($INBOX_DIR/description missing)
 help / color / mirror / Atom feed

From: Maik Vermeulen <maik@quatt.io>
To: yocto@lists.yoctoproject.org
Cc: Chuck Wolber <chuckwolber@gmail.com>
Subject: Re: [yocto] EXTRA_USERS_PARAMS and recipe file ownership
Date: Mon, 22 Apr 2024 11:08:01 +0200	[thread overview]
Message-ID: <CALEqzqcvW=dTrCuv1VOmHRWQTSOQPY=daUQs08vCz5jz9SOsKw@mail.gmail.com> (raw)
In-Reply-To: <17C88D1A5A183672.10861@lists.yoctoproject.org>

[-- Attachment #1: Type: text/plain, Size: 4511 bytes --]

Actually I think this log may be more telling, showing that the
useradd.bbclass is using gid 1007 thanks to useradd-staticids, but that
1007 group is only available after extrausers.bbclass

DEBUG: Executing shell function useradd_sysroot
/workdir/build_runner_maik/tmp/work/cortexa9hf-neon-tps-linux-gnueabi/our-watchdog/1.0-r0/recipe-sysroot-native/usr/sbin/useradd
Running groupadd commands...
NOTE: our-watchdog: Performing groupadd with [--root
/workdir/build_runner_maik/tmp/work/cortexa9hf-neon-tps-linux-gnueabi/our-watchdog/1.0-r0/recipe-sysroot
--gid 1000 --system company]
configuration error - unknown item 'SYSLOG_SU_ENAB' (notify administrator)
configuration error - unknown item 'SYSLOG_SG_ENAB' (notify administrator)
Running useradd commands...
NOTE: our-watchdog: Performing useradd with [--root
/workdir/build_runner_maik/tmp/work/cortexa9hf-neon-tps-linux-gnueabi/our-watchdog/1.0-r0/recipe-sysroot
--gid 1007 --no-create-home --system --shell /bin/false --uid 1021 watchdog]
configuration error - unknown item 'SYSLOG_SU_ENAB' (notify administrator)
configuration error - unknown item 'SYSLOG_SG_ENAB' (notify administrator)
useradd: group '1007' does not exist
ERROR: our-watchdog: useradd command did not succeed.

On Mon, Apr 22, 2024 at 10:33 AM Maik Vermeulen via lists.yoctoproject.org
<maik=quatt.io@lists.yoctoproject.org> wrote:

> Hi Chuck,
>
> Thanks for the quick response!
>
> I'm not sure if it's the same issue, ours isn't systemd specific at least.
> Btw, we're using Kirkstone.
>
> Here is an example log of the issue we see when we use USERADD in a recipe
> to create the user, and set ownership in do_install, while using
> EXTRA_USERS_PARAMS to manage extra groups and user options, and using
> useradd-staticids.bbclass too:
> DEBUG: Executing shell function set_user_group
> NOTE: company-img: Performing groupadd with [-R
> /workdir/build_runner_maik/tmp/work/tppg2-tps-linux-gnueabi/company-img/1.0-r0/rootfs
> --gid 1000 company]
> NOTE: company-img: group company already exists, not re-creating it
> NOTE: company-img: Performing useradd with [-R
> /workdir/build_runner_maik/tmp/work/tppg2-tps-linux-gnueabi/company-img/1.0-r0/rootfs
> --gid 1000 --system --shell /bin/false --uid 1001 mender]
> configuration error - unknown item 'SYSLOG_SU_ENAB' (notify administrator)
> configuration error - unknown item 'SYSLOG_SG_ENAB' (notify administrator)
> useradd: group '1000' does not exist
> ERROR: company-img: useradd command did not succeed.
>
> But then when I check
> tmp/work/machine-linux-gnueabi/copmany-img/1.0-r0/rootfs/etc/group, no
> entries for GID 1000 are found.
>
> Kind regards,
>
> On Fri, Apr 19, 2024 at 5:44 PM Chuck Wolber <chuckwolber@gmail.com>
> wrote:
>
>> On Fri, Apr 19, 2024 at 7:29 AM Maik Vermeulen via lists.yoctoproject.org
>> <maik=quatt.io@lists.yoctoproject.org> wrote:
>>
>> %< SNIP %<
>>
>>
>>> I've also tried using the useradd.bbclass in the recipes, which allows
>>> us to set permissions from within the do_install task, but that started
>>> causing trouble when we tried to start using useradd-staticids, which we
>>> need to keep compatibility between software versions using the same files
>>> from a persistent partition. The useradd.bbclass in combination with the
>>> central extrausers.bbclass and useradd-staticids.bbclass is messy and
>>> hasn't resulted in a working build yet, with recipes complaining certain
>>> groups e.g. aren't available yet.
>>>
>>
>>
>> You are not very specific about what is going wrong, but it sounds
>> familiar so it is possible that
>> I am to blame for not following up on an earlier observation that may
>> potentially benefit your
>> situation.
>>
>> Take a look at this message and let me know if it sounds familiar.
>>
>> https://lists.openembedded.org/g/openembedded-core/topic/88922422#161387
>>
>> If so I can probably submit an RFC patch.
>>
>> ..Ch:W..
>>
>>
>>
>> --
>> *"Perfection must be reached by degrees; she requires the slow hand of
>> time." - Voltaire*
>>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#62974):
> https://lists.yoctoproject.org/g/yocto/message/62974
> Mute This Topic: https://lists.yoctoproject.org/mt/105618946/8452744
> Group Owner: yocto+owner@lists.yoctoproject.org
> Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [maik@quatt.io]
> -=-=-=-=-=-=-=-=-=-=-=-
>
>

[-- Attachment #2: Type: text/html, Size: 6570 bytes --]

     prev parent reply	other threads:[~2024-04-22  9:08 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-04-19 14:29 EXTRA_USERS_PARAMS and recipe file ownership Maik Vermeulen
2024-04-19 15:44 ` [yocto] " Chuck Wolber
2024-04-22  8:33   ` Maik Vermeulen
     [not found]   ` <17C88D1A5A183672.10861@lists.yoctoproject.org>
2024-04-22  9:08     ` Maik Vermeulen [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CALEqzqcvW=dTrCuv1VOmHRWQTSOQPY=daUQs08vCz5jz9SOsKw@mail.gmail.com' \
    --to=maik@quatt.io \
    --cc=chuckwolber@gmail.com \
    --cc=yocto@lists.yoctoproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).