While dealing with systemd as a launcher, it appeared
a limitation. If the template argument of units is used
to designate the user it can not be different that the
UID as a number because systemd enforce XDG_RUNTIME_DIR
to be /run/user/<UID>.
Thus using UID is the way to go to use template mechanic
of systemd and use systemd as launcher. This is of
importance because we don't expect systemd user to have
full capabilities. Instead the framework will continue
to leverage systemd launching mechanism but at a system
level, with full capabilities but wil only allow user
applications to deal with systemd --user. This impose to
use UID as template parameters.
The problem is then to set the user directory to the
correct value knowing only the UID and using only
possibilities of units. The only way is to have user
home directories of the form /SOMETHING/<UID> (where
SOMETHING is merely "home").
This can be achieved either by setting a symbolic link
(hard link tto directories are forbidden) or by simply
using the scheme /home/UID in all cases.
At the end, users within AGL will not receive nick names
but will receive allocated UID. So, at the end, it is
not a problem to use the regular naming scheme /home/UID,
a scheme that will probably never be seen except by tools
or experts.
This patch implement this choice.
Change-Id: I225958fa627894cb966f52a06ebd8a914058d429
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/12137
Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
Reviewed-by: Stéphane Desneux <stephane.desneux@iot.bzh>
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
lldpd::956:
postdrop::954:
display::200:
+agl-driver::1001:
+agl-passenger::1002:
avahi::997:997:::
sshd::996:996:::
systemd-bus-proxy::995:995:::
-agl-driver::1000:100:::
-agl-passenger::1001:100:::
+agl-driver::1001:1001:::
+agl-passenger::1002:1002:::
messagebus::994:994:::
afm::992:992:::
systemd-timesync::988:988:::
file://agl-user-session@.service \
"
-LOGIN_USER ??="agl-driver agl-passenger"
+LOGIN_USER ??="1001 1002"
do_install_append() {
PACKAGECONFIG_append_pn-shadow = " attr"
PACKAGECONFIG_append_pn-shadow-native = " attr"
+# set the home directory for root
+ROOT_HOME = "/home/0"
USERADD_PACKAGES = "${PN}"
-GROUPADD_PARAM_${PN} = " --system display ; --system weston-launch"
+USERADDEXTENSION = "useradd-staticids"
+
+GROUPADD_PARAM_${PN} = "\
+ --system display ; \
+ --system weston-launch ; \
+ -g 1001 agl-driver ; \
+ -g 1002 agl-passenger \
+"
USERADD_PARAM_${PN} = "\
- -g users -G display -d /home/agl-driver -m -K PASS_MAX_DAYS=-1 agl-driver ; \
- -g users -G display -d /home/agl-passenger -m -K PASS_MAX_DAYS=-1 agl-passenger ; \
+ -g 1001 -G display -u 1001 -o -d /home/1001 -m -K PASS_MAX_DAYS=-1 agl-driver ; \
+ -g 1002 -G display -u 1002 -o -d /home/1002 -m -K PASS_MAX_DAYS=-1 agl-passenger ; \
--gid display --groups weston-launch,video,input --home-dir /run/platform/display --shell /bin/false --comment \"Display daemon\" --key PASS_MAX_DAYS=-1 display \
"
pkg_postinst_${PN}_append_smack() {
chsmack -r -a 'User::Home' -t -D $D/${sysconfdir}/skel
chsmack -a 'User::App-Shared' -D $D/${sysconfdir}/skel/app-data
+ cp -rTf --preserve=all $D/${sysconfdir}/skel $D/${ROOT_HOME}
}
Code Review / AGL / meta-agl.git / commitdiff