[systemd-devel] systemd-firstboot skip root password initialisation if /etc/shadow is present

Francis Moreau francis.moro at gmail.com
Tue Sep 22 05:45:56 PDT 2015


On Tue, Sep 22, 2015 at 2:35 PM, David Herrmann <dh.herrmann at gmail.com> wrote:
> Hi
>
> On Tue, Sep 22, 2015 at 2:26 PM, Francis Moreau <francis.moro at gmail.com> wrote:
>> On Tue, Sep 22, 2015 at 12:19 PM, David Herrmann <dh.herrmann at gmail.com> wrote:
>>> On Tue, Sep 22, 2015 at 11:59 AM, Francis Moreau <francis.moro at gmail.com> wrote:
>> [...]
>>>>
>>>> Well during package installation done by the installer, some packages,
>>>> usually the ones that installs daemons/services, populates
>>>> /etc/shadow.
>>>>
>>>> On Archlinux, after creating a minimal rootfs, shadow file is containing:
>>>>
>>>> bin:x:14871::::::
>>>> daemon:x:14871::::::
>>>> mail:x:14871::::::
>>>> ftp:x:14871::::::
>>>> http:x:14871::::::
>>>> uuidd:x:14871::::::
>>>> dbus:x:14871::::::
>>>> nobody:x:14871::::::
>>>> systemd-journal-gateway:x:14871::::::
>>>> systemd-timesync:x:14871::::::
>>>> systemd-network:x:14871::::::
>>>> systemd-bus-proxy:x:14871::::::
>>>
>>> Then "fix" the installer? These entries look like no-ops to me. We
>>> assume that if the installer touches /etc, then it can as well prompt
>>> for a root-password. If you want to make use of firstboot, we
>>> recommend to adopt an "empty /etc" installer.
>>
>> That's not about the installer, it's about packages and I suspect that
>> very few are ready to run without /etc.
>
> Ok, then fix those packages.
>
>> And then if it's really the case, I think the man page of
>> systemd-firstboot should be fixed because it never mentions the words
>> "stateless" or "empty", which is quite fundamental in the design of
>> firstboot then.
>>
>>>
>>> If we support looking for "root" in shadow files and prompt if
>>> non-present, we start supporting legacy setups where /etc is
>>> half-populated. We don't want that. Either go full legacy and make
>>> your installer prompt for everything, or go "empty /etc" and firstboot
>>> will take over.
>>>
>>
>> What you're calling legacy systems are actually *all* systems
>> available out there: I don't think there's a actually a lot of
>> packages which are prepared to do that.
>
> We fix the packages we care about. I encourage everyone to do the
> same. All upstream systemd can do is provide a guideline.
>
>>>>>
>>>>>> BTW, I don't know if recovering when /etc/ has been deleted is
>>>>>> possible even if systemd-firstboot will restore a couple of conf
>>>>>> files...
>>>>>
>>>>> Depending on your distribution, it is.
>>>>
>>>> Just out of curiosity, which distros are supposed to support that ?
>>>
>>> I can trash /etc on Archlinux and boot it as a container just fine. It
>>> doesn't work as a full system, yet.
>>
>> Sure but what's your point ? your container is running no service at
>> all, so it's pretty useless.
>
> Why? You can store static configuration in /usr just fine. The point
> is to get rid of _runtime_ configuration in /etc that can be modified.

You mean here put runtime configuration in /etc. don't you ?

> Instead, you should ship vendor configuration via /usr (or
> /usr/factory if packages are broken), and make it *read-only*.
>

The condition to run systemd-firstboot.service is
ConditionFirstBoot=yes which means /etc/machine-id should not exist.
But that's different from /etc/ should be empty.

Also the man page doesnt mention the need of an emtpy /etc or a
stateless system.

I can understand your point of systemd-firstboot is for stateless
systems, but again this should be documented.

Thanks.
-- 
Francis


More information about the systemd-devel mailing list