[systemd-devel] systemd in initramfs: /etc/passwd, /etc/group, emergency.service and sulogin
Lennart Poettering
lennart at poettering.net
Mon Oct 27 07:57:11 PDT 2014
On Sat, 25.10.14 00:52, Ivan Shapovalov (intelfx100 at gmail.com) wrote:
> Hi,
>
> A few questions regarding usage of systemd+udev in initramfs. Before all,
> this is what I want to achieve (to prevent XY-problems): working
> emergency.service in initramfs.
>
> The questions are a bit Arch-specific and possibly lame, but well...
>
> - is /etc/passwd still[1] needed in initramfs due to libdbus1?
Hmm, good question.
I think for the simpler cases /etc/passwd could be empty now. However,
as soon as networkd is thrown into the mix we really want the
"systemd-network" user around, so that networkd can drop privs, which
it really should do a network-facing daemon that it is.
> - how to pass '--resolve-names=never' to udevd in initramfs, will it work this
> way and will it allow to exclude /etc/group[2] from initramfs?
You should be able to pass it in the systemd-udevd.service unit file
you ship in the unit file. I think doing this should be OK, but I
figure you have to try. That all said, due to the "systemd-network"
user I am not convinced that a /etc/passwd-less initrd is really
useful for more than the simplest cases.
> - is it possible to use 'sulogin -e' instead of 'sulogin'[3]
> security-wise?
Sure, just override the upstream unit files in question. That said, I
am a bit afraid of making this change upstream...
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list