summaryrefslogtreecommitdiff
path: root/sysusers.d
Commit message (Collapse)AuthorAgeFilesLines
* Use descriptive name for nobodyZbigniew Jędrzejewski-Szmek2022-05-271-1/+1
| | | | | | | This matches the changes pushed to Fedora [1,2]. [1] https://fedoraproject.org/wiki/Changes/RenameNobodyUser [2] https://pagure.io/setup/c/f6fdb5ffc87fc8f1acc211867fef4e3f0856edfc
* meson: also allow setting GIT_VERSION via templatesZbigniew Jędrzejewski-Szmek2022-04-051-1/+1
| | | | | | | | | GIT_VERSION is not available as a config.h variable, because it's rendered into version.h during builds. Let's rework jinja2 rendering to also parse version.h. No functional change, the new variable is so far unused. I guess this will make partial rebuilds a bit slower, but it's useful to be able to use the full version string.
* sysusers: avoid creating spurious "nobody" groupRasmus Villemoes2021-11-301-2/+3
| | | | | | | | | | | | | | | | | On distros using Debian's base-passwd, the name of the group with gid 65534 is nogroup. Currently, systemd-sysusers creates a spurious "nobody" group systemd-sysusers[243]: Creating group nobody with gid 996 That's both confusing and redundant, as the nobody user still has primary group 65534 aka nogroup, and the nobody group simply goes completely unused. So explicitly specify the primary group of the nobody user, and add a line ensuring that that group exists. This is not a problem for Debian (or Ubuntu) itself, as they add their own version of basic.conf in their systemd build logic. But it appears on for example Yocto/OpenEmbedded.
* build: preserve correct mode when generating files via jinja2Christian Brauner2021-11-081-2/+1
| | | | | | | | | When using "capture : true" in custom_target()s the mode of the source file is not preserved when the generated file is not installed and so needs to be tweaked manually. Switch from output capture to creating the target file and copy the permissions from the input file. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
* meson: minor cleanupChristoph Anton Mitterer2021-07-111-2/+0
| | | | | | The file itself is already only included when HAVE_MICROHTTPD is set. Signed-off-by: Christoph Anton Mitterer <mail@christoph.anton.mitterer.name>
* sysusers: split up systemd.confChristoph Anton Mitterer2021-07-118-29/+72
| | | | | | | This makes it easier have the respective users/groups only created when their respective packages are installed. Fixes #20044.
* meson: allow "soft-static" allocations for uids and gids in the initrdZbigniew Jędrzejewski-Szmek2021-06-172-23/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The general idea with users and groups created through sysusers is that an appropriate number is picked when the allocation is made. The number that is selected will be different on each system based on the order of creation of users, installed packages, etc. Since system users and groups are not shared between installations, this generally is not an issue. But it becomes a problem for initrd: some file systems are shared between the initrd and the host (/run and /dev are probably the only ones that matter). If the allocations are different in the host and the initrd, and files survive switch-root, they will have wrong ownership. This makes the gids build-time-configurable for all groups and users where state may survive the switch from initrd to the host. In particular, all "hardware access" groups are like this: files in /dev will be owned by them. Eventually the new udev would change ownership, but there would be a momemnt where the files were owned by the wrong group. The allocations are "soft-static" in the language of Fedora packaging guidelines: the uid/gid will be used if possible, but we'll fall back to a different one. TTY_GID is the exception, because the number is used directly. Similarly, the possibility to configure "soft-static" uids is added for daemons which may usefully run in the initramfs: systemd-network (lease information and interface state is serialized to /run), systemd-resolve (stub files and interface state), systemd-timesync (/run/systemd/timesync). Journal files are owned by the group systemd-journal, and acls are granted for wheel and adm. systemd-oom and systemd-coredump are excluded from this patch: I assume that oomd is not useful in the initrd, and coredump leaves no state (it only creates a pipe in /run?). The defaults are not changed: if nothing is configured, dynamic allocation will be used. I looked at a Debian system, and the numbers are all different than on Fedora. For Fedora, see the list of uids and gids at https://pagure.io/setup/blob/master/f/uidgid. In particular, systemd-network and systemd-resolve got soft-static numbers to make it easy to transition from a non-host-specific initrd to a host system already a few years back (https://bugzilla.redhat.com/show_bug.cgi?id=1102002). I also requested static allocations for sgx, input, render in https://pagure.io/packaging-committee/issue/1078, https://pagure.io/setup/pull-request/27.
* meson: replace some m4 templates with jinja2Zbigniew Jędrzejewski-Szmek2021-05-194-38/+25
| | | | | | | | | | | | | | | | | | | | | | | | | m4 was nice in '85, but the syntax feels a bit dated. Since we use python for meson, let's use a popular python templating engine to replace some m4 usage. A little nicety is that typos are caught: FAILED: sysusers.d/systemd-remote.conf /usr/bin/meson --internal exe --capture sysusers.d/systemd-remote.conf -- /home/zbyszek/src/systemd/tools/meson-render-jinja2.py config.h ../sysusers.d/systemd-remote.conf.j2 Traceback (most recent call last): File "/home/zbyszek/src/systemd/tools/meson-render-jinja2.py", line 28, in <module> print(render(sys.argv[2], defines)) File "/home/zbyszek/src/systemd/tools/meson-render-jinja2.py", line 24, in render return template.render(defines) File "/usr/lib/python3.9/site-packages/jinja2/environment.py", line 1090, in render self.environment.handle_exception() File "/usr/lib/python3.9/site-packages/jinja2/environment.py", line 832, in handle_exception reraise(*rewrite_traceback_stack(source=source)) File "/usr/lib/python3.9/site-packages/jinja2/_compat.py", line 28, in reraise raise value.with_traceback(tb) File "<template>", line 8, in top-level template code jinja2.exceptions.UndefinedError: 'HAVE_MICROHTTP' is undefined This checking mirrors what 349cc4a507c4d84fcadf61f42159ea6412717896 did for C defines.
* Add READMEs in all .d directoriesZbigniew Jędrzejewski-Szmek2021-03-262-0/+12
|
* udev: add default group for sgx enclave accessZbigniew Jędrzejewski-Szmek2021-03-101-0/+1
| | | | | | | | | | | | | | | | | | | Closes #18669. This creates a "well known" for sgx_enclave ownership. By doing this here we avoid the risk that various projects making use of the device will provide similar-but-slightly-incompatible installation instructions, in particular using different group names. ACLs are actually a better approach to grant access to users, but not in all cases, so we want to provide a standard group anyway. Mode is 0o660, not 0o666 because this is very new code and distributions are likely to not want to give full access to all users. This might change in the future, but being conservative is a good default in the beginning. Rules for /dev/sgx_provision will be provided by libsg-ae-pce: https://github.com/intel/linux-sgx/issues/678.
* license: LGPL-2.1+ -> LGPL-2.1-or-laterYu Watanabe2020-11-091-1/+1
|
* systemd-oomd: service filesAnita Zhang2020-10-071-0/+3
|
* test/TEST-21-SYSUSERS: turn into a unit testZbigniew Jędrzejewski-Szmek2020-10-011-2/+0
| | | | | | | All this test does is manipulate text files in a subdir specified with --testroot. It can be a normal unittest without the overhead of creating a machine image. As a bonus, also test the .standalone version.
* sysusers,tmpfiles: re-create systemd-network, systemd-resolve and ↵Yu Watanabe2018-07-161-0/+9
| | | | | | | | | | | | | | systemd-timesync This partially reverts d4e9e574ea0b5d23598a317e68399584d229568b, 0187368cadea183e18c6d575a9d6b7f491a402af, and 4240cb02fda90ba11dfc0114201e42691132c6a9. The services systemd-networkd, systemd-resolved, and systemd-timesyncd enable DynamicUsers= and have bus interfaces. Unfortunately, these has many problems now. Let us create the relevant users, at least, tentatively. Fixes #9503.
* Drop my copyright headersZbigniew Jędrzejewski-Szmek2018-06-141-2/+0
| | | | | | | perl -i -0pe 's/\s*Copyright © .... Zbigniew Jędrzejewski.*?\n/\n/gms' man/*xml git grep -e 'Copyright.*Jędrzejewski' -l | xargs perl -i -0pe 's/(#\n)?# +Copyright © [0-9, -]+ Zbigniew Jędrzejewski.*?\n//gms' git grep -e 'Copyright.*Jędrzejewski' -l | xargs perl -i -0pe 's/\s*\/\*\*\*\s+Copyright © [0-9, -]+ Zbigniew Jędrzejewski[^\n]*?\s*\*\*\*\/\s*/\n\n/gms' git grep -e 'Copyright.*Jędrzejewski' -l | xargs perl -i -0pe 's/\s+Copyright © [0-9, -]+ Zbigniew Jędrzejewski[^\n]*//gms'
* tree-wide: beautify remaining copyright statementsLennart Poettering2018-06-141-1/+1
| | | | | | Let's unify an beautify our remaining copyright statements, with a unicode ©. This means our copyright statements are now always formatted the same way. Yay.
* network: set DynamicUser= to systemd-networkd.serviceYu Watanabe2018-05-221-3/+0
|
* resolve: enable DynamicUser= for systemd-resolved.serviceYu Watanabe2018-05-221-3/+0
|
* meson: generate m4 preprocessor from config.h (#8914)Yu Watanabe2018-05-071-1/+1
|
* tree-wide: drop license boilerplateZbigniew Jędrzejewski-Szmek2018-04-061-13/+0
| | | | | | | | | | Files which are installed as-is (any .service and other unit files, .conf files, .policy files, etc), are left as is. My assumption is that SPDX identifiers are not yet that well known, so it's better to retain the extended header to avoid any doubt. I also kept any copyright lines. We can probably remove them, but it'd nice to obtain explicit acks from all involved authors before doing that.
* sysusers: use NOBODY_USER_NAMEYu Watanabe2017-12-071-1/+1
|
* sysusers: Provide meson argument to set gid for 'users' group (#7533)Ikey Doherty2017-12-031-1/+1
| | | | | | | | | | To allow better integration with distributions requiring an explicitly set gid for the `users` group, provide the new `-Dusers-gid` option to set to a new numeric value. In the absence of a specified gid, we'll fallback to the default existing behaviour of `-` as the gid value, to automatically assign the next available gid on the system.
* README,sysusers: complete and order list of default udev groups we needLennart Poettering2017-11-201-2/+2
| | | | | Let's make sure the list of default udev groups we need are ordered in README and in the sysusers.d snippet, and both are complete.
* Add license headers and SPDX identifiers to meson.build filesZbigniew Jędrzejewski-Szmek2017-11-191-0/+17
| | | | | | | So far I avoided adding license headers to meson files, but they are pretty big and important and should carry license headers like everything else. I added my own copyright, even though other people modified those files too. But this is mostly symbolic, so I hope that's OK.
* udev-rules: Permission changes for /dev/dri/renderD*Tom Stellard2017-11-081-0/+1
| | | | | | | | - Remove the uaccess tag from /dev/dri/renderD*. - Change the owning group from video to render. - Change default mode to 0666. - Add an option to allow users to set the access mode for these devices at compile time.
* sysusers: do not create unneeded usersYu Watanabe2017-10-062-6/+0
|
* build-sys: s/ENABLE_RESOLVED/ENABLE_RESOLVE/Zbigniew Jędrzejewski-Szmek2017-10-041-1/+1
| | | | | | The configuration option was called -Dresolve, but the internal define was …RESOLVED. This options governs more than just resolved itself, so let's settle on the version without "d".
* build-sys: use #if Y instead of #ifdef Y everywhereZbigniew Jędrzejewski-Szmek2017-10-041-2/+2
| | | | | | | | | | | | | | | The advantage is that is the name is mispellt, cpp will warn us. $ git grep -Ee "conf.set\('(HAVE|ENABLE)_" -l|xargs sed -r -i "s/conf.set\('(HAVE|ENABLE)_/conf.set10('\1_/" $ git grep -Ee '#ifn?def (HAVE|ENABLE)' -l|xargs sed -r -i 's/#ifdef (HAVE|ENABLE)/#if \1/; s/#ifndef (HAVE|ENABLE)/#if ! \1/;' $ git grep -Ee 'if.*defined\(HAVE' -l|xargs sed -i -r 's/defined\((HAVE_[A-Z0-9_]*)\)/\1/g' $ git grep -Ee 'if.*defined\(ENABLE' -l|xargs sed -i -r 's/defined\((ENABLE_[A-Z0-9_]*)\)/\1/g' + manual changes to meson.build squash! build-sys: use #if Y instead of #ifdef Y everywhere v2: - fix incorrect setting of HAVE_LIBIDN2
* units,sysusers: use DynamicUser= for journal-gatewayd and drop user ↵Yu Watanabe2017-07-281-1/+0
| | | | systemd-journal-gateway from sysusers
* build-sys: drop gitignore patterns for in-tree buildsZbigniew Jędrzejewski-Szmek2017-07-181-3/+0
| | | | ... and other autotools-generated files.
* build-sys: drop automake supportZbigniew Jędrzejewski-Szmek2017-07-181-1/+0
| | | | | v2: - also mention m4
* meson: do not use path separator for target name (#6177)Yu Watanabe2017-06-221-1/+1
| | | Fixes #6158.
* meson: use booleans for conf.set and drop unecessary conditionalsZbigniew Jędrzejewski-Szmek2017-05-021-2/+2
| | | | | | | | | Using conf.set() with a boolean argument does the right thing: either #ifdef or #undef. This means that conf.set can be used unconditionally. Previously I used '1' as the placeholder value, and that needs to be changed to 'true' for consistency (under meson 1 cannot be used in boolean context). All checks need to be adjusted.
* meson: reindent all files with 8 spacesZbigniew Jędrzejewski-Szmek2017-04-231-19/+17
| | | | | | | The indentation for emacs'es meson-mode is added .dir-locals. All files are reindented automatically, using the lasest meson-mode from git. Indentation should now be fairly consistent.
* meson: build systemd using mesonZbigniew Jędrzejewski-Szmek2017-04-231-0/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It's crucial that we can build systemd using VS2010! ... er, wait, no, that's not the official reason. We need to shed old systems by requring python 3! Oh, no, it's something else. Maybe we need to throw out 345 years of knowlege accumulated in autotools? Whatever, this new thing is cool and shiny, let's use it. This is not complete, I'm throwing it out here for your amusement and critique. - rules for sd-boot are missing. Those might be quite complicated. - rules for tests are missing too. Those are probably quite simple and repetitive, but there's lots of them. - it's likely that I didn't get all the conditions right, I only tested "full" compilation where most deps are provided and nothing is disabled. - busname.target and all .busname units are skipped on purpose. Otherwise, installation into $DESTDIR has the same list of files and the autoconf install, except for .la files. It'd be great if people had a careful look at all the library linking options. I added stuff until things compiled, and in the end there's much less linking then in the old system. But it seems that there's still a lot of unnecessary deps. meson has a `shared_module` statement, which sounds like something appropriate for our nss and pam modules. Unfortunately, I couldn't get it to work. For the nss modules, we need an .so version of '2', but `shared_module` disallows the version argument. For the pam module, it also didn't work, I forgot the reason. The handling of .m4 and .in and .m4.in files is rather awkward. It's likely that this could be simplified. If make support is ever dropped, I think it'd make sense to switch to a different templating system so that two different languages and not required, which would make everything simpler yet. v2: - use get_pkgconfig_variable - use sh not bash - use add_project_arguments v3: - drop required:true and fix progs/prog typo v4: - use find_library('bz2') - add TTY_GID definition - define __SANE_USERSPACE_TYPES__ - use join_paths(prefix, ...) is used on all paths to make them all absolute v5: - replace all declare_dependency's with [] - add more conf.get guards around optional components v6: - drop -pipe, -Wall which are the default in meson - use compiler.has_function() and compiler.has_header_symbol instead of the hand-rolled checks. - fix duplication in 'liblibsystemd' library name - use the right .sym file for pam_systemd - rename 'compiler' to 'cc': shorter, and more idiomatic. v7: - use ENABLE_ENVIRONMENT_D not HAVE_ENVIRONMENT_D - rename prefix to prefixdir, rootprefix to rootprefixdir ("prefix" is too common of a name and too easy to overwrite by mistake) - wrap more stuff with conf.get('ENABLE...') == 1 - use rootprefix=='/' and rootbindir as install_dir, to fix paths under split-usr==true. v8: - use .split() also for src/coredump. Now everything is consistent ;) - add rootlibdir option and use it on the libraries that require it v9: - indentation v10: - fix check for qrencode and libaudit v11: - unify handling of executable paths, provide options for all progs This makes the meson build behave slightly differently than the autoconf-based one, because we always first try to find the executable in the filesystem, and fall back to the default. I think different handling of loadkeys, setfont, and telinit was just a historical accident. In addition to checking in $PATH, also check /usr/sbin/, /sbin for programs. In Fedora $PATH includes /usr/sbin, (and /sbin is is a symlink to /usr/sbin), but in Debian, those directories are not included in the path. C.f. https://github.com/mesonbuild/meson/issues/1576. - call all the options 'xxx-path' for clarity. - sort man/rules/meson.build properly so it's stable
* rules: add a rule to set /dev/kvm access mode and ownership (#5597)Zbigniew Jędrzejewski-Szmek2017-03-271-0/+1
| | | | | | | | | | | | | | | | | | Kernel default mode is 0600, but distributions change it to group kvm, mode either 0660 (e.g. Debian) or 0666 (e.g. Fedora). Both approaches have valid reasons (a stricter mode limits exposure to bugs in the kvm subsystem, a looser mode makes libvirt and other virtualization mechanisms work out of the box for unprivileged users over ssh). In Fedora the qemu package carries the relevant rule, but it's nicer to have it in systemd, so that the permissions are not dependent on the qemu package being installed. Use of packaged qemu binaries is not required to make use of /dev/kvm, e.g. it's possible to use a self-compiled qemu or some alternative. https://bugzilla.redhat.com/show_bug.cgi?id=1431876 To accomodate both approaches, add a rule to set the mode in 50-udev-default.rules, but allow the mode to be overridden with a --with-dev-kvm-mode configure rule. The default is 0660, as the (slightly) more secure option.
* remove bus-proxydDaniel Mack2016-02-121-1/+0
| | | | | | | | | | As kdbus won't land in the anticipated way, the bus-proxy is not needed in its current form. It can be resurrected at any time thanks to the history, but for now, let's remove it from the sources. If we'll have a similar tool in the future, it will look quite differently anyway. Note that stdio-bridge is still available. It was restored from a version prior to f252ff17, and refactored to make use of the current APIs.
* coredump: dump priviliges when processing system coredumpsLennart Poettering2016-02-101-0/+3
| | | | | | | | Let's add an extra-safety net and change UID/GID to the "systemd-coredump" user when processing coredumps from system user. For coredumps of normal users we keep the current logic of processing the coredumps from the user id the coredump was created under. Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=87354
* tmpfiles: drop /run/lock/lockdevMartin Pitt2016-02-011-1/+0
| | | | | | | | Hardly any software uses that any more, and better locking mechanisms like flock() have been available for many years. Also drop the corresponding "lock" group from sysusers.d/basic.conf.in, as nothing else is using this.
* build: fix systemd-journal-upload installationEvgeny Vereshchagin2015-12-092-0/+5
| | | | | | | | | | | | Fixes: $ ./configure ... --disable-microhttpd --enable-libcurl --enable-sysusers $ make && make install DESTDIR=$(pwd)/INST $ ls INST/usr/lib/sysusers.d/ basic.conf systemd.conf There is no a file with `systemd-journald-upload`
* turn kdbus support into a runtime optionKay Sievers2015-06-171-2/+0
| | | | | | | | | | | | | ./configure --enable/disable-kdbus can be used to set the default behavior regarding kdbus. If no kdbus kernel support is available, dbus-dameon will be used. With --enable-kdbus, the kernel command line option "kdbus=0" can be used to disable kdbus. With --disable-kdbus, the kernel command line option "kdbus=1" is required to enable kdbus support.
* build-sys: configure the list of system users, files and directoriesŁukasz Stelmach2014-11-302-0/+9
| | | | | | Choose which system users defined in sysusers.d/systemd.conf and files or directories in tmpfiles.d/systemd.conf, should be provided depending on comile-time configuration.
* sysusers: realign sysusers snippetsLennart Poettering2014-08-192-8/+8
|
* sysusers: set home directory for root to /rootLennart Poettering2014-08-191-17/+17
|
* sysusers: split users for remote into separate fileZbigniew Jędrzejewski-Szmek2014-07-312-2/+10
| | | | This mirrors the setup for tmpfiles.d done in ad95fd1d2b9.
* journal: add systemd-journal-remote to sysusersKay Sievers2014-07-161-0/+1
|
* sysusers: split up default sysusers snippetLennart Poettering2014-06-293-9/+14
| | | | | This ways, distributions have an easier way to replace the OS specific generic groups/users while keeping systemd's own.
* sysusers.d - fix typo in user definition fileJonathan Boulle2014-06-201-1/+1
|
* sysusers: hide generate .conf fileLennart Poettering2014-06-131-0/+1
|
* sysuser: generate default snippet incorporating TTY_GID properlyLennart Poettering2014-06-121-1/+1
| | | | | When the user specifies --with-tty-gid= then we should honour that and write it to the snippet, too.