if [ -f "${S}/abc/abcd.service" ]; then
install -m 0644 ${S}/abc/abcd.service -D ${D}${systemd_unitdir}/system/abcd.service
ln -sf ${systemd_unitdir}/system/abcd.service ${D}${systemd_unitdir}/system/multi-user.target.wants/abcd.service
ln -sf ${systemd_unitdir}/system/abcd.service ${D}${systemd_unitdir}/system/ffbm.target.wants/abcd.service
fi
I have installed a sample daemon "abcd.service" like above but on target, I see this listed as root. If I check "ps -ax | grep abcd" then it shows root which I don't want.
Any idea how can I change that to non-root?
Edit the systemd unit file to use the User= or DynamicUser= directive: https://www.freedesktop.org/software/systemd/man/systemd.exec.html?_sm_au_=iVVHkLwvwFJL8SMPL321jK0f1JH33#User=. The DynamicUser directive might be easier because you won't have to figure out how to create a new user in Yocto (maybe it's actually easy but I don't know how to do it off the top of my head).
Related
How can I change ownership of /usr/lib directory and all libraries inside for a specific user?
I tried to write a custom bb recipe without success.
SUMMARY = "Change /usr/lib ownership."
LICENSE = "MIT"
FILES_${PN} = "${libdir}\*"
do_install () {
chown user1:group1 ${D}${libdir}
}
I also try use ${libdir} instead /usr/lib, but without success. How can I access correctly /usr/lib?
It's impossible to change it during yocto compilation because the filesystem is built at the end of the process. There are two ways to achieve it. The first is to add chmod in the system image installation script.
The second one is to prepare a system service and bash script, which can check the owner and set the current one if necessary.
owner-updater.service
[Unit]
Description=Directory Owner Updater
After=local-fs.target
[Service]
Type=oneshot
ExecStart=/opt/update-owner
StandardOutput=journal
[Install]
WantedBy=multi-user.target
update-owner
#!/bin/bash
USER=user_name
DIR_PATH="/usr/lib"
DIR_OWNER="$(stat --format '%U' $DIR_PATH)"
DIR_GROUP="$(stat --format '%G' $DIR_PATH)"
if [ "$(id -u $DIR_OWNER)" -eq "$(id -u $USER)" ] &&
[ "$(id -g $DIR_GROUP)" -eq "$(id -g $USER)" ]; then
echo Correct owner
else
echo Incorrect owner
fi
chown -R [user_name/user_id]:[group_name/group_id] /usr/lib
Engineer Engelbert, a fierce OpenSuSE 11-sp4 user, is in possession of two RPM packages with the same contents:
rpm -qlp ~/onemy_ls_0.0.1_x86_64.rpm | tee a
/.osc/_apiurl
/.osc/_files
/.osc/_meta
/.osc/_osclib_version
/.osc/_package
/.osc/_project
/my_ls/my_ls.sh
rpm -qlp ~/my_ls_0.0.1_x86_64.rpm | tee b
/.osc/_apiurl
/.osc/_files
/.osc/_meta
/.osc/_osclib_version
/.osc/_package
/.osc/_project
/my_ls/my_ls.sh
diff a b | wc
0 0 0
Engineer Engelbert has realized that he can install both packages with no warning from RPM:
rpm -e my_ls-0.0.1-1 ; rpm -i ~/my_ls_0.0.1_x86_64.rpm
rpm -e onemy_ls-0.0.1-1 ; rpm -i ~/onemy_ls_0.0.1_x86_64.rpm
Engineer Engelbert is self-assured about his choices. He knows that's probably a good design choice from rpm developers. So, he checked the man page, certain that there would be an option for not allowing rpm packages to overwrite files in the system. But all the install options he found were:
install-options
[--aid] [--allfiles] [--badreloc] [--excludepath OLDPATH]
[--excludedocs] [--force] [-h,--hash]
[--ignoresize] [--ignorearch] [--ignoreos]
[--includedocs] [--justdb] [--nodeps]
[--nodigest] [--nosignature] [--nosuggest]
[--noorder] [--noscripts] [--notriggers]
[--oldpackage] [--percent] [--prefix NEWPATH]
[--relocate OLDPATH=NEWPATH]
[--repackage] [--replacefiles] [--replacepkgs]
[--test]
He hesitated and found strange that there is --replacefiles, but not --keepfiles. That suggested him that keep would be the default behavior. So, he created an script:
rpm -e onemy_ls-0.0.1-1
rpm -e my_ls-0.0.1-1
rm -rf /my_ls/
rpm -i ~/my_ls_0.0.1_x86_64.rpm
ls -lh /my_ls -d
sleep 120
rpm -i ~/onemy_ls_0.0.1_x86_64.rpm
ls -lh /my_ls -d
That showed that the files were actually overwritten:
drwxr-xr-x 2 root root 4.0K Aug 16 17:07 /my_ls
drwxr-xr-x 2 root root 4.0K Aug 16 17:09 /my_ls
After a research, Engineer Engelbert couldn't still find the answer.Now he is in the middle of a flamewar about packaging systems, and, as asked by somebody, he needs your help:
How to make rpm not to overwrite files when installing new packages?
Note - Engineer Engelbert knows that he should create better rpm packages with conflicts management, you don't need to explain him that. He is mostly worried about being sure that his packages won't conflict with other proprietary unpublished packages racing for the same paths in the system.
Note - using fpm, you can regenerate Engineer Engelbert's RPMs:
mkdir -p first_pkg/my_ls/
echo ls > first_pkg/my_ls/my_ls.sh
fpm -s dir -t rpm -n onemy_ls -v 0.0.1 -C first_pkg/ -p onemy_ls_VERSION_ARCH.rpm
fpm -s dir -t rpm -n my_ls -v 0.0.1 -C first_pkg/ -p my_ls_VERSION_ARCH.rpm
Yes: rpm will overwrite all files contained in a *.rpm that are not marked with %config and there is no option to disable that behavior.
I'm just learning making rpm packages for some custom builds of software that gets compiled from source (some legacy stuff needs this, so I'm trying to learn, as some packages can't use the latest versions), but hitting an error (I'm doing this in Vagrant, and also as root, but typically I'm trying not to use root as I'm aware it has potential for damage, its just this example seems to need some root changes).
sudo rpmbuild -ba testspec.spec --define "_topdir /tmp/"
So far it looks to be using the directory I expected, /tmp/rpmbuild
make[2]: Entering directory `/tmp/rpmbuild/BUILD/exim-4.80.1/build-Linux-x86_64/pdkim'
make[2]: `pdkim.a' is up to date.
make[2]: Leaving directory `/tmp/rpmbu
But then I see these errors...
/usr/lib/rpm/brp-compress: line 8: cd: /tmp/BUILDROOT/custom-exim-4.80.1-1.x86_64: No such file or directory
+ /usr/lib/rpm/brp-strip
find: `/tmp/BUILDROOT/custom-exim-4.80.1-1.x86_64': No such file or directory
+ /usr/lib/rpm/brp-strip-static-archive
find: `/tmp/BUILDROOT/custom-exim-4.80.1-1.x86_64': No such file or directory
+ /usr/lib/rpm/brp-strip-comment-note
So it now seems to be looking in /tmp/BUILDROOT
I'm new to rpmbuild, and don't quite understand some of the process.
My test spec file is at...
%define myversion exim-4.80.1
##%define mybase %{getenv:HOME}
%define mybase /tmp
%define _topdir %{mybase}/rpmbuild
%define _tmppath %{mybase}/rpmbuild/tmp
%define name custom-exim
%define release 1
%define version 4.80.1
%define buildroot %{_topdir}/%{name}-%{version}-root
BuildRoot: %{buildroot}
Summary: %{name}
Name: %{name}
Version: %{version}
Release: %{release}
Source0: ftp://exim.noris.de/exim/exim4/old/exim-4.80.1.tar.gz
License: GPLv1+
Group: Language
AutoReq: no
AutoProv: no
Requires: db4-devel pcre-devel libdb-devel libXt-devel libXaw-devel
%description
Custom Exim Build
%prep
#Do the following manually before building rpm
#mkdir -p /tmp/rpmbuild/BUILD /tmp/rpmbuild/SPECS /tmp/rpmbuild/SOURCES /tmp/rpmbuild/BUILDROOT /tmp/rpmbuild/RPMS /tmp/rpmbuild/SRPMS
#wget ftp://exim.noris.de/exim/exim4/old/exim-4.80.1.tar.gz -O /tmp/rpmbuild/SOURCES/exim-4.80.1.tar.gz
%setup -q -n %{myversion}
grep exim /etc/passwd || useradd -c "Exim" -d /var/spool/exim -m -s /bin/bash exim
%build
# exim needs to config changes before compiling, may do these first and repackage
cp %{mybase}/rpmbuild/BUILD/%{myversion}/src/EDITME %{mybase}/rpmbuild/BUILD/%{myversion}/Local/Makefile
cp %{mybase}/rpmbuild/BUILD/%{myversion}/exim_monitor/EDITME %{mybase}/rpmbuild/BUILD/%{myversion}/Local/eximon.conf
sed -i -e 's/EXIM_USER=$/EXIM_USER=exim/g' "%{mybase}/rpmbuild/BUILD/%{myversion}/Local/Makefile"
sed -i -e 's/LOOKUP_DNSDB=yes/#LOOKUP_DNSDB=yes/g' "%{mybase}/rpmbuild/BUILD/%{myversion}/Local/Makefile"
make
%install
rm -rf $RPM_BUILD_ROOT
#%{__mkdir_p} '%{buildroot}%{_sbindir}'
make install
%clean
rm -rf $RPM_BUILD_ROOT
%post
%postun
%files
Why is it using /tmp/BUILDROOT literally, instead of /tmp/rpmbuild, and are there other obvious things I'm doing wrong ? I've looked at a lot of other tutorials on rpmbuild, but aren't very clear on best practices or what happens during each phase.
Since the buildroot parm is not passed to rpmbuild, the default path is being used by your spec file:
BuildRoot: %{buildroot}
Try adding the buildroot parm... Add buildroot /tmp/rpmbuild to --define
Or if using a makefile:
BUILD_TMP=/tmp/rpmbuild
TOP_DIR=/tmp
rpmbuild -bb
--buildroot $(BUILD_TMP)
--topdir $(TOP_DIR)
$(SPEC_DIR)/testspec.spec
In my case rpm-build was missing.
So sudo yum install rpm-build solved the problem. Or if you use puppet:
package { 'rpm-build':
ensure => latest,
}
I am working on making an rpm for a small program used within our enterprise. The %build section of the rpm process works. I'm having trouble with the install section. I've referenced this article response and I believe I am properly referring to the target location with respect to %{_buildroot}.
The program I'm making is to be installed as a system service. So, after the rpm actually is generated for this step, I've got to add the next step in my installation process which is to include the script that is installed to the init.d location and run that install. One step at a time though.
The build errors are as follows (omitting everything but %install):
Executing(%install): /bin/sh -e /var/tmp/rpm-tmp.eUDaCK
+ umask 022
+ cd /home/packager/rpmbuild/BUILD
+ '[' /home/packager/rpmbuild/BUILDROOT/o2arbitord-1.0-1.el6.x86_64 '!=' / ']'
+ rm -rf /home/packager/rpmbuild/BUILDROOT/o2arbitord-1.0-1.el6.x86_64
++ dirname /home/packager/rpmbuild/BUILDROOT/o2arbitord-1.0-1.el6.x86_64
+ mkdir -p /home/packager/rpmbuild/BUILDROOT
+ mkdir /home/packager/rpmbuild/BUILDROOT/o2arbitord-1.0-1.el6.x86_64
+ cd o2arbitord-1.0
+ LANG=C
+ export LANG
+ unset DISPLAY
+ install -m 555 /home/packager/rpmbuild/BUILD/o2arbitord-1.0/o2arbitord /home/packager/rpmbuild/BUILDROOT/o2arbitord-1.0-1.el6.x86_64/usr/sbin
install: cannot create regular file `/home/packager/rpmbuild/BUILDROOT/o2arbitord-1.0-1.el6.x86_64/usr/sbin': No such file or directory
error: Bad exit status from /var/tmp/rpm-tmp.eUDaCK (%install)
Now, my rpmbuild directory does not have the directory /home/packager/rpmbuild/BUILDROOT/o2arbitord-1.0-1.el6.x86_64/usr/sbin. While I know that's part of the problem, the rpmbuild process isn't making the directory /home/packager/rpmbuild/BUILDROOT/o2arbitord-1.0-1.el6.x86_64 either. What I don't understand about that one is: why? Looking at the script output above you can clearly see the line: mkdir /home/packager/rpmbuild/BUILDROOT/o2arbitord-1.0-1.el6.x86_64. So, why isn't the directory made?
How does the line BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) from whatever the definition of %{_buildroot} is? I thought that was the definition, but it appears to be something different.
For reference, my spec file
Name: o2arbitord
Version: 1.0
Release: 1%{?dist}
Summary: a daemon
Group: Applications/System
License: GPL
URL: http://My.site
Source0: %{name}-%{version}.tar.gz
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
BuildArch: x86_64
BuildRequires: libusb1-devel
#Requires:
%description
%prep
%setup -q
%build
make -f o2arbitord.mk
%install
install -m 555 %{_builddir}/%{name}-%{version}/%{name} %{buildroot}%{_sbindir}
%clean
rm -rf %{buildroot}
%files
%defattr(-,root,root,-)
/usr/sbin/o2arbitord
%changelog
You are attempting to install a file into a directory that doesn't exist (yet).
RPM only creates the %{buildroot} for you automatically. Anything under that you need to create yourself.
So when you run
install -m 555 %{_builddir}/%{name}-%{version}/%{name} %{buildroot}%{_sbindir}
where %{buildroot}%{_sbindir} expands to /home/packager/rpmbuild/BUILDROOT/o2arbitord-1.0-1.el6.x86_64/usr/sbin RPM has only created /home/packager/rpmbuild/BUILDROOT/o2arbitord-1.0-1.el6.x86_64 for you already.
You need to create the /usr/sbin part of that path and then copy the file into it.
You can do that with either
%{__mkdir_p} '%{buildroot}%{_sbindir}'
or
%{__install} -d '%{buildroot}%{_sbindir}'
Where
$ rpm -E '__mkdir_p = %{__mkdir_p}'
__mkdir_p = /bin/mkdir -p
$ rpm -E '__install = %{__install}'
__install = /usr/bin/install
It is an odd behaviour seen only on Solaris that when I try to copy a symbolic link with the "cp -R -P" command to some other folder with a different name, it copies the entire directory/file it's pointing to.
For example:
link -> dir
cp -R -P link folder/new_link
I believe the "-d" argument is what you need.
As per the cp man page:
-d same as --no-dereference --preserve=link
Example:
cp -d -R -P link folder/new_link
I was using "cp -d" and that worked for me.
The cp man page seems to say that you want to use an '-H' to preserve symlinks within the source directory.
You might consider copying via tar, like tar -cf - srcdir|(cd somedir;tar -xf -)
Try using cpio (with the -p (pass) option) or the old tar in a pipe trick.