Message ID | 20231107202439.2647261-1-joakim.tjernlund@infinera.com |
---|---|
State | New |
Headers | show |
Series | [meta,classes] sed -i destroys symlinks | expand |
Hi, You meant to set this to openembedded-core@lists.openembedded.org <mailto:openembedded-core@lists.openembedded.org>. Cheers, Ross > On 7 Nov 2023, at 20:24, Joakim Tjernlund via lists.openembedded.org <Joakim.Tjernlund=infinera.com@lists.openembedded.org> wrote: > > In /etc/passwd is a symlink, sed -i on same file will replace the > symlink with a new file. Prevent that by expanding the file with realpath > before giving it to sed. > --- > meta/classes/rootfs-postcommands.bbclass | 4 ++-- > meta/classes/useradd_base.bbclass | 2 +- > 2 files changed, 3 insertions(+), 3 deletions(-) > > diff --git a/meta/classes/rootfs-postcommands.bbclass b/meta/classes/rootfs-postcommands.bbclass > index 5c0b3ec37c..55cc863dbf 100644 > --- a/meta/classes/rootfs-postcommands.bbclass > +++ b/meta/classes/rootfs-postcommands.bbclass > @@ -148,10 +148,10 @@ read_only_rootfs_hook () { > # > zap_empty_root_password () { > if [ -e ${IMAGE_ROOTFS}/etc/shadow ]; then > - sed -i 's%^root::%root:*:%' ${IMAGE_ROOTFS}/etc/shadow > + sed -i 's%^root::%root:*:%' $(realpath ${IMAGE_ROOTFS}/etc/shadow) > fi > if [ -e ${IMAGE_ROOTFS}/etc/passwd ]; then > - sed -i 's%^root::%root:*:%' ${IMAGE_ROOTFS}/etc/passwd > + sed -i 's%^root::%root:*:%' $(realpath ${IMAGE_ROOTFS}/etc/passwd) > fi > } > > diff --git a/meta/classes/useradd_base.bbclass b/meta/classes/useradd_base.bbclass > index 7f5b9b7219..72732a4d57 100644 > --- a/meta/classes/useradd_base.bbclass > +++ b/meta/classes/useradd_base.bbclass > @@ -154,7 +154,7 @@ perform_passwd_expire () { > local username=`echo "$opts" | awk '{ print $NF }'` > local user_exists="`grep "^$username:" $rootdir/etc/passwd || true`" > if test "x$user_exists" != "x"; then > - eval flock -x $rootdir${sysconfdir} -c \"$PSEUDO sed -i \''s/^\('$username':[^:]*\):[^:]*:/\1:0:/'\' $rootdir/etc/shadow \" || true > + eval flock -x $rootdir${sysconfdir} -c \"$PSEUDO sed -i \''s/^\('$username':[^:]*\):[^:]*:/\1:0:/'\' $(realpath $rootdir/etc/shadow) \" || true > local passwd_lastchanged="`grep "^$username:" $rootdir/etc/shadow | cut -d: -f3`" > if test "x$passwd_lastchanged" != "x0"; then > bbfatal "${PN}: passwd --expire operation did not succeed." > -- > 2.41.0 > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#106461): https://lists.openembedded.org/g/openembedded-devel/message/106461 > Mute This Topic: https://lists.openembedded.org/mt/102450721/6875888 > Group Owner: openembedded-devel+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [ross.burton@arm.com] > -=-=-=-=-=-=-=-=-=-=-=- >
On 07.11.23 21:24, Joakim Tjernlund via lists.openembedded.org wrote: > In /etc/passwd is a symlink, sed -i on same file will replace the I suspect the »In« should be an »If« > symlink with a new file. Prevent that by expanding the file with realpath > before giving it to sed. Using `sed -i` could be used in many places; e.g. /etc/hosts. Maybe the replacement with a symlink should happen after all other scripts are done. Would this be possible? Kind regards Jörg Sommer
On Wed, 2023-11-08 at 11:47 +0100, Jörg Sommer wrote: > On 07.11.23 21:24, Joakim Tjernlund via lists.openembedded.org wrote: > > In /etc/passwd is a symlink, sed -i on same file will replace the > > I suspect the »In« should be an »If« Yes :) > > > symlink with a new file. Prevent that by expanding the file with realpath > > before giving it to sed. > > Using `sed -i` could be used in many places; e.g. /etc/hosts. Maybe the Yes, there are more places but I don't intend to fix them all here. > replacement with a symlink should happen after all other scripts are > done. Would this be possible? I don't see how, the symlink needs to be in place when building pkgs adding users/groups etc. Anyhow, I have redirected this to oe-core as instructed, please move furher comments there. Joakim
diff --git a/meta/classes/rootfs-postcommands.bbclass b/meta/classes/rootfs-postcommands.bbclass index 5c0b3ec37c..55cc863dbf 100644 --- a/meta/classes/rootfs-postcommands.bbclass +++ b/meta/classes/rootfs-postcommands.bbclass @@ -148,10 +148,10 @@ read_only_rootfs_hook () { # zap_empty_root_password () { if [ -e ${IMAGE_ROOTFS}/etc/shadow ]; then - sed -i 's%^root::%root:*:%' ${IMAGE_ROOTFS}/etc/shadow + sed -i 's%^root::%root:*:%' $(realpath ${IMAGE_ROOTFS}/etc/shadow) fi if [ -e ${IMAGE_ROOTFS}/etc/passwd ]; then - sed -i 's%^root::%root:*:%' ${IMAGE_ROOTFS}/etc/passwd + sed -i 's%^root::%root:*:%' $(realpath ${IMAGE_ROOTFS}/etc/passwd) fi } diff --git a/meta/classes/useradd_base.bbclass b/meta/classes/useradd_base.bbclass index 7f5b9b7219..72732a4d57 100644 --- a/meta/classes/useradd_base.bbclass +++ b/meta/classes/useradd_base.bbclass @@ -154,7 +154,7 @@ perform_passwd_expire () { local username=`echo "$opts" | awk '{ print $NF }'` local user_exists="`grep "^$username:" $rootdir/etc/passwd || true`" if test "x$user_exists" != "x"; then - eval flock -x $rootdir${sysconfdir} -c \"$PSEUDO sed -i \''s/^\('$username':[^:]*\):[^:]*:/\1:0:/'\' $rootdir/etc/shadow \" || true + eval flock -x $rootdir${sysconfdir} -c \"$PSEUDO sed -i \''s/^\('$username':[^:]*\):[^:]*:/\1:0:/'\' $(realpath $rootdir/etc/shadow) \" || true local passwd_lastchanged="`grep "^$username:" $rootdir/etc/shadow | cut -d: -f3`" if test "x$passwd_lastchanged" != "x0"; then bbfatal "${PN}: passwd --expire operation did not succeed."