[elbe-devel] passwd and group files on a busybox system

Ralf Schlatterbeck rsc at runtux.com
Sun Nov 6 15:50:28 CET 2016 

I'm currently developing an elbe image for a i.mx28 embedded arm
platform. Elbe-Log is attached.

My question(s):
The group and passwd files installed by the base-passwd package never
make it into /etc. So my current workaround installs static /etc/passwd
and /etc/group files via the archive mechanism. This is a fragile
solution.  So far I've figured out that the group file misses the
following lines:

  crontab:*:107:
  netdev:*:108:
  ntp:x:109:
  ssh:x:110:

  and /etc/passwd misses the following:

  ntp:x:104:109::/home/ntp:/usr/sbin/nologin
  sshd:x:105:65534::/var/run/sshd:/usr/sbin/nologin

With "missing" I mean that I have installed some packages that
dynamically install new users and groups into the system. These should
end up in the passwd and group files, especially since the uids and gids
assigned depend on the installation order (or on additional packages
being installed). I've reverse-engineered the lines above from the
permissions/ownership of installed files in the resulting image.

Note that I've started with a minimal busybox install and have added
packages that I need on the target system. So I probably miss some
package that makes the necessary magic for creating and correctly
updating /etc/passwd and /etc/group work.

So my guess is that creating the busybox links in finetuning is way too
late to allow the usual debian install-magic to work. Any advice how to
create these links earlier in the build process? Or should I install at
least a shell (dash) to make this work? I don't want to install a
full set of command-line tools due to space constraints.

Any advice how I can at least obtain the uids/gids assigned by the debian
package installer to create correct passwd/group files? Or better yet,
make the necessary install-magic work to create these files correctly?

Also note that I tried to convert to shadow passwords in finetuning by
calling pwconv which only creates a .lock file and seems to die without
an error message. Same when I call it later by hand.

The passwd stanza in the target section in the xml file seems to do
nothing (I guess this should generate the root password in /etc/passwd?)
Is there a way to specify the *encrypted* password that should go into
/etc/passwd? I really don't want to have a plaintext password in my
version control system... (I guess I can do that with a sed script
during finetuning but a built-in mechanism would be nicer)

I'm attaching my .xml config *without* an added archive. The archive
contains a install_bb.sh script (attached), an inittab for busybox and
some config-files that are not relevant to the question at hand.
I'll gladly provide a logfile on request.

Ralf
-- 
Dr. Ralf Schlatterbeck                  Tel:   +43/2243/26465-16
Open Source Consulting                  www:   http://www.runtux.com
Reichergasse 131, A-3411 Weidling       email: office at runtux.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: elbeconfig.xml
Type: application/xml
Size: 6880 bytes
Desc: not available
URL: <http://lists.linutronix.de/pipermail/elbe-devel/attachments/20161106/b7b49431/attachment.xml>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: install_bb.sh
Type: application/x-sh
Size: 976 bytes
Desc: not available
URL: <http://lists.linutronix.de/pipermail/elbe-devel/attachments/20161106/b7b49431/attachment.sh>

More information about the elbe-devel mailing list