Enable Systemd NSS module to support DynamicUsers
DynamicUsers flag in systemd service configuration file required to create,
handle and recycle temporary users.
This is essential module for upcoming daemons' privilege separation work.
Reference: https://github.com/openbmc/openbmc/issues/3383
Signed-off-by: Anton D. Kachalov <gmouse@google.com>
Change-Id: Iabd709c4a20f754fc6ea505e640b2d361aba0be2
diff --git a/meta-phosphor/classes/obmc-phosphor-image.bbclass b/meta-phosphor/classes/obmc-phosphor-image.bbclass
index 0a07fc6..c83dce3 100644
--- a/meta-phosphor/classes/obmc-phosphor-image.bbclass
+++ b/meta-phosphor/classes/obmc-phosphor-image.bbclass
@@ -88,7 +88,9 @@
}
enable_ldap_nsswitch() {
- sed -i 's/\(\(passwd\|group\|shadow\):\s*\).*/\1files ldap/' \
+ sed -i 's/\(\(passwd\|group\):\s*\).*/\1files systemd ldap/' \
+ "${IMAGE_ROOTFS}${sysconfdir}/nsswitch.conf"
+ sed -i 's/\(shadow:\s*\).*/\1files ldap/' \
"${IMAGE_ROOTFS}${sysconfdir}/nsswitch.conf"
}
diff --git a/meta-phosphor/conf/distro/include/phosphor-base.inc b/meta-phosphor/conf/distro/include/phosphor-base.inc
index af2e6ef..5b11481 100644
--- a/meta-phosphor/conf/distro/include/phosphor-base.inc
+++ b/meta-phosphor/conf/distro/include/phosphor-base.inc
@@ -120,7 +120,7 @@
IMAGE_CLASSES_append = " image_types_phosphor phosphor-rootfs-postcommands"
IMAGE_CLASSES_append_npcm7xx = " image_types_phosphor_nuvoton"
-IMAGE_INSTALL_append = " dbus-broker"
+IMAGE_INSTALL_append = " dbus-broker libnss-systemd"
# Skip the udev database by default. It adds around 2MB
# compressed to the root filesystem, and probably doesn't
diff --git a/meta-phosphor/recipes-core/base-files/base-files_%.bbappend b/meta-phosphor/recipes-core/base-files/base-files_%.bbappend
index b6c4222..30e5623 100644
--- a/meta-phosphor/recipes-core/base-files/base-files_%.bbappend
+++ b/meta-phosphor/recipes-core/base-files/base-files_%.bbappend
@@ -10,6 +10,8 @@
"
do_install_append() {
+ sed -i 's/\(\(passwd\|group\):\s*\).*/\1files systemd/' \
+ "${D}${sysconfdir}/nsswitch.conf"
install -d ${D}/srv
diff --git a/meta-phosphor/recipes-core/systemd/systemd_%.bbappend b/meta-phosphor/recipes-core/systemd/systemd_%.bbappend
index f1046de..1f0b95e 100644
--- a/meta-phosphor/recipes-core/systemd/systemd_%.bbappend
+++ b/meta-phosphor/recipes-core/systemd/systemd_%.bbappend
@@ -6,6 +6,7 @@
hostnamed \
kmod \
networkd \
+ nss \
pam \
randomseed \
resolved \