I am trying to create a user and add it to the dialout group.
I have made a recipe that inherits useradd and adds the users my system needs.
Here is the relevant part of my recipe:
inherit useradd
USERADD_PACKAGES = "${PN}"
USERADD_PARAM_${PN} = "-d /home/myuser -r -m -s /bin/bash myuser -g
mygroup -G dialout;"
GROUPADD_PARAM_${PN} = "-g 870 mygroup;"
The build gets to the rootfs_build step before getting an error. The log shows:
NOTE: useradd: Performing useradd with [--root
/mnt/hdd1/yocto/build/tmp/work/intel_corei7_64-poky-
linux/core-image-sato/1.0-r0/rootfs -d /home/myuser -r -m -s /bin/bash
myuser -g mygroup -G dialout]
ERROR: useradd: useradd command did not succeed
Without the -G dialout option it works flawlessly.
Any idea on how to solve this?
I have also tried inheriting extrausers and doing usermod -aG dialout myuser.
I suspect this is due to the fact that the dialout group does not exist, at least not at the time when myuser is being added.
If you skip the -G dialout part and build an image, do you have a group called dialout in /etc/group? If not, you can create the dialout group in the same way you create mygroup. If it already exists I suspect you will need to make sure the package adding the dialout group is installed before your package using something like RDEPENDS_${PN} += "<package that provides dialout group>.
I encountered the same issue. The solution was to use : instead of _ when ${PN} was appended:
inherit useradd
USERADD_PACKAGES = "${PN}"
USERADD_PARAM:${PN} = "-d /home/myuser -r -m -s /bin/bash myuser -g mygroup -G dialout;"
GROUPADD_PARAM:${PN} = "-g 870 mygroup;"
I believe this is due to the new override syntax. In other cases, bitbake complains (I use "honister"), for example:
do_install_append() {
...
}
results this error message:
Variable do_install_append contains an operation using the old override syntax. Please convert this layer/metadata before attempting to use with a newer bitbake.
This can be resolved by using do_install:append().
Here is the full reference of the override syntax:
https://docs.yoctoproject.org/bitbake/bitbake-user-manual/bitbake-user-manual-metadata.html#conditional-syntax-overrides
What solved it in the end was to split up each useradd in its own recipe. I have no idea why it didn't work to have them in the same recipe, as that is based on this example in meta-skeleton.
So instead of having one users.bb with several users, I now have user1.bb, user2.bb etc., and it is working like a charm.
Related
In my project, I have to introduce a new 'non-root' user. I referred standard yocto recipe model mentioned in below link for creating user and group entry in /etc/passwd and /etc/group files.
https://git.yoctoproject.org/cgit.cgi/poky/tree/meta-skeleton/recipes-skeleton/useradd/useradd-example.bb
I also tried the same way in my recipe file.
Recipe file path : recipes-connectivity/dibbler/dibbler_%.bbappend
FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
#dibbler process non-root user
SRC_URI += "file://dibbler-nonroot-changes.patch"
inherit useradd
USERADD_PACKAGES = "${PN}"
GROUPADD_PARAM_${PN} = "--system dibbler"
USERADD_PARAM_${PN} = "--system --gid dibbler --no-user-group \
--home /var/lib/dibbler --no-create-home \
--shell /bin/false dibbler"
After building the component, entry for user 'dibbler' and group 'dibbler' are not found in the target rootfs which is 'tmp/work/brcm-linux-gnueabi/generic-dev-image/1.0-r0/rootfs/etc/passwd'
But I found the entry present in sysroot path which is 'tmp/sysroots/brcm/etc/passwd' and 'tmp/sysroots/brcm/etc/group'
tmp/sysroots/brcm/etc/group-
tmp/sysroots/brcm/etc/group
dibbler:x:983:
tmp/sysroots/brcm/etc/passwd-
tmp/sysroots/brcm/etc/passwd
dibbler:!:988:983::/var/lib/dibbler:/bin/false
Even I checked logs and run scripts from bitbake tasks like do_install, do_populate_package, ... I didn't get any clue to proceed further.
Bitbake install logs after clean rebuild:
Install outputs from file : tmp/work/cortexa15hf-neon-vfpv4-rdk-linux-gnueabi/dibbler/1.0.1-r0/temp/log.do_install
DEBUG: Executing shell function useradd_sysroot
NOTE: dibbler: Performing groupadd with [--root /home/vre/dmz/build-tch_broadband_93390smwvg2/tmp/sysroots/brcm93390smwvg2 --system dibbler]
NOTE: dibbler: Performing useradd with [--root /home/vre/dmz/build-tch_broadband_93390smwvg2/tmp/sysroots/brcm93390smwvg2 --system --gid dibbler --no-user-group --home /var/lib/dibbler --no-create-home --shell /bin/false dibbler]
Running groupadd commands...
Running useradd commands...
It would be helpful if anyone points what I missed or anything extraneous/unnecessary.
After analysing the rootfs logs(dev-image/1.0-r0/temp/log.do_rootfs), found that dibbler is installed as two different packages with the package names as below:
dibbler-client and
dibbler-server.
After changing 'USERADD_PARAM_${PN}' to 'USERADD_PARAM_dibbler-client', the entries for user 'dibbler' got added in rootfs also.
Below are the changes in bb recipe file:
USERADD_PACKAGES = "dibbler-client"
GROUPADD_PARAM_dibbler-client = "--system dibbler"
USERADD_PARAM_dibbler-client = "--system --gid dibbler --no-user-group \
--home /var/lib/dibbler --no-create-home \
--shell /bin/false dibbler"
Hi I added a user using useradd command so that he have no home directory:
useradd -M -u 1110 brinst
Then I wanted too add a home directory for the same user using usermod but that didn't work out:
usermod -m -d /home/lagha brinst
usermod: no changes
How can I create a home directory with all it's folders and hidden files for this user when he doesn't have an old one? - that seems to be easy but somehow it's not working.
mkdir /home/brinst
usermod -d /home/brinst brinst
More cleaner way:
mkhomedir_helper brinst
create user with command like
sudo useradd my-new-user -m -d /home/my-new-user
I am trying to use yocto to build an image for a zedboard. My first build failed when it attempted to chown a bunch of files to root. It failed as part of a do_install command in one of the meta layers. The command executed this chown line:
chown -R root:root ${D}
I run bitbake as a normal, non-root user. Shouldn't I be able to compile it as non-root?
Just to test I created a new file and tried to chown to root:root and it failed in exactly the same way.
What am I missing here?
UPDATE: Looks like this is related to the use pseudo. I tried building poky without any additional layers (no xilinx, openembedded, etc) and it still failed with the same error. I tried both the jethro and fido releases with the same error.
UPDATE 2: Apparently pseudo is disabled in meta/conf/bitbake.conf. I am not sure why or how to proceed knowing this:
# Use pseudo as the fakeroot implementation
PSEUDO_LOCALSTATEDIR ?= "${WORKDIR}/pseudo/"
PSEUDO_PASSWD ?= "${STAGING_DIR_TARGET}:${STAGING_DIR_NATIVE}"
export PSEUDO_DISABLED = "1"
#export PSEUDO_PREFIX = "${STAGING_DIR_NATIVE}${prefix_native}"
#export PSEUDO_BINDIR = "${STAGING_DIR_NATIVE}${bindir_native}"
#export PSEUDO_LIBDIR = "${STAGING_DIR_NATIVE}$PSEUDOBINDIR/../lib/pseudo/lib
FAKEROOTBASEENV = "PSEUDO_BINDIR=${STAGING_BINDIR_NATIVE} PSEUDO_LIBDIR=${STAGING_BINDIR_NATIVE}/../lib/pseudo/lib PSEUDO_PREFIX=${STAGING_BINDIR_NATIVE}/../../ PSEUDO_DISABLED=1"
FAKEROOTCMD = "${STAGING_BINDIR_NATIVE}/pseudo"
FAKEROOTENV = "PSEUDO_PREFIX=${STAGING_DIR_NATIVE}${prefix_native} PSEUDO_LOCALSTATEDIR=${PSEUDO_LOCALSTATEDIR} PSEUDO_PASSWD=${PSEUDO_PASSWD} PSEUDO_NOSYMLINKEXP=1 PSEUDO_DISABLED=0"
FAKEROOTNOENV = "PSEUDO_UNLOAD=1"
FAKEROOTDIRS = "${PSEUDO_LOCALSTATEDIR}"
PREFERRED_PROVIDER_virtual/fakeroot-native ?= "pseudo-native"
What recipe in what layer? do_install for target packages runs under pseudo (a fake-root utility) so it can chown to root as a non-root user.
You should not chown files to root this is most probably the reason you get such kind of errors.
Why you want to do so?
This happened to me many times when I use bitbake as a root or when compiling with sudo. You no need privilege user for building. Actually what you really need is a user within the sudo group.
Instead can you tried the following
create yocto build user
groupadd -g 1000 build && useradd -u 1000 -g 1000 -ms /bin/bash build && usermod -a -G sudo build && usermod -a -G root build && usermod -a -G staff build
useradd -u 1000 -g 1000 -ms /bin/bash 1001 && usermod -a -G sudo 1001 && usermod -a -G root 1001 && usermod -a -G staff 1001
Chown all your files to sudo group user e.g build.
Then, grant read and write permissions
Remove tmp and cache files in the build folder.
Source the bitbake
Finally try to build.
I would like to create a directory using a bash script and then set the mode to 00755 at the same time
mkdir -p -m=00755 "/dir/dir2"
Is this the correct way of using them together and can I also add chown command to the same line while creating them?
It goes a little like this:
install -d -m 0755 -o someuser -g somegroup /dir/dir2
If you want to set the owner during creation, you can simply impersonate as this user, using sudo for example:
sudo -uTHE_USER mkdir -p -m=00755 "/dir/dir2"
This has the advantage that there will be no time difference between creation and changing the ownership, which could otherwise being harmful if exploited.
Yes that should work. As for the chown, simply follow the command ' && chown... '. && is similar to ; except the next command ONLY executes if the previous command exits success (0).
I have a .sh file (lets say adduser.sh) that is executed via a cronjob that contains the commands to create an FTP user.
The adduser.sh file looks like so...
#!/bin/bash
mkdir /var/www/vhosts/domain/path;
useradd -d /var/www/vhosts/domain/path -ou <uid> -g <group> -s /bin/false <username>;
echo <password> | passwd <username> --stdin;
Now here is my problem. If I run it directly through SSH using...
sh adduser.sh
...no problems and it works as intended.
But if I let the cronjob run it the directory is created but the user is not added.
What gives?
As it stands, there is an alternative to useradd known as adduser. In Debian or Ubuntu, adduser is a perl script and performs sequential functions like create the user using adduser, assign it to a group, create home directory etc.
As per adduser man page-
adduser and addgroup are friendlier front ends to the low level tools
like useradd, groupadd and usermod programs, by default choosing
Debian policy conformant UID and GID values, creating a home directory
with skeletal configuration, running a custom script, and other
features.
In Fedora, RedHat, and CentOS, adduser is just a symbolic link to useradd.
[root#hobbit ~]# which /usr/sbin/adduser
lrwxrwxrwx 1 root root 7 2012-09-20 20:20 /usr/sbin/adduser -> useradd
If you are on any on the above OS then you can try adduser redirect 2> to a add_user.log file and check the file to see if something goes wrong.
I have resolved this simply adding /usr/bin/ to the useradd function.
#!/bin/bash
mkdir /var/www/vhosts/domain/path;
/usr/bin/useradd -d /var/www/vhosts/domain/path -ou <uid> -g <group> -s /bin/false <username>;
echo <password> | passwd <username> --stdin;
Thanks everyone for helping me get on the right track. Hope this helps someone out there.