distributions do with using relative path symlinks. When handling
files on the host system this will point to the host system's shell
if present and not the target shell.
This is fixed by changing the /bin/sh symlink to use a relative path.
Fixes#8161.
[Thomas: minor fixups to the commit log suggested by Yann E. Morin.]
Signed-off-by: Matthew Starr <mstarr@hedonline.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The option is a non-option now and will be removed.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
When using busybox compiled from current git, login emits the following
message:
login: /etc/group: bad record
Fix it by adding the missing colon to /etc/group in system/skeleton.
Signed-off-by: Bartosz Golaszewski <bgolaszewski@baylibre.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For clarity, this commit renames the TARGETS variable to the more
meaningful PACKAGES variable. Indeed, only packages (handled by one of
the package infrastructures) should be listed in this variable, and
not other random non-package targets.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
DES is long dead, it is insecure as hell, and virtually all known
crypt(3) implementations now all support at least md5.
Besides, the character-space of DES-encoded passwords are a sub-set
of the character-space for a clear-text password, so we can't easily
differentiate between the two. Since we're going to change the root
password prompt to support setting encoded passwords (as well as
clear-text passwords), we can't keep DES or we'd be unable to decide
whether we'd need to encode the password or not.
Remove DES encoding altogether (and add a legacy entry). The default is
still md5, and thus there's no backward-compatibility 'select' to add.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Lorenzo Catucci <lorenzo@sancho.ccd.uniroma2.it>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Drop the buildroot toolchain non-largefile support option since it's
being removed.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
[Thomas:
- indicate upstream commit id, as suggested by Baruch.
- add SoB of Alexey inside the patch itself.
- adjust sequence number to 0003.]
Signed-off-by: Alexey Mednyy <swexru@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This patch sets the default timezone to UTC if not overwritten.
Some packages need a configured system timezone for properly
operating like mono based software.
Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Making /var/run and /run symlinks to /tmp is bad since the underlying
tmpfs filesystem is mode 1777 which leads to possible security attack
vectors via badly owned/mask-mode pidfiles and state files residing there.
So make /run a proper directory with /var/run symlinked to it.
Eventually all startup scripts and state info should be pointed to /run
directly as per the linux fhs and good practice.
Add a tmpfs filesystem entry for /run so that busybox inittab, systemv
inittab and systemd automount mounts it there to avoid breaking the
system.
While at it fix inconsistent spacing in /etc/fstab by using tabs and
drop the "static file system information" header whatever that means.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This patch allows the setup of simple a single interface to be
automatically brought up and configured via DHCP on system startup.
The interface name can be set via a configuration option. This patch
does not support systemd-networkd, any complex network configuration should
be done via overlay of /etc/network/interfaces or the relevant networkd
configuration file
[Peter: rename to BR2_SYSTEM_DHCP, tweak help text & implementation]
Signed-off-by: Jérémy Rosen <jeremy.rosen@openwide.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The configure script checks for linux/btrfs.h which is only available since
3.9 (55e301fd57a6239ec: Btrfs: move fs/btrfs/ioctl.h to
include/uapi/linux/btrfs.h).
It now also uses static_assert which is only available since GCC 4.6, so
handle it as well in the legacy patch.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Make the S40network script create the /run/network directory for the
debian variant of ifupdown which uses it as a lock directory.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Tested-by: Karoly Kasza <kaszak@gmail.com>
Reviewed-by: Karoly Kasza <kaszak@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We used to specify explicitly serial port with all its settings
for init to instantiate getty.
This limits usecases when the same one rootfs could be used.
For example following cases won't work well with hardcoded
serial console settings:
* On the same board other serial port is expected to be used
* The same rootfs is intended to be used on different boards with
different serial ports (like ttySx vs ttyAMAx or even ttyx)
With this change by default we rely on "console" specified in
kernel's boot command line.
What is important getty will be set on the last console
specified in bootargs.
For example is a kernel comand line:
--->---
bootargs="... console=tty0 console=ttyS3,115200n8..."
--->---
This now will instantiate serial console on ttyS3 but not on tty0.
Tested with both Busybox and SysV init.
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Since a while, the semantic of BR2_PREFER_STATIC_LIB has been changed
from "prefer static libraries when possible" to "use only static
libraries". The former semantic didn't make much sense, since the user
had absolutely no control/idea of which package would use static
libraries, and which packages would not. Therefore, for quite some
time, we have been starting to enforce that BR2_PREFER_STATIC_LIB
should really build everything with static libraries.
As a consequence, this patch renames BR2_PREFER_STATIC_LIB to
BR2_STATIC_LIBS, and adjust the Config.in option accordingly.
This also helps preparing the addition of other options to select
shared, shared+static or just static.
Note that we have verified that this commit can be reproduced by
simply doing a global rename of BR2_PREFER_STATIC_LIB to
BR2_STATIC_LIBS plus adding BR2_PREFER_STATIC_LIB to Config.in.legacy.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Drop null id since that means "don't show anything" for busybox init,
hence the shutdown sequence (/etc/init.d/rcK) doesn't show anything
giving the false impression that it's not being run.
If someone wants a really silent console they'll need to adjust much more than
this anyway.
Also swap the root read-only remount with swapoff since the swap can be
a regular (loop) file in the root filesystem and make the operation fail
resulting in a dirty filesystem.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The kernel headers minimum version for systemd was bumped to 3.8
(IFLA_GRE_FLOWINFO and IFLA_IPTUN_FLAGS definitions) and then to 3.10
(IFLA_VLAN_PROTOCOL definition). However, systemd since version v215
contains the following patch that defines IFLA_* constants if
needed:
81577dc missing.h: add various network enums
http://cgit.freedesktop.org/systemd/systemd/commit/?id=81577dc
As a consequence, this patch downgrades the kernel headers minimum
version to linux 3.7 which is required for BPF_XOR.
Signed-off-by: Christophe Vu-Brugier <cvubrugier@fastmail.fm>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
They're obsolete and the package was removed way back in 2010.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
It has no counterpart in passwd so it's basically a NOP.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
It has no counterpart in passwd so it's basically a NOP.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
It has no counterpart in passwd so it's basically a NOP.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Non-login users shouldn't have a valid shell so drop it.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
AFAIK no package uses it and even if it did it would belong there.
And it's not a standard user either.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
AFAIK no package uses it and even if it did it would belong there.
And it's not a standard user either.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The sshd privilege drop user doesn't belong in the skeleton, it's
exclusively used by OpenSSH.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>