diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-3.0.0-r4.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-3.0.0-r5.ebuild similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-3.0.0-r4.ebuild rename to sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-3.0.0-r5.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-9999.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-9999.ebuild index 35d360c530..ff9ed108b5 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-9999.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-9999.ebuild @@ -13,7 +13,7 @@ else KEYWORDS="amd64 arm x86" fi -inherit cros-workon cros-tmpfiles eutils multilib +inherit cros-workon cros-tmpfiles eutils multilib systemd DESCRIPTION="Filesystem baselayout for CoreOS" HOMEPAGE="http://www.coreos.com/" @@ -85,6 +85,19 @@ pkg_setup() { fi } +src_compile() { + default + + # generate a tmpfiles.d config to cover our /usr symlinks + if use symlink-usr; then + local tmpfiles="${T}/baselayout-usr.conf" + echo -n > ${tmpfiles} || die + for sym in "${!USR_SYMS[@]}" ; do + echo "L ${sym} - - - - ${USR_SYMS[$sym]}" >> ${tmpfiles} + done + fi +} + src_install() { # lib symlinks must be in place before make install dodir "${BASE_DIRS[@]}" @@ -100,20 +113,8 @@ src_install() { emake DESTDIR="${D}" install - # generate a tmpfiles.d config to cover our /usr symlinks if use symlink-usr; then - local tmpfiles=${D}/usr/lib/tmpfiles.d/baselayout-usr.conf - echo -n > ${tmpfiles} || die - for sym in "${!USR_SYMS[@]}" ; do - echo "L ${sym} - - - - ${USR_SYMS[$sym]}" >> ${tmpfiles} - done - fi - - if ! use cros_host; then - # Docker parses /etc/group directly :( - local docker_grp=$(grep "^docker:" "${D}"/usr/share/baselayout/group) - echo "f /etc/group - - - - ${docker_grp}" > \ - "${D}"/usr/lib/tmpfiles.d/baselayout-docker.conf || die + systemd_dotmpfilesd "${T}/baselayout-usr.conf" fi # Fill in all other paths defined in tmpfiles configs @@ -164,5 +165,11 @@ src_install() { > "${D}"/etc/shadow || die chmod 640 "${D}"/etc/shadow || die fi + + # Initialize /etc/passwd, group, and friends on boot. + bash "${FILESDIR}/coreos-tmpfiles" "${D}" || die + dosbin "${FILESDIR}/coreos-tmpfiles" + systemd_dounit "${FILESDIR}/coreos-tmpfiles.service" + systemd_enable_service sysinit.target coreos-tmpfiles.service fi } diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/files/coreos-tmpfiles b/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/files/coreos-tmpfiles new file mode 100644 index 0000000000..4d7d80ba1a --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/files/coreos-tmpfiles @@ -0,0 +1,26 @@ +#!/bin/bash +# systemd-tmpfiles doesn't support skipping writing to files that already exist +# - copy the docker group to /etc because docker reads /etc/group directly +# - copy the core user to /etc so the passwd utility works correctly + +# Inherit root from environment or command line +ROOT="${1:-$ROOT}" +BASE="${ROOT}/usr/share/baselayout" + +# readable files +umask 022 +if [[ ! -e "${ROOT}/etc/passwd" ]]; then + grep "^core:" "${BASE}/passwd" > "${ROOT}/etc/passwd" +fi +if [[ ! -e "${ROOT}/etc/group" ]]; then + grep "^docker:" "${BASE}/group" > "${ROOT}/etc/group" +fi + +# secure files +umask 027 +if [[ ! -e "${ROOT}/etc/shadow" ]]; then + grep "^core:" "${BASE}/shadow" > "${ROOT}/etc/shadow" +fi +if [[ ! -e "${ROOT}/etc/gshadow" ]]; then + grep "^docker:" "${BASE}/gshadow" > "${ROOT}/etc/gshadow" +fi diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/files/coreos-tmpfiles.service b/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/files/coreos-tmpfiles.service new file mode 100644 index 0000000000..2cc4eff825 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/files/coreos-tmpfiles.service @@ -0,0 +1,10 @@ +[Unit] +Description=Create missing system files +DefaultDependencies=no +After=local-fs.target +Before=sysinit.target +ConditionPathIsReadWrite=/etc + +[Service] +Type=oneshot +ExecStart=/usr/sbin/coreos-tmpfiles