For systemd, we create a simple /etc/fstab with only an entry for /, as
systemd otherwise automatically mounts what it needs where it needs it.
systemd does not like that the content of /var be symlinks to /tmp,
especially journald that starts before /tmp is mounted, and thus the
journal files are hidden from view, which causes quite a bit of fuss...
Instead, move the current /var to a sysv-only skeleton.
systemd at install time will create the /var content it needs, so we
just create an empty /var for systemd.
systemd would create /home and /srv at runtime if they are missing, but
it is better to create them right now, to simplify supporting systemd on
a RO filesystem in the (near) future.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The ifupdown scripts can be used independently of the init system, be it
sysv, busybox or systemd; they could even be used when there is no init
system (i.e. the user is providing his own).
Currently, those ifupdown scripts are bundled in the skeleton.
But we soon will have a skeleton specific to systemd, so we would be
missing those scripts (when systemd-networkd is not enabled).
So, move those scripts to their own package.
To keep the current behaviour (before it is changed in future commits),
we make that package default to y, but depend on the default skeleton.
Instead of being a target-finalize hook, the scripts are installed as
any other package are, with a package install-target command.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Thomas: drop empty IFUPDOWN_SCRIPTS_SOURCE]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Without this patch, it is not possible to allocate PTYs when a generated
rootfs image with a recent glibc and systemd is launched as a container on
an RHEL7 system via machinectl/systemd-nspawn. The container boots, but
`machinectl login mycontainer` fails. The culprit is /dev/pts/ptmx with
0000 perms.
On a typical system, there are two `ptmx` devices. One is provided by the
devpts at /dev/pts/ptmx and it is typically not directly accessed from
userspace. The other one which actually *is* opened by processes is
/dev/ptmx. Kernel's documentation says these days that /dev/ptmx should be
either a symlink, or a bind mount of the /dev/pts/ptmx from devpts.
When a container is launched via machinectl/machined/systemd-nspawn, the
container manager prepares a root filesystem so that the container can live
in an appropriate namespace (this is similar to what initramfs is doing on
x86 desktops). During these preparations, systemd-nspawn mounts a devpts
instance using a correct ptmxmode=0666 within the container-to-be's
/dev/pts, and it adds a compatibility symlink at /dev/ptmx. However, once
systemd takes over as an init in the container,
/lib/systemd/systemd-remount-fs applies mount options from /etc/fstab to
all fileystems. Because the buildroot's template used to not include the
ptmxmode=... option, a default value of 0000 was taking an effect which in
turn led to not being able to allocate any pseudo-terminals.
The relevant kernel option was introduced upstream in commit 1f8f1e29 back
in 2009. The oldest linux-headers referenced from buildroot's config is
3.0, and that version definitely has that commit. Mount options that are
not understood by the system are anyway ignored, so backward
compatibility is preserved.
Signed-off-by: Jan Kundrát <jan.kundrat@cesnet.cz>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Thomas: fix commit title, adjust commit log.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
As recently discussed on lwn.net: https://lwn.net/Articles/695478/
The kernel has special behaviour for uid/gid 65534:
1. The kernel maps UIDs > 65535 to it when some subsystem/API/fs
only supports 16bit UIDs, but a 32bit UID is passed to it.
2. it's used by the kernel's user namespacing as the internal UID
that external UIDs are mapped to that don't have any local mapping.
3. It's used by NFS for all user IDs that cannot be mapped locally if
UID mapping is enabled.
Most distributions already map (or are in the progress of changing)
nobody/nogroup to the 65534 uid/gid, so lets do so as well.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We now have a real file in that directory, so we do not need a .empty
placeholder.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Currently, our /etc/mtab points to /proc/mounts. This was all neat so
far, and was good for a sysv-like init system.
However, the way today is to point it at /proc/self/mounts, the
per-process mount tab.
Additionnally, that's what systemd expects. If /etc/mtab is not a
symlink to ../proc/self/mounts and the rootfs is readonly, systemd would
whine loudly (and a service unit would be marked failed).
Since it works well for sysv-like init systems too, just use that.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
/etc/profile only sources files that matches the /etc/profile.d/*.sh
pattern, so /etc/profile.d/umask was never sourced.
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The ldconfig handling in the main Makefile is utterly broken, as it
calls the build machine ldconfig to generate the ld.so.cache of the
target. Unfortunately, the format of the ld.so.cache is architecture
specific, and therefore the build machine ldconfig cannot be used
as-is.
This patch therefore simply drops using ldconfig entirely, and removes
/etc/ld.so.conf.d/ from the target skeleton. The idea is that all
libraries that should be loaded by the dynamic linker must be
installed in paths where the dynamic linker searches them by default
(typically /lib or /usr/lib).
This might potentially break a few packages, but the only way to know
is to actually stop handling ldconfig.
In order to be notified of such cases, we add a check in
target-finalize to verify that there is no /etc/ld.so.conf file as
well as no /etc/ld.so.conf.d directory.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
/etc/inputrc is configuration file for readline. However, until now, it
was provided by skeleton. This patch install /etc/inputrc from readline
recipe.
Signed-off-by: Jérôme Pouiller <jezz@sysmic.org>
Acked-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
/etc/issue is managed with BR2_TARGET_GENERIC_ISSUE. In case
BR2_TARGET_GENERIC_ISSUE is set (which is default), /etc/issue
is overwritten. In case BR2_TARGET_GENERIC_ISSUE is not set,
we don't want /etc/issue exist.
Finaly, remove /etc/issue from skeleton.
Signed-off-by: Jérôme Pouiller <jezz@sysmic.org>
Reviewed-by: "Maxime Hadjinlian" <maxime.hadjinlian@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch has same purpose than 49964858f4:
On some machines, the network interface is slow to appear. For example,
on the Raspberry Pi, the network interface eth0 is an ethernet-over-USB,
and our standard boot process is too fast, so our network startup script
is called before the USB bus is compeltely enumerated, thus it can't
configure eth0.
Closes#8116.
However, wait-delay hook is enabled only if wait-delay property appears
in /etc/network/interfaces. This patch enable it automaticaly when
interface is configured through DHCP at bootup. But, if user choose
to write /etc/network/interface himself, he have to explicitly
set wait-delay.
Signed-off-by: Jérôme Pouiller <jezz@sysmic.org>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
gid 37 was referenced in /etc/passwd but not in /etc/group
Signed-off-by: Jérôme Pouiller <jezz@sysmic.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In commit 3dde19e5f3, the ftp user was
removed from /etc/passwd, /etc/group and /home in the skeleton, but
the corresponding entry was not removed from /etc/shadow. This commit
fixes that.
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fix indent and put PATH on a single line.
Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Reviewed-by: Luca Ceresoli <luca@lucaceresoli.net>
Tested-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
There's a lot of code in /etc/profile, which doesn't really belong in a
minimal default skeleton.
Also, add an 'unset i' to avoid clutter.
If the user has a specific needs, it needs to be added in
/etc/profile.d/ by a post-build script.
Signed-off-by Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Reviewed-by: Luca Ceresoli <luca@lucaceresoli.net>
Tested-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The folder init.d is currently installed by default since it's part of
our skeleton.
This patch creates a package out of it and make busybox/sysvinit depends
on it.
This way, if you chose another init, you don't end up with a useless
init.d folder.
[Thomas:
- make the initscripts package selectable via a hidden bool
- remove some unneeded changes in sysvinit.mk.]
Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Add /etc/profile.d/locale.sh script from Arch Linux to /etc/profile.
This script looks for locale.conf, sources it, and exports the LANG and
LC_* variables.
[Arnout: put in /etc/profile in the skeleton rather than making it
systemd specific.]
Signed-off-by: Maxim Mikityanskiy <maxtram95@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
securetty is supposed to restrict the terminals root is allowed to
login from. As it happens, login from busybox (w/ securetty support)
is actually enforcing use of securetty, while login from util-linux
is completely ignoring securetty altogether.
Remove securetty from our skeleton altogether and stop worrying about
it.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
A random-seed from a read-only filesystem is useless.
Also, drop the check for /etc/random-seed existence; it must exist after a
touch.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Seeding the entropy pool with a known seed makes more harm than good. This is
especially bad for when /etc is not on a persistent writable storage, so the
entropy pool is seeded with the same value on every boot. Just drop it.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When using busybox compiled from current git, login emits the following
message:
login: /etc/group: bad record
Fix it by adding the missing colon to /etc/group in system/skeleton.
Signed-off-by: Bartosz Golaszewski <bgolaszewski@baylibre.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Making /var/run and /run symlinks to /tmp is bad since the underlying
tmpfs filesystem is mode 1777 which leads to possible security attack
vectors via badly owned/mask-mode pidfiles and state files residing there.
So make /run a proper directory with /var/run symlinked to it.
Eventually all startup scripts and state info should be pointed to /run
directly as per the linux fhs and good practice.
Add a tmpfs filesystem entry for /run so that busybox inittab, systemv
inittab and systemd automount mounts it there to avoid breaking the
system.
While at it fix inconsistent spacing in /etc/fstab by using tabs and
drop the "static file system information" header whatever that means.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This patch allows the setup of simple a single interface to be
automatically brought up and configured via DHCP on system startup.
The interface name can be set via a configuration option. This patch
does not support systemd-networkd, any complex network configuration should
be done via overlay of /etc/network/interfaces or the relevant networkd
configuration file
[Peter: rename to BR2_SYSTEM_DHCP, tweak help text & implementation]
Signed-off-by: Jérémy Rosen <jeremy.rosen@openwide.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Make the S40network script create the /run/network directory for the
debian variant of ifupdown which uses it as a lock directory.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Tested-by: Karoly Kasza <kaszak@gmail.com>
Reviewed-by: Karoly Kasza <kaszak@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Drop null id since that means "don't show anything" for busybox init,
hence the shutdown sequence (/etc/init.d/rcK) doesn't show anything
giving the false impression that it's not being run.
If someone wants a really silent console they'll need to adjust much more than
this anyway.
Also swap the root read-only remount with swapoff since the swap can be
a regular (loop) file in the root filesystem and make the operation fail
resulting in a dirty filesystem.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
It has no counterpart in passwd so it's basically a NOP.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
It has no counterpart in passwd so it's basically a NOP.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
It has no counterpart in passwd so it's basically a NOP.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Non-login users shouldn't have a valid shell so drop it.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
AFAIK no package uses it and even if it did it would belong there.
And it's not a standard user either.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
AFAIK no package uses it and even if it did it would belong there.
And it's not a standard user either.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The sshd privilege drop user doesn't belong in the skeleton, it's
exclusively used by OpenSSH.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
It belongs to the package.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We dropped the hal package quite some time ago, and it's not even a
properly created user.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
They all depend on having a custom busybox config and/or fully featured
utilities which depend on BR2_PACKAGE_BUSYBOX_SHOW_OTHERS.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
That directory has been unused for ages so remove it.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Don't blindly install the /etc/nsswitch.conf file, it's useless for
toolchains that aren't (e)glibc-based and misleading.
Make the installation conditional on a (e)glibc toolchain.
[Thomas: use $(INSTALL) instead of cp.]
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Update inittabs (skeleton/busybox & sysvinit) to remove the trailing
REMOUNT_ROOTFS_RW comment used as magic string in system/system.mk to
enable/disable remounting the root filesystem rw or not since it affects
sysvinit in doing so properly as reported in bug #7442.
Instead update the sed expressions to match clean non-commented strings
by searching for "-o remount,rw /" and checking that's the end of the
line as well to avoid affecting possibly other remounts that a user can
have in a custom inittab.
Long-term the startup block of inittab should just move to a S00sysinit
script or similar so that rcS can pick it up directly.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We define the two groups 'nobody' and 'nogroup' in our skeleton, but
they have the same gid, which is not valid.
This breaks the mkuser script, as noticed by Thomas.
Anyway, the user 'nobody' belongs to the group 'nogroup' in any sane
distribution.
So, just remove the spurious 'nobody' group.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
User "default" with no password has been around for long time, but not
used within buildroot. Since we now have BR2_ROOTFS_USERS_TABLES it is
no longer needed.
Signed-off-by: Stephan Hoffmann <sho@relinux.de>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
ramfs (which is used instead of tmpfs if CONFIG_SHMEM isn't enabled in the
kernel configuration), defaults to mode 0755 instead of 01777 like tmpfs
uses.
/tmp should be world writable and sticky, so explictly enforce the mode so
ramfs users gets it correct instead of relying on the defaults.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add /dev/hvc* devices, and add them to securetty. These
are required for ppc64 virtual consoles.
Signed-off-by: Anton Blanchard <anton@samba.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This update adds IP protocols created in the last 20 years.
Signed-off-by: Peter Sanford <psanford@nearbuysystems.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
udev-182 requires several groups to be resolvable at udev startup,
including disk, cdrom, floppy, tape, audio, video, lp, tty, dialout,
and kmem. Only some of these are in the default skeleton's group
file, So let's add the missing groups, and plugdev too.
This avoids getting these logs in /var/logs/messages:
Jan 1 00:00:08 buildroot daemon.err udevd[37]: specified group 'dialout' unknown
Jan 1 00:00:08 buildroot daemon.err udevd[37]: specified group 'kmem' unknown
Jan 1 00:00:08 buildroot daemon.err udevd[37]: specified group 'video' unknown
Jan 1 00:00:08 buildroot daemon.err udevd[37]: specified group 'lp' unknown
Jan 1 00:00:08 buildroot daemon.err udevd[37]: specified group 'floppy' unknown
Jan 1 00:00:08 buildroot daemon.err udevd[37]: specified group 'cdrom' unknown
Jan 1 00:00:08 buildroot daemon.err udevd[37]: specified group 'tape' unknown
Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We already provide BR2_TARGET_GENERIC_HOSTNAME to set /etc/hostname,
so a default /etc/hostname file isn't needed.
More importantly, if the user has explictly set BR2_TARGET_GENERIC_HOSTNAME
to the empty string, we would still end up with a /etc/hostname containing
'buildroot' which is unlikely to be what the user wanted.
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Adding ttyPS0 and ttyPS1 to securetty for Zynq.
Signed-off-by: Soren Brinkmann <soren.brinkmann@xilinx.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Toolchain Linaro 2012_09 and possibly other glibc based ones
rely on the existence of nsswitch.conf. If it's missing names
from /etc/hosts are not resolved and thus "localhost" is not
known.
Signed-off-by: Stephan Hoffmann <sho@relinux.de>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>