diff options
-rw-r--r-- | abs/core/filesystem/PKGBUILD | 71 | ||||
-rw-r--r-- | abs/core/filesystem/crypttab | 12 | ||||
-rw-r--r-- | abs/core/filesystem/filesystem.install | 34 | ||||
-rw-r--r-- | abs/core/filesystem/group | 7 | ||||
-rw-r--r-- | abs/core/filesystem/gshadow | 9 | ||||
-rw-r--r-- | abs/core/filesystem/locale.sh | 22 | ||||
-rw-r--r-- | abs/core/filesystem/passwd | 21 | ||||
-rw-r--r-- | abs/core/filesystem/shadow | 5 |
8 files changed, 124 insertions, 57 deletions
diff --git a/abs/core/filesystem/PKGBUILD b/abs/core/filesystem/PKGBUILD index 7b0ca08..0dec23d 100644 --- a/abs/core/filesystem/PKGBUILD +++ b/abs/core/filesystem/PKGBUILD @@ -1,9 +1,9 @@ -# $Id: PKGBUILD 187026 2013-06-03 11:15:07Z allan $ +# $Id$ # Maintainer: Tom Gundersen <teg@jklm.no> pkgname=filesystem -pkgver=2013.05 -pkgrel=4 +pkgver=2015.02 +pkgrel=1 pkgdesc='Base filesystem' arch=('i686' 'x86_64') license=('GPL') @@ -20,8 +20,36 @@ source=('group' 'issue' 'nsswitch.conf' 'securetty' 'host.conf' 'ld.so.conf' 'shells' 'gshadow' 'profile' 'modprobe.d.usb-load-ehci-first' 'archlinux.7.txt' 'locale.sh') +lint() { + # ensure that passwd is sync'd to shadow and group is sync'd to gshadow. + local r=0 + + local passwd shadow group gshadow + + for f in passwd shadow group gshadow; do + mapfile -t "$f" < <(cut -d: -f1 "$f" | sort) + done + + # we can cheat and do simple string comparison only because we can make some + # assumptions about the data in these files + if [[ ${passwd[*]} != "${shadow[*]}" ]]; then + error 'passwd is not in sync with shadow!' + r=1 + fi + + if [[ ${group[*]} != "${gshadow[*]}" ]]; then + error 'group is not in sync with gshadow!' + r=1 + fi + + return $r +} + build() { cd ${srcdir} + + lint + a2x -d manpage -f manpage archlinux.7.txt } @@ -43,7 +71,7 @@ package() { # setup /etc install -d etc/{ld.so.conf.d,skel,profile.d} - for f in fstab group host.conf hosts issue ld.so.conf motd nsswitch.conf os-release passwd resolv.conf securetty shells profile; do + for f in fstab group host.conf hosts issue ld.so.conf motd nsswitch.conf passwd resolv.conf securetty shells profile; do install -m644 ${srcdir}/${f} etc/ done ln -s /proc/self/mounts etc/mtab @@ -53,9 +81,10 @@ package() { touch etc/arch-release install -D -m644 ${srcdir}/modprobe.d.usb-load-ehci-first usr/lib/modprobe.d/usb-load-ehci-first.conf install -m755 ${srcdir}/locale.sh etc/profile.d/locale.sh + install -Dm644 "$srcdir"/os-release "$pkgdir"/usr/lib/os-release # setup /var - for d in cache/man local opt log/old lib/misc empty; do + for d in cache local opt log/old lib/misc empty; do install -d -m755 var/${d} done install -d -m1777 var/{tmp,spool/mail} @@ -65,9 +94,9 @@ package() { ln -s ../run var/run ln -s ../run/lock var/lock - - #setup /usr hierarchy - + # + # setup /usr hierarchy + # for d in bin include lib share/misc src; do install -d -m755 usr/${d} done @@ -79,17 +108,17 @@ package() { # add lib symlinks # ln -s usr/lib ${pkgdir}/lib - [[ ${CARCH} = "x86_64" ]] && ( + [[ ${CARCH} = "x86_64" ]] && ( ln -s usr/lib ${pkgdir}/lib64 ln -s lib ${pkgdir}/usr/lib64 ) -# # -# # add bin symlinks -# # - ln -s usr/bin ${pkgdir}/bin - ln -s usr/bin ${pkgdir}/sbin - ln -s bin ${pkgdir}/usr/sbin + # + # add bin symlinks + # + ln -s usr/bin ${pkgdir}/bin + ln -s usr/bin ${pkgdir}/sbin + ln -s bin ${pkgdir}/usr/sbin # # install archlinux(7) manpage @@ -104,23 +133,23 @@ package() { done ln -s ../man usr/local/share/man } -md5sums=('7b8e40f8f793e60f471511641bb1c9f2' +md5sums=('4d7417d2bf8872665c0907f09ae37c34' '7813c481156f6b280a3ba91fc6236368' '9e4533df61f0c82d6b2e2371f7376282' '4c4540eeb748bf1f71d631b8c1dcf0b3' 'f28150d4c0b22a017be51b9f7f9977ed' '6e488ffecc8ba142c0cf7e2d7aeb832e' - '1cfd310dff0804a7d21958487c32a3b1' - '2ef2429c2c98d0883906aa6f5363be80' + 'a998d1e6c7cc5791a7f4a2b49b2d10ce' + '1ec1b16e2a71fad63ab8f147069a5d97' '693c97f2c9a519bb97a17008e92c2b74' - '1745349eb24ed21b4cfaa6f423bddb76' + 'f0a5071f50d8864d2810c44e23eb00cc' '7bc65f234dfb6abf24e7c3b03e86f4ff' 'd41d8cd98f00b204e9800998ecf8427e' '3d96b9f0f4ea7b583261682a20283c46' '6f48288b6fcaf0065fcb7b0e525413e0' '22518e922891f9359f971f4f5b4e793c' - 'f45389e116ab0b9e9968287617d27c7d' + '69e460404f45bdb7288d1de662e56dd9' '0b6f835598c7640184e476057b3c7722' 'a8a962370cd0128465d514e6a1f74130' '2e193c4a37245f2323ebe87f1a673563' - '3807d07215d9116331fe1cf8feeaa0f8') + '71ed98c52e11ada1f936ac8cb14eecd9') diff --git a/abs/core/filesystem/crypttab b/abs/core/filesystem/crypttab index 195945a..087d09e 100644 --- a/abs/core/filesystem/crypttab +++ b/abs/core/filesystem/crypttab @@ -9,9 +9,9 @@ # NOTE: Do not list your root (/) partition here, it must be set up # beforehand by the initramfs (/etc/mkinitcpio.conf). -# <name> <device> <password> <options> -# home /dev/hda4 /etc/mypassword1 -# data1 /dev/hda3 /etc/mypassword2 -# data2 /dev/hda5 /etc/cryptfs.key -# swap /dev/hdx4 /dev/urandom swap,cipher=aes-cbc-essiv:sha256,size=256 -# vol /dev/hdb7 none +# <name> <device> <password> <options> +# home UUID=b8ad5c18-f445-495d-9095-c9ec4f9d2f37 /etc/mypassword1 +# data1 /dev/sda3 /etc/mypassword2 +# data2 /dev/sda5 /etc/cryptfs.key +# swap /dev/sdx4 /dev/urandom swap,cipher=aes-cbc-essiv:sha256,size=256 +# vol /dev/sdb7 none diff --git a/abs/core/filesystem/filesystem.install b/abs/core/filesystem/filesystem.install index c043744..9793ad2 100644 --- a/abs/core/filesystem/filesystem.install +++ b/abs/core/filesystem/filesystem.install @@ -1,14 +1,14 @@ # args: <group> [options] _addgroup() { - if ! getent group "$1" >/dev/null; then - groupadd "$@" >/dev/null + if ! getent group "$1" >/dev/null && groupadd "$@" >/dev/null; then + need_group_update=1 fi } # args: <group> [options] _adduser() { - if ! getent passwd "$1" >/dev/null; then - useradd "$@" >/dev/null + if ! getent passwd "$1" >/dev/null && useradd "$@" >/dev/null; then + need_passwd_update=1 fi } @@ -24,22 +24,38 @@ post_upgrade() { _addgroup network -g 90 _addgroup games -g 50 _addgroup uucp -g 14 + _addgroup proc -g 26 _addgroup http -g 33 - _adduser http -u 33 -d /srv/http -g http -s /bin/false + _adduser http -u 33 -d /srv/http -g http -s /usr/bin/nologin _addgroup scanner -g 96 _addgroup rfkill -g 24 _addgroup lock -g 54 _addgroup uuidd -g 68 - _adduser uuidd -u 68 -d / -g uuidd -s /sbin/nologin + _adduser uuidd -u 68 -d / -g uuidd -s /usr/bin/nologin _addgroup dbus -g 81 - _adduser dbus -u 81 -d / -g dbus -s /sbin/nologin + _adduser dbus -u 81 -d / -g dbus -s /usr/bin/nologin + _addgroup input -g 97 _addgroup systemd-journal -g 190 + _addgroup systemd-journal-gateway -g 191 + _adduser systemd-journal-gateway -u 191 -g 191 -d / -s /usr/bin/nologin + _addgroup systemd-timesync -g 192 + _adduser systemd-timesync -u 192 -g 192 -d / -s /usr/bin/nologin + _addgroup systemd-network -g 193 + _adduser systemd-network -u 193 -g 193 -d / -s /usr/bin/nologin + _addgroup systemd-bus-proxy -g 194 + _adduser systemd-bus-proxy -u 194 -g 194 -d / -s /usr/bin/nologin + _addgroup systemd-resolve -g 195 + _adduser systemd-resolve -u 195 -g 195 -d / -s /usr/bin/nologin - # sync gshadow to group (fixes FS#19869) - if ! grep -q '^lock:' etc/gshadow; then + # update shadow files if needed + if (( need_group_update )); then grpconv >/dev/null fi + if (( need_passwd_update )); then + pwconv >/dev/null + fi + if ! grep -q '^include /etc/ld.so.conf.d/\*.conf$' etc/ld.so.conf; then echo 'include /etc/ld.so.conf.d/*.conf' >> etc/ld.so.conf fi diff --git a/abs/core/filesystem/group b/abs/core/filesystem/group index 6c91b29..f922ead 100644 --- a/abs/core/filesystem/group +++ b/abs/core/filesystem/group @@ -17,6 +17,7 @@ utmp:x:20: locate:x:21: rfkill:x:24: smmsp:x:25: +proc:x:26: http:x:33: games:x:50: lock:x:54: @@ -29,7 +30,13 @@ optical:x:93: floppy:x:94: storage:x:95: scanner:x:96: +input:x:97: power:x:98: nobody:x:99: users:x:100: systemd-journal:x:190: +systemd-journal-gateway:x:191: +systemd-timesync:x:192: +systemd-network:x:193: +systemd-bus-proxy:x:194: +systemd-resolve:x:195: diff --git a/abs/core/filesystem/gshadow b/abs/core/filesystem/gshadow index fb475bf..b89cf77 100644 --- a/abs/core/filesystem/gshadow +++ b/abs/core/filesystem/gshadow @@ -17,6 +17,7 @@ utmp:x:: locate::: rfkill:x:: smmsp::: +proc::: http::: games::: lock::: @@ -29,7 +30,13 @@ optical::: floppy:x:: storage:x:: scanner:x:: +input:x:: power:x:: nobody::: users::: -systemd-journal:x:: +systemd-journal::: +systemd-journal-gateway::: +systemd-timesync::: +systemd-network::: +systemd-bus-proxy::: +systemd-resolve::: diff --git a/abs/core/filesystem/locale.sh b/abs/core/filesystem/locale.sh index 5fd4174..11b7dc9 100644 --- a/abs/core/filesystem/locale.sh +++ b/abs/core/filesystem/locale.sh @@ -1,19 +1,17 @@ #!/bin/sh -unset LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES \ - LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT LC_IDENTIFICATION - -if [ -n "$XDG_CONFIG_HOME" ] && [ -r "$XDG_CONFIG_HOME/locale.conf" ]; then - . "$XDG_CONFIG_HOME/locale.conf" -elif [ -n $HOME ] && [ -r $HOME/.config/locale.conf ]; then - . "$HOME/.config/locale.conf" -elif [ -r /etc/locale.conf ]; then - . /etc/locale.conf -elif [ -r /etc/rc.conf ]; then - LANG=$(. /etc/rc.conf 2>/dev/null; echo "$LOCALE") +if [ -z "$LANG" ]; then + if [ -n "$XDG_CONFIG_HOME" ] && [ -r "$XDG_CONFIG_HOME/locale.conf" ]; then + . "$XDG_CONFIG_HOME/locale.conf" + elif [ -n "$HOME" ] && [ -r "$HOME/.config/locale.conf" ]; then + . "$HOME/.config/locale.conf" + elif [ -r /etc/locale.conf ]; then + . /etc/locale.conf + fi fi -export LANG="${LANG:-C}" +LANG=${LANG:-C} +export LANG [ -n "$LC_CTYPE" ] && export LC_CTYPE [ -n "$LC_NUMERIC" ] && export LC_NUMERIC [ -n "$LC_TIME" ] && export LC_TIME diff --git a/abs/core/filesystem/passwd b/abs/core/filesystem/passwd index 671fc48..b3e79eb 100644 --- a/abs/core/filesystem/passwd +++ b/abs/core/filesystem/passwd @@ -1,9 +1,14 @@ root:x:0:0:root:/root:/bin/bash -bin:x:1:1:bin:/bin:/bin/false -daemon:x:2:2:daemon:/sbin:/bin/false -mail:x:8:12:mail:/var/spool/mail:/bin/false -ftp:x:14:11:ftp:/srv/ftp:/bin/false -http:x:33:33:http:/srv/http:/bin/false -uuidd:x:68:68:uuidd:/:/sbin/nologin -dbus:x:81:81:dbus:/:/sbin/nologin -nobody:x:99:99:nobody:/:/bin/false +bin:x:1:1:bin:/bin:/usr/bin/nologin +daemon:x:2:2:daemon:/:/usr/bin/nologin +mail:x:8:12:mail:/var/spool/mail:/usr/bin/nologin +ftp:x:14:11:ftp:/srv/ftp:/usr/bin/nologin +http:x:33:33:http:/srv/http:/usr/bin/nologin +uuidd:x:68:68:uuidd:/:/usr/bin/nologin +dbus:x:81:81:dbus:/:/usr/bin/nologin +nobody:x:99:99:nobody:/:/usr/bin/nologin +systemd-journal-gateway:x:191:191:systemd-journal-gateway:/:/usr/bin/nologin +systemd-timesync:x:192:192:systemd-timesync:/:/usr/bin/nologin +systemd-network:x:193:193:systemd-network:/:/usr/bin/nologin +systemd-bus-proxy:x:194:194:systemd-bus-proxy:/:/usr/bin/nologin +systemd-resolve:x:195:195:systemd-resolve:/:/usr/bin/nologin diff --git a/abs/core/filesystem/shadow b/abs/core/filesystem/shadow index 39ebb13..4c6e3d1 100644 --- a/abs/core/filesystem/shadow +++ b/abs/core/filesystem/shadow @@ -7,3 +7,8 @@ http:x:14871:::::: uuidd:x:14871:::::: dbus:x:14871:::::: nobody:x:14871:::::: +systemd-journal-gateway:x:14871:::::: +systemd-timesync:x:14871:::::: +systemd-network:x:14871:::::: +systemd-bus-proxy:x:14871:::::: +systemd-resolve:x:14871:::::: |