Currently, we define the so-called "overflow group" as 'nogroup'.
However, one practical issue is that systemd-sysusers will otherwise
create a 'nobody' group with gid 999, because that's is what is usual to
define the overflow group: users and groups are defined in LSB (Linux
Standard Base):
https://refspecs.linuxfoundation.org/LSB_5.0.0/LSB-Core-generic/LSB-Core-generic/usernames.html
Quoting: "If the username exists on a system,then they should be in the
suggested corresponding group".
Only Debian and derivatives depart from this custom, naming it 'nogroup'
(hence the rationale for commit 908198e756 (system/skeleton: remove
spurious group 'nobody').
See also commit 9c67af2c52 (system/skeleton: use uid/gid 65534 for
nobody/nogroup), and a related discussion on LWN.net (key is "overflow
UID" which also applies to GID):
https://lwn.net/Articles/695478/
Use the recommended groupname 'nobody'. Adapt packages accordingly.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
[yann.morin.1998@free.fr:
- reword commit log
- extend commit log with more references (commits and LWN)
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
As recently discussed on lwn.net: https://lwn.net/Articles/695478/
The kernel has special behaviour for uid/gid 65534:
1. The kernel maps UIDs > 65535 to it when some subsystem/API/fs
only supports 16bit UIDs, but a 32bit UID is passed to it.
2. it's used by the kernel's user namespacing as the internal UID
that external UIDs are mapped to that don't have any local mapping.
3. It's used by NFS for all user IDs that cannot be mapped locally if
UID mapping is enabled.
Most distributions already map (or are in the progress of changing)
nobody/nogroup to the 65534 uid/gid, so lets do so as well.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
gid 37 was referenced in /etc/passwd but not in /etc/group
Signed-off-by: Jérôme Pouiller <jezz@sysmic.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When using busybox compiled from current git, login emits the following
message:
login: /etc/group: bad record
Fix it by adding the missing colon to /etc/group in system/skeleton.
Signed-off-by: Bartosz Golaszewski <bgolaszewski@baylibre.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
It belongs to the package.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We dropped the hal package quite some time ago, and it's not even a
properly created user.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We define the two groups 'nobody' and 'nogroup' in our skeleton, but
they have the same gid, which is not valid.
This breaks the mkuser script, as noticed by Thomas.
Anyway, the user 'nobody' belongs to the group 'nogroup' in any sane
distribution.
So, just remove the spurious 'nobody' group.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
User "default" with no password has been around for long time, but not
used within buildroot. Since we now have BR2_ROOTFS_USERS_TABLES it is
no longer needed.
Signed-off-by: Stephan Hoffmann <sho@relinux.de>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
udev-182 requires several groups to be resolvable at udev startup,
including disk, cdrom, floppy, tape, audio, video, lp, tty, dialout,
and kmem. Only some of these are in the default skeleton's group
file, So let's add the missing groups, and plugdev too.
This avoids getting these logs in /var/logs/messages:
Jan 1 00:00:08 buildroot daemon.err udevd[37]: specified group 'dialout' unknown
Jan 1 00:00:08 buildroot daemon.err udevd[37]: specified group 'kmem' unknown
Jan 1 00:00:08 buildroot daemon.err udevd[37]: specified group 'video' unknown
Jan 1 00:00:08 buildroot daemon.err udevd[37]: specified group 'lp' unknown
Jan 1 00:00:08 buildroot daemon.err udevd[37]: specified group 'floppy' unknown
Jan 1 00:00:08 buildroot daemon.err udevd[37]: specified group 'cdrom' unknown
Jan 1 00:00:08 buildroot daemon.err udevd[37]: specified group 'tape' unknown
Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This directory groups the following elements:
* the default root filesystem skeleton
* the default device tables
* the Config.in options for system configuration (UART port for
getty, system hostname, etc.)
* the make rules to apply the system configuration options
Even though the skeleton and device tables could have lived in fs/, it
would have been strange to have the UART, system hostname and other
related options into fs/. A new system/ directory makes more sense.
As a consequence, this patch also removes target/Makefile.in, which
has become useless in the process.
[Peter: fixup TARGET_SKELETON settings / documentation to match]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
