particle-os/debian-forge
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

stage/ostree.passwd: also merge /etc/sub{u,g}id

Browse source 
When merging user and group database from individual commits also merge
the corresponding /etc/sub{u,g}id database. These are created when the
users are added via `useradd` and thus also need to be imported with
the corresponding users.
This commit is contained in:
Christian Kellner 2022-04-27 21:33:53 +02:00 committed by Tom Gundersen
parent 1e4507c3d6
commit 061c2012ed
1 changed files with 26 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

27
stages/org.osbuild.ostree.passwd
View file

@ -12,13 +12,14 @@ files before any RPMs (or other packages) are installed will prevent changes
in UIDs and GIDs.
"""
import contextlib
import os
import sys
import subprocess
import osbuild.api
from osbuild.util.ostree import PasswdLike
from osbuild.util.ostree import PasswdLike, SubIdsDB
SCHEMA_2 = """
@ -39,6 +40,10 @@ SCHEMA_2 = """
"""
SUBUID_PATH = "etc/subuid"
SUBGID_PATH = "etc/subgid"
def ostree(*args, _input=None, **kwargs):
args = list(args) + [f'--{k}={v}' for k, v in kwargs.items()]
print("ostree " + " ".join(args), file=sys.stderr)
@ -64,6 +69,10 @@ def main(tree, inputs, _options):
source_root, refs = parse_input(inputs)
os.makedirs(os.path.join(tree, "etc"), exist_ok=True)
subuids = SubIdsDB()
subgids = SubIdsDB()
# Only once ref (commit) is currently supported, so this loop will run exactly once
for commit, data in refs.items():
ref = data.get("path", commit).lstrip("/")
@ -83,6 +92,22 @@ def main(tree, inputs, _options):
passwd.merge_with_file(os.path.join(checkout_root, "usr/lib/group"), allow_missing_file=False)
passwd.dump_to_file(os.path.join(tree, "etc/group"))
# Merge /etc/sub{g,u}id with /etc/sub{g,u}id from the checkout and store it in the buildroot
with contextlib.suppress(FileNotFoundError):
subuids.read_from(os.path.join(checkout_root, SUBUID_PATH))
with contextlib.suppress(FileNotFoundError):
subgids.read_from(os.path.join(checkout_root, SUBGID_PATH))
# If we have entries in the subordinate id files, write them to the tree
if subuids:
subuids.write_to(os.path.join(tree, SUBUID_PATH))
if subgids:
subgids.write_to(os.path.join(tree, SUBGID_PATH))
return 0
if __name__ == '__main__':
stage_args = osbuild.api.arguments()