[PATCH 1/5] host/rootfs: make passwd and group links into /run
This will allow us to give shadow's useradd /run as a prefix, and have it be able to add users at runtime. Signed-off-by: Alyssa Ross <hi@alyssa.is> --- host/rootfs/file-list.mk | 6 ++++-- host/rootfs/image/etc/group | 16 +--------------- host/rootfs/image/etc/passwd | 2 +- .../etc/{ => s6-linux-init/run-image/etc}/group | 0 .../run-image/etc}/group.license | 0 .../etc/{ => s6-linux-init/run-image/etc}/passwd | 0 .../run-image/etc}/passwd.license | 0 7 files changed, 6 insertions(+), 18 deletions(-) mode change 100644 => 120000 host/rootfs/image/etc/group mode change 100644 => 120000 host/rootfs/image/etc/passwd copy host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/group (100%) rename host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/group.license (100%) copy host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/passwd (100%) rename host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/passwd.license (100%) diff --git a/host/rootfs/file-list.mk b/host/rootfs/file-list.mk index df22bce..6ab78e6 100644 --- a/host/rootfs/file-list.mk +++ b/host/rootfs/file-list.mk @@ -4,13 +4,13 @@ FILES = \ image/etc/fonts/fonts.conf \ image/etc/fstab \ - image/etc/group \ image/etc/init \ image/etc/login \ image/etc/parse-devname \ - image/etc/passwd \ image/etc/s6-linux-init/env/WAYLAND_DISPLAY \ image/etc/s6-linux-init/env/XDG_RUNTIME_DIR \ + image/etc/s6-linux-init/run-image/etc/group \ + image/etc/s6-linux-init/run-image/etc/passwd \ image/etc/s6-linux-init/run-image/service/getty-tty1/run \ image/etc/s6-linux-init/run-image/service/getty-tty2/run \ image/etc/s6-linux-init/run-image/service/getty-tty3/run \ @@ -68,6 +68,8 @@ FILES = \ LINKS = \ image/bin \ + image/etc/group \ + image/etc/passwd \ image/etc/s6-linux-init/run-image/opengl-driver \ image/etc/s6-linux-init/run-image/service/vmm/template/run \ image/lib \ diff --git a/host/rootfs/image/etc/group b/host/rootfs/image/etc/group deleted file mode 100644 index e3ade46..0000000 --- a/host/rootfs/image/etc/group +++ /dev/null @@ -1,15 +0,0 @@ -root:x:0:root -clock:x:1: -dialout:x:2: -kmem:x:3: -input:x:4: -tty:x:5: -video:x:6: -render:x:7: -sgx:x:8: -audio:x:9: -lp:x:10: -disk:x:11: -cdrom:x:12: -tape:x:13: -kvm:x:14: diff --git a/host/rootfs/image/etc/group b/host/rootfs/image/etc/group new file mode 120000 index 0000000..a9b248e --- /dev/null +++ b/host/rootfs/image/etc/group @@ -0,0 +1 @@ +/run/etc/group \ No newline at end of file diff --git a/host/rootfs/image/etc/passwd b/host/rootfs/image/etc/passwd deleted file mode 100644 index 29f3b25..0000000 --- a/host/rootfs/image/etc/passwd +++ /dev/null @@ -1 +0,0 @@ -root:x:0:0:System administrator:/:/bin/sh diff --git a/host/rootfs/image/etc/passwd b/host/rootfs/image/etc/passwd new file mode 120000 index 0000000..889bb76 --- /dev/null +++ b/host/rootfs/image/etc/passwd @@ -0,0 +1 @@ +/run/etc/passwd \ No newline at end of file diff --git a/host/rootfs/image/etc/group b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group similarity index 100% copy from host/rootfs/image/etc/group copy to host/rootfs/image/etc/s6-linux-init/run-image/etc/group diff --git a/host/rootfs/image/etc/group.license b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group.license similarity index 100% rename from host/rootfs/image/etc/group.license rename to host/rootfs/image/etc/s6-linux-init/run-image/etc/group.license diff --git a/host/rootfs/image/etc/passwd b/host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd similarity index 100% copy from host/rootfs/image/etc/passwd copy to host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd diff --git a/host/rootfs/image/etc/passwd.license b/host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd.license similarity index 100% rename from host/rootfs/image/etc/passwd.license rename to host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd.license base-commit: d0efa283216ebc503b4b715c051518ae7dbd8409 -- 2.51.0
Busybox's adduser is hardcoded to operate on /etc/passwd and create /etc/passwd+ as a temporary file, which won't work for us with read-only /. Shadow's useradd supports specifying a prefix, so it will be able to operate on /run/etc/passwd and create sibling temporary files. This will let us create new users at runtime. Signed-off-by: Alyssa Ross <hi@alyssa.is> --- host/rootfs/busybox-config | 3 +++ host/rootfs/default.nix | 11 ++++++++--- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/host/rootfs/busybox-config b/host/rootfs/busybox-config index f2fd5fc..1868773 100644 --- a/host/rootfs/busybox-config +++ b/host/rootfs/busybox-config @@ -11,6 +11,7 @@ CONFIG_CHATTR n CONFIG_CHCPU n CONFIG_CHMEM n CONFIG_CHOOM n +CONFIG_CHPASSWD n CONFIG_CHRT n CONFIG_COLCRT n CONFIG_COLRM n @@ -57,6 +58,7 @@ CONFIG_LDATTACH n CONFIG_LINUX32 n CONFIG_LINUX64 n CONFIG_LOGGER n +CONFIG_LOGIN n CONFIG_LOOK n CONFIG_LOSETUP n CONFIG_LSATTR n @@ -88,6 +90,7 @@ CONFIG_NAMEI n CONFIG_NOLOGIN n CONFIG_NSENTER n CONFIG_PARTX n +CONFIG_PASSWD n CONFIG_PIPESZ n CONFIG_PIVOT_ROOT n CONFIG_POWEROFF n diff --git a/host/rootfs/default.nix b/host/rootfs/default.nix index abdd8b2..d86d8cc 100644 --- a/host/rootfs/default.nix +++ b/host/rootfs/default.nix @@ -13,7 +13,7 @@ pkgsMusl.callPackage ( , btrfs-progs, bubblewrap, busybox, cloud-hypervisor, cosmic-files , crosvm, cryptsetup, dejavu_fonts, dbus, execline, foot, fuse3 , iproute2, inotify-tools, jq, kmod, mdevd, mesa, mount-flatpak, s6 -, s6-linux-init, socat, systemd, util-linuxMinimal, virtiofsd +, s6-linux-init, shadow, socat, systemd, util-linuxMinimal, virtiofsd , westonLite, xdg-desktop-portal, xdg-desktop-portal-gtk , xdg-desktop-portal-spectrum-host }: @@ -27,8 +27,8 @@ let packages = [ btrfs-progs bubblewrap cloud-hypervisor cosmic-files crosvm cryptsetup dbus execline fuse3 inotify-tools iproute2 jq kmod mdevd mount-flatpak s6 - s6-linux-init s6-rc socat spectrum-host-tools spectrum-router - util-linuxMinimal virtiofsd xdg-desktop-portal-spectrum-host + s6-linux-init s6-rc shadow socat spectrum-host-tools spectrum-router + virtiofsd xdg-desktop-portal-spectrum-host (foot.override { allowPgo = false; }) @@ -36,6 +36,11 @@ let # Use a separate file as it is a bit too big. extraConfig = builtins.readFile ./busybox-config; }) + + (util-linuxMinimal.overrideAttrs ({ configureFlags ? [], ... }: { + # Conflicts with shadow. + configureFlags = configureFlags ++ [ "--disable-nologin" ]; + })) ]; nixosAllHardware = nixos ({ modulesPath, ... }: { -- 2.51.0
XDG_RUNTIME_DIR doesn't play well with running the compositor as a different user to clients. Signed-off-by: Alyssa Ross <hi@alyssa.is> --- host/rootfs/image/etc/s6-linux-init/env/WAYLAND_DISPLAY | 2 +- .../vm-services/template/data/service/vhost-user-gpu/run | 6 ++++-- host/rootfs/image/etc/s6-rc/weston/run | 4 ++-- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/host/rootfs/image/etc/s6-linux-init/env/WAYLAND_DISPLAY b/host/rootfs/image/etc/s6-linux-init/env/WAYLAND_DISPLAY index 5ff1a40..bbd390c 100644 --- a/host/rootfs/image/etc/s6-linux-init/env/WAYLAND_DISPLAY +++ b/host/rootfs/image/etc/s6-linux-init/env/WAYLAND_DISPLAY @@ -1 +1 @@ -wayland-1 +/run/wayland diff --git a/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-services/template/data/service/vhost-user-gpu/run b/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-services/template/data/service/vhost-user-gpu/run index 73d6cae..6ee9959 100755 --- a/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-services/template/data/service/vhost-user-gpu/run +++ b/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-services/template/data/service/vhost-user-gpu/run @@ -5,12 +5,14 @@ s6-ipcserver -1a 0700 -c 1 -b 1 env/crosvm.sock +importas -Si WAYLAND_DISPLAY + bwrap --unshare-all # --unshare-all only implies --unshare-user-try. # Make this more than a "try". --unshare-user - --bind /run/user/0/wayland-1 /run/user/0/wayland-1 + --bind $WAYLAND_DISPLAY $WAYLAND_DISPLAY --ro-bind /usr /usr --ro-bind /lib /lib --tmpfs /tmp @@ -35,5 +37,5 @@ bwrap -- crosvm --no-syslog device gpu --fd 0 - --wayland-sock /run/user/0/wayland-1 + --wayland-sock $WAYLAND_DISPLAY --params "{\"context-types\":\"cross-domain\"}" diff --git a/host/rootfs/image/etc/s6-rc/weston/run b/host/rootfs/image/etc/s6-rc/weston/run index 41e42e6..1647990 100644 --- a/host/rootfs/image/etc/s6-rc/weston/run +++ b/host/rootfs/image/etc/s6-rc/weston/run @@ -2,7 +2,7 @@ # SPDX-License-Identifier: EUPL-1.2+ # SPDX-FileCopyrightText: 2021 Alyssa Ross <hi@alyssa.is> -unexport WAYLAND_DISPLAY +importas -Siu WAYLAND_DISPLAY if { mkdir -p -m 0700 /run/user/0 } @@ -18,4 +18,4 @@ importas -i home HOME cd $home if { udevadm wait /dev/dri/card0 } unshare --cgroup --ipc --net --uts -weston +weston -S $WAYLAND_DISPLAY -- 2.51.0
There's no need to set this any more except that Weston checks for its validity overenthusiastically. Signed-off-by: Alyssa Ross <hi@alyssa.is> --- host/rootfs/image/etc/s6-rc/weston/run | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/host/rootfs/image/etc/s6-rc/weston/run b/host/rootfs/image/etc/s6-rc/weston/run index 1647990..aa1e7b6 100644 --- a/host/rootfs/image/etc/s6-rc/weston/run +++ b/host/rootfs/image/etc/s6-rc/weston/run @@ -1,9 +1,11 @@ #!/bin/execlineb -P # SPDX-License-Identifier: EUPL-1.2+ -# SPDX-FileCopyrightText: 2021 Alyssa Ross <hi@alyssa.is> +# SPDX-FileCopyrightText: 2021, 2025 Alyssa Ross <hi@alyssa.is> importas -Siu WAYLAND_DISPLAY +# Workaround for +# https://gitlab.freedesktop.org/wayland/weston/-/merge_requests/1911 if { mkdir -p -m 0700 /run/user/0 } backtick USER { id -un } -- 2.51.0
This will allow clients running as unprivileged users to connect to the compositor. Signed-off-by: Alyssa Ross <hi@alyssa.is> --- host/rootfs/image/etc/s6-linux-init/run-image/etc/group | 1 + host/rootfs/image/etc/s6-rc/weston/run | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/host/rootfs/image/etc/s6-linux-init/run-image/etc/group b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group index e3ade46..fe72eb7 100644 --- a/host/rootfs/image/etc/s6-linux-init/run-image/etc/group +++ b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group @@ -13,3 +13,4 @@ disk:x:11: cdrom:x:12: tape:x:13: kvm:x:14: +wayland:x:15: diff --git a/host/rootfs/image/etc/s6-rc/weston/run b/host/rootfs/image/etc/s6-rc/weston/run index aa1e7b6..7cb182f 100644 --- a/host/rootfs/image/etc/s6-rc/weston/run +++ b/host/rootfs/image/etc/s6-rc/weston/run @@ -20,4 +20,9 @@ importas -i home HOME cd $home if { udevadm wait /dev/dri/card0 } unshare --cgroup --ipc --net --uts + +s6-envuidgid root +s6-envuidgid -g wayland +s6-applyuidgid -Uz +umask 002 weston -S $WAYLAND_DISPLAY -- 2.51.0
On 12/9/25 03:56, Alyssa Ross wrote:
This will allow clients running as unprivileged users to connect to the compositor.
Signed-off-by: Alyssa Ross <hi@alyssa.is> --- host/rootfs/image/etc/s6-linux-init/run-image/etc/group | 1 + host/rootfs/image/etc/s6-rc/weston/run | 5 +++++ 2 files changed, 6 insertions(+)
diff --git a/host/rootfs/image/etc/s6-linux-init/run-image/etc/group b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group index e3ade46..fe72eb7 100644 --- a/host/rootfs/image/etc/s6-linux-init/run-image/etc/group +++ b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group @@ -13,3 +13,4 @@ disk:x:11: cdrom:x:12: tape:x:13: kvm:x:14: +wayland:x:15: diff --git a/host/rootfs/image/etc/s6-rc/weston/run b/host/rootfs/image/etc/s6-rc/weston/run index aa1e7b6..7cb182f 100644 --- a/host/rootfs/image/etc/s6-rc/weston/run +++ b/host/rootfs/image/etc/s6-rc/weston/run @@ -20,4 +20,9 @@ importas -i home HOME cd $home if { udevadm wait /dev/dri/card0 } unshare --cgroup --ipc --net --uts + +s6-envuidgid root +s6-envuidgid -g wayland +s6-applyuidgid -Uz +umask 002 weston -S $WAYLAND_DISPLAY
Can the socket be chmod'd after Weston starts? Running with 002 umask is not great. -- Sincerely, Demi Marie Obenour (she/her/hers)
On Tue, Dec 09, 2025 at 05:55:22AM -0500, Demi Marie Obenour wrote:
On 12/9/25 03:56, Alyssa Ross wrote:
This will allow clients running as unprivileged users to connect to the compositor.
Signed-off-by: Alyssa Ross <hi@alyssa.is> --- host/rootfs/image/etc/s6-linux-init/run-image/etc/group | 1 + host/rootfs/image/etc/s6-rc/weston/run | 5 +++++ 2 files changed, 6 insertions(+)
diff --git a/host/rootfs/image/etc/s6-linux-init/run-image/etc/group b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group index e3ade46..fe72eb7 100644 --- a/host/rootfs/image/etc/s6-linux-init/run-image/etc/group +++ b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group @@ -13,3 +13,4 @@ disk:x:11: cdrom:x:12: tape:x:13: kvm:x:14: +wayland:x:15: diff --git a/host/rootfs/image/etc/s6-rc/weston/run b/host/rootfs/image/etc/s6-rc/weston/run index aa1e7b6..7cb182f 100644 --- a/host/rootfs/image/etc/s6-rc/weston/run +++ b/host/rootfs/image/etc/s6-rc/weston/run @@ -20,4 +20,9 @@ importas -i home HOME cd $home if { udevadm wait /dev/dri/card0 } unshare --cgroup --ipc --net --uts + +s6-envuidgid root +s6-envuidgid -g wayland +s6-applyuidgid -Uz +umask 002 weston -S $WAYLAND_DISPLAY
Can the socket be chmod'd after Weston starts? Running with 002 umask is not great.
If we use sd-notify-adapter, then I think so, but it wouldn't be very nice. What's the problem with umask 002?
On 12/9/25 05:59, Alyssa Ross wrote:
On Tue, Dec 09, 2025 at 05:55:22AM -0500, Demi Marie Obenour wrote:
On 12/9/25 03:56, Alyssa Ross wrote:
This will allow clients running as unprivileged users to connect to the compositor.
Signed-off-by: Alyssa Ross <hi@alyssa.is> --- host/rootfs/image/etc/s6-linux-init/run-image/etc/group | 1 + host/rootfs/image/etc/s6-rc/weston/run | 5 +++++ 2 files changed, 6 insertions(+)
diff --git a/host/rootfs/image/etc/s6-linux-init/run-image/etc/group b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group index e3ade46..fe72eb7 100644 --- a/host/rootfs/image/etc/s6-linux-init/run-image/etc/group +++ b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group @@ -13,3 +13,4 @@ disk:x:11: cdrom:x:12: tape:x:13: kvm:x:14: +wayland:x:15: diff --git a/host/rootfs/image/etc/s6-rc/weston/run b/host/rootfs/image/etc/s6-rc/weston/run index aa1e7b6..7cb182f 100644 --- a/host/rootfs/image/etc/s6-rc/weston/run +++ b/host/rootfs/image/etc/s6-rc/weston/run @@ -20,4 +20,9 @@ importas -i home HOME cd $home if { udevadm wait /dev/dri/card0 } unshare --cgroup --ipc --net --uts + +s6-envuidgid root +s6-envuidgid -g wayland +s6-applyuidgid -Uz +umask 002 weston -S $WAYLAND_DISPLAY
Can the socket be chmod'd after Weston starts? Running with 002 umask is not great.
If we use sd-notify-adapter, then I think so, but it wouldn't be very nice.
Using sd-notify-adapter is probably a good idea anyway, so that nothing tries to connect to the socket before it is there to connect to.
What's the problem with umask 002?
It means that any files created by the service are group-writable and world-readable, which is almost never what one wants. It means that the service can't even trust a file it itself created. -- Sincerely, Demi Marie Obenour (she/her/hers)
Demi Marie Obenour <demiobenour@gmail.com> writes:
On 12/9/25 05:59, Alyssa Ross wrote:
On Tue, Dec 09, 2025 at 05:55:22AM -0500, Demi Marie Obenour wrote:
On 12/9/25 03:56, Alyssa Ross wrote:
This will allow clients running as unprivileged users to connect to the compositor.
Signed-off-by: Alyssa Ross <hi@alyssa.is> --- host/rootfs/image/etc/s6-linux-init/run-image/etc/group | 1 + host/rootfs/image/etc/s6-rc/weston/run | 5 +++++ 2 files changed, 6 insertions(+)
diff --git a/host/rootfs/image/etc/s6-linux-init/run-image/etc/group b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group index e3ade46..fe72eb7 100644 --- a/host/rootfs/image/etc/s6-linux-init/run-image/etc/group +++ b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group @@ -13,3 +13,4 @@ disk:x:11: cdrom:x:12: tape:x:13: kvm:x:14: +wayland:x:15: diff --git a/host/rootfs/image/etc/s6-rc/weston/run b/host/rootfs/image/etc/s6-rc/weston/run index aa1e7b6..7cb182f 100644 --- a/host/rootfs/image/etc/s6-rc/weston/run +++ b/host/rootfs/image/etc/s6-rc/weston/run @@ -20,4 +20,9 @@ importas -i home HOME cd $home if { udevadm wait /dev/dri/card0 } unshare --cgroup --ipc --net --uts + +s6-envuidgid root +s6-envuidgid -g wayland +s6-applyuidgid -Uz +umask 002 weston -S $WAYLAND_DISPLAY
Can the socket be chmod'd after Weston starts? Running with 002 umask is not great.
If we use sd-notify-adapter, then I think so, but it wouldn't be very nice.
Using sd-notify-adapter is probably a good idea anyway, so that nothing tries to connect to the socket before it is there to connect to.
Oh, right, we actually already have readiness notification via /etc/xdg/weston/autolaunch. It won't run as root soon, but we could wait for that in the run script and do the chmod there.
What's the problem with umask 002?
It means that any files created by the service are group-writable and world-readable, which is almost never what one wants. It means that the service can't even trust a file it itself created.
Signed-off-by: Alyssa Ross <hi@alyssa.is> --- .../template/data/service/vhost-user-gpu/run | 11 +++++++++-- host/rootfs/image/usr/bin/run-appimage | 1 + host/rootfs/image/usr/bin/run-flatpak | 1 + host/rootfs/image/usr/bin/vm-import | 1 + 4 files changed, 12 insertions(+), 2 deletions(-) diff --git a/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-services/template/data/service/vhost-user-gpu/run b/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-services/template/data/service/vhost-user-gpu/run index 6ee99599..1341691b 100755 --- a/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-services/template/data/service/vhost-user-gpu/run +++ b/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-services/template/data/service/vhost-user-gpu/run @@ -3,9 +3,16 @@ # SPDX-FileCopyrightText: 2025 Alyssa Ross <hi@alyssa.is> # SPDX-FileCopyrightText: 2025 Demi Marie Obenour <demiobenour@gmail.com> -s6-ipcserver -1a 0700 -c 1 -b 1 env/crosvm.sock +s6-ipcserver-socketbinder -a 0700 -b 1 env/crosvm.sock -importas -Si WAYLAND_DISPLAY +multisubstitute { + importas -Siu VM + importas -Si WAYLAND_DISPLAY +} + +s6-envuidgid gpu-${VM} +s6-applyuidgid -UzG 15 # wayland +s6-ipcserverd -1c 1 bwrap --unshare-all diff --git a/host/rootfs/image/usr/bin/run-appimage b/host/rootfs/image/usr/bin/run-appimage index f2fe7bc2..36f57b85 100755 --- a/host/rootfs/image/usr/bin/run-appimage +++ b/host/rootfs/image/usr/bin/run-appimage @@ -4,6 +4,7 @@ backtick -E dir { mktemp -d /run/vm/by-id/XXXXXX } backtick -E id { basename -- $dir } +if { useradd -P /run -Urd / -s /bin/nologin gpu-${id} } if { mkdir -p /run/configs/${id}/fs } diff --git a/host/rootfs/image/usr/bin/run-flatpak b/host/rootfs/image/usr/bin/run-flatpak index d7914a7a..2ef20433 100755 --- a/host/rootfs/image/usr/bin/run-flatpak +++ b/host/rootfs/image/usr/bin/run-flatpak @@ -4,6 +4,7 @@ backtick -E dir { mktemp -d /run/vm/by-id/XXXXXX } backtick -E id { basename -- $dir } +if { useradd -P /run -Urd / -s /bin/nologin gpu-${id} } if { elgetpositionals diff --git a/host/rootfs/image/usr/bin/vm-import b/host/rootfs/image/usr/bin/vm-import index c1d1bbc1..19a0df36 100755 --- a/host/rootfs/image/usr/bin/vm-import +++ b/host/rootfs/image/usr/bin/vm-import @@ -9,6 +9,7 @@ forx -po0 -E name { $names } backtick -E dir { mktemp -d /run/vm/by-id/XXXXXX } backtick -E id { basename -- $dir } +if { useradd -P /run -Urd / -s /bin/nologin gpu-${id} } if { ln -s -- ${dir} /run/vm/by-name/${1}.${name} } if { ln -s -- ${2}/${name} ${dir}/config } -- 2.51.0
On 12/9/25 03:56, Alyssa Ross wrote:
This will allow us to give shadow's useradd /run as a prefix, and have it be able to add users at runtime.
Signed-off-by: Alyssa Ross <hi@alyssa.is> --- host/rootfs/file-list.mk | 6 ++++-- host/rootfs/image/etc/group | 16 +--------------- host/rootfs/image/etc/passwd | 2 +- .../etc/{ => s6-linux-init/run-image/etc}/group | 0 .../run-image/etc}/group.license | 0 .../etc/{ => s6-linux-init/run-image/etc}/passwd | 0 .../run-image/etc}/passwd.license | 0
Is git somehow generating wrong diffstats?
7 files changed, 6 insertions(+), 18 deletions(-) mode change 100644 => 120000 host/rootfs/image/etc/group mode change 100644 => 120000 host/rootfs/image/etc/passwd copy host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/group (100%) rename host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/group.license (100%) copy host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/passwd (100%) rename host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/passwd.license (100%)
diff --git a/host/rootfs/file-list.mk b/host/rootfs/file-list.mk index df22bce..6ab78e6 100644 --- a/host/rootfs/file-list.mk +++ b/host/rootfs/file-list.mk @@ -4,13 +4,13 @@ FILES = \ image/etc/fonts/fonts.conf \ image/etc/fstab \ - image/etc/group \ image/etc/init \ image/etc/login \ image/etc/parse-devname \ - image/etc/passwd \ image/etc/s6-linux-init/env/WAYLAND_DISPLAY \ image/etc/s6-linux-init/env/XDG_RUNTIME_DIR \ + image/etc/s6-linux-init/run-image/etc/group \ + image/etc/s6-linux-init/run-image/etc/passwd \ image/etc/s6-linux-init/run-image/service/getty-tty1/run \ image/etc/s6-linux-init/run-image/service/getty-tty2/run \ image/etc/s6-linux-init/run-image/service/getty-tty3/run \ @@ -68,6 +68,8 @@ FILES = \
LINKS = \ image/bin \ + image/etc/group \ + image/etc/passwd \ image/etc/s6-linux-init/run-image/opengl-driver \ image/etc/s6-linux-init/run-image/service/vmm/template/run \ image/lib \ diff --git a/host/rootfs/image/etc/group b/host/rootfs/image/etc/group deleted file mode 100644 index e3ade46..0000000 --- a/host/rootfs/image/etc/group +++ /dev/null @@ -1,15 +0,0 @@ -root:x:0:root -clock:x:1: -dialout:x:2: -kmem:x:3: -input:x:4: -tty:x:5: -video:x:6: -render:x:7: -sgx:x:8: -audio:x:9: -lp:x:10: -disk:x:11: -cdrom:x:12: -tape:x:13: -kvm:x:14:
Why is this file deleted and not renamed?
diff --git a/host/rootfs/image/etc/group b/host/rootfs/image/etc/group new file mode 120000 index 0000000..a9b248e --- /dev/null +++ b/host/rootfs/image/etc/group @@ -0,0 +1 @@ +/run/etc/group
../run/etc/group?
\ No newline at end of file diff --git a/host/rootfs/image/etc/passwd b/host/rootfs/image/etc/passwd deleted file mode 100644 index 29f3b25..0000000 --- a/host/rootfs/image/etc/passwd +++ /dev/null @@ -1 +0,0 @@ -root:x:0:0:System administrator:/:/bin/sh diff --git a/host/rootfs/image/etc/passwd b/host/rootfs/image/etc/passwd new file mode 120000 index 0000000..889bb76 --- /dev/null +++ b/host/rootfs/image/etc/passwd @@ -0,0 +1 @@ +/run/etc/passwd
../run/etc/passwd?
\ No newline at end of file diff --git a/host/rootfs/image/etc/group b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group similarity index 100% copy from host/rootfs/image/etc/group copy to host/rootfs/image/etc/s6-linux-init/run-image/etc/group diff --git a/host/rootfs/image/etc/group.license b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group.license similarity index 100% rename from host/rootfs/image/etc/group.license rename to host/rootfs/image/etc/s6-linux-init/run-image/etc/group.license diff --git a/host/rootfs/image/etc/passwd b/host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd similarity index 100% copy from host/rootfs/image/etc/passwd copy to host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd diff --git a/host/rootfs/image/etc/passwd.license b/host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd.license similarity index 100% rename from host/rootfs/image/etc/passwd.license rename to host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd.license
base-commit: d0efa283216ebc503b4b715c051518ae7dbd8409
-- Sincerely, Demi Marie Obenour (she/her/hers)
Demi Marie Obenour <demiobenour@gmail.com> writes:
On 12/9/25 03:56, Alyssa Ross wrote:
This will allow us to give shadow's useradd /run as a prefix, and have it be able to add users at runtime.
Signed-off-by: Alyssa Ross <hi@alyssa.is> --- host/rootfs/file-list.mk | 6 ++++-- host/rootfs/image/etc/group | 16 +--------------- host/rootfs/image/etc/passwd | 2 +- .../etc/{ => s6-linux-init/run-image/etc}/group | 0 .../run-image/etc}/group.license | 0 .../etc/{ => s6-linux-init/run-image/etc}/passwd | 0 .../run-image/etc}/passwd.license | 0
Is git somehow generating wrong diffstats?
It just generates extremely confusing output when you replace a file with a symlink.
7 files changed, 6 insertions(+), 18 deletions(-) mode change 100644 => 120000 host/rootfs/image/etc/group mode change 100644 => 120000 host/rootfs/image/etc/passwd copy host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/group (100%) rename host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/group.license (100%) copy host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/passwd (100%) rename host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/passwd.license (100%)
diff --git a/host/rootfs/file-list.mk b/host/rootfs/file-list.mk index df22bce..6ab78e6 100644 --- a/host/rootfs/file-list.mk +++ b/host/rootfs/file-list.mk @@ -4,13 +4,13 @@ FILES = \ image/etc/fonts/fonts.conf \ image/etc/fstab \ - image/etc/group \ image/etc/init \ image/etc/login \ image/etc/parse-devname \ - image/etc/passwd \ image/etc/s6-linux-init/env/WAYLAND_DISPLAY \ image/etc/s6-linux-init/env/XDG_RUNTIME_DIR \ + image/etc/s6-linux-init/run-image/etc/group \ + image/etc/s6-linux-init/run-image/etc/passwd \ image/etc/s6-linux-init/run-image/service/getty-tty1/run \ image/etc/s6-linux-init/run-image/service/getty-tty2/run \ image/etc/s6-linux-init/run-image/service/getty-tty3/run \ @@ -68,6 +68,8 @@ FILES = \
LINKS = \ image/bin \ + image/etc/group \ + image/etc/passwd \ image/etc/s6-linux-init/run-image/opengl-driver \ image/etc/s6-linux-init/run-image/service/vmm/template/run \ image/lib \ diff --git a/host/rootfs/image/etc/group b/host/rootfs/image/etc/group deleted file mode 100644 index e3ade46..0000000 --- a/host/rootfs/image/etc/group +++ /dev/null @@ -1,15 +0,0 @@ -root:x:0:root -clock:x:1: -dialout:x:2: -kmem:x:3: -input:x:4: -tty:x:5: -video:x:6: -render:x:7: -sgx:x:8: -audio:x:9: -lp:x:10: -disk:x:11: -cdrom:x:12: -tape:x:13: -kvm:x:14:
Why is this file deleted and not renamed?
git considers it a copy (see below) followed by a deletion and replacement with symlink. It is, effectively, renamed.
diff --git a/host/rootfs/image/etc/group b/host/rootfs/image/etc/group new file mode 120000 index 0000000..a9b248e --- /dev/null +++ b/host/rootfs/image/etc/group @@ -0,0 +1 @@ +/run/etc/group
../run/etc/group?
Okay, makes sense.
\ No newline at end of file diff --git a/host/rootfs/image/etc/passwd b/host/rootfs/image/etc/passwd deleted file mode 100644 index 29f3b25..0000000 --- a/host/rootfs/image/etc/passwd +++ /dev/null @@ -1 +0,0 @@ -root:x:0:0:System administrator:/:/bin/sh diff --git a/host/rootfs/image/etc/passwd b/host/rootfs/image/etc/passwd new file mode 120000 index 0000000..889bb76 --- /dev/null +++ b/host/rootfs/image/etc/passwd @@ -0,0 +1 @@ +/run/etc/passwd
../run/etc/passwd?
\ No newline at end of file diff --git a/host/rootfs/image/etc/group b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group similarity index 100% copy from host/rootfs/image/etc/group copy to host/rootfs/image/etc/s6-linux-init/run-image/etc/group diff --git a/host/rootfs/image/etc/group.license b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group.license similarity index 100% rename from host/rootfs/image/etc/group.license rename to host/rootfs/image/etc/s6-linux-init/run-image/etc/group.license diff --git a/host/rootfs/image/etc/passwd b/host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd similarity index 100% copy from host/rootfs/image/etc/passwd copy to host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd diff --git a/host/rootfs/image/etc/passwd.license b/host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd.license similarity index 100% rename from host/rootfs/image/etc/passwd.license rename to host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd.license
base-commit: d0efa283216ebc503b4b715c051518ae7dbd8409
-- Sincerely, Demi Marie Obenour (she/her/hers)
On 12/9/25 05:57, Alyssa Ross wrote:
Demi Marie Obenour <demiobenour@gmail.com> writes:
On 12/9/25 03:56, Alyssa Ross wrote:
This will allow us to give shadow's useradd /run as a prefix, and have it be able to add users at runtime.
Signed-off-by: Alyssa Ross <hi@alyssa.is> --- host/rootfs/file-list.mk | 6 ++++-- host/rootfs/image/etc/group | 16 +--------------- host/rootfs/image/etc/passwd | 2 +- .../etc/{ => s6-linux-init/run-image/etc}/group | 0 .../run-image/etc}/group.license | 0 .../etc/{ => s6-linux-init/run-image/etc}/passwd | 0 .../run-image/etc}/passwd.license | 0
Is git somehow generating wrong diffstats?
It just generates extremely confusing output when you replace a file with a symlink.
7 files changed, 6 insertions(+), 18 deletions(-) mode change 100644 => 120000 host/rootfs/image/etc/group mode change 100644 => 120000 host/rootfs/image/etc/passwd copy host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/group (100%) rename host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/group.license (100%) copy host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/passwd (100%) rename host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/passwd.license (100%)
diff --git a/host/rootfs/file-list.mk b/host/rootfs/file-list.mk index df22bce..6ab78e6 100644 --- a/host/rootfs/file-list.mk +++ b/host/rootfs/file-list.mk @@ -4,13 +4,13 @@ FILES = \ image/etc/fonts/fonts.conf \ image/etc/fstab \ - image/etc/group \ image/etc/init \ image/etc/login \ image/etc/parse-devname \ - image/etc/passwd \ image/etc/s6-linux-init/env/WAYLAND_DISPLAY \ image/etc/s6-linux-init/env/XDG_RUNTIME_DIR \ + image/etc/s6-linux-init/run-image/etc/group \ + image/etc/s6-linux-init/run-image/etc/passwd \ image/etc/s6-linux-init/run-image/service/getty-tty1/run \ image/etc/s6-linux-init/run-image/service/getty-tty2/run \ image/etc/s6-linux-init/run-image/service/getty-tty3/run \ @@ -68,6 +68,8 @@ FILES = \
LINKS = \ image/bin \ + image/etc/group \ + image/etc/passwd \ image/etc/s6-linux-init/run-image/opengl-driver \ image/etc/s6-linux-init/run-image/service/vmm/template/run \ image/lib \ diff --git a/host/rootfs/image/etc/group b/host/rootfs/image/etc/group deleted file mode 100644 index e3ade46..0000000 --- a/host/rootfs/image/etc/group +++ /dev/null @@ -1,15 +0,0 @@ -root:x:0:root -clock:x:1: -dialout:x:2: -kmem:x:3: -input:x:4: -tty:x:5: -video:x:6: -render:x:7: -sgx:x:8: -audio:x:9: -lp:x:10: -disk:x:11: -cdrom:x:12: -tape:x:13: -kvm:x:14:
Why is this file deleted and not renamed?
git considers it a copy (see below) followed by a deletion and replacement with symlink. It is, effectively, renamed.
diff --git a/host/rootfs/image/etc/group b/host/rootfs/image/etc/group new file mode 120000 index 0000000..a9b248e --- /dev/null +++ b/host/rootfs/image/etc/group @@ -0,0 +1 @@ +/run/etc/group
../run/etc/group?
Okay, makes sense.
\ No newline at end of file diff --git a/host/rootfs/image/etc/passwd b/host/rootfs/image/etc/passwd deleted file mode 100644 index 29f3b25..0000000 --- a/host/rootfs/image/etc/passwd +++ /dev/null @@ -1 +0,0 @@ -root:x:0:0:System administrator:/:/bin/sh diff --git a/host/rootfs/image/etc/passwd b/host/rootfs/image/etc/passwd new file mode 120000 index 0000000..889bb76 --- /dev/null +++ b/host/rootfs/image/etc/passwd @@ -0,0 +1 @@ +/run/etc/passwd
../run/etc/passwd?
\ No newline at end of file diff --git a/host/rootfs/image/etc/group b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group similarity index 100% copy from host/rootfs/image/etc/group copy to host/rootfs/image/etc/s6-linux-init/run-image/etc/group diff --git a/host/rootfs/image/etc/group.license b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group.license similarity index 100% rename from host/rootfs/image/etc/group.license rename to host/rootfs/image/etc/s6-linux-init/run-image/etc/group.license diff --git a/host/rootfs/image/etc/passwd b/host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd similarity index 100% copy from host/rootfs/image/etc/passwd copy to host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd diff --git a/host/rootfs/image/etc/passwd.license b/host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd.license similarity index 100% rename from host/rootfs/image/etc/passwd.license rename to host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd.license
base-commit: d0efa283216ebc503b4b715c051518ae7dbd8409
-- Sincerely, Demi Marie Obenour (she/her/hers)
Assuming I understood the diff correctly, and with relative symlinks: Reviewed-by: Demi Marie Obenour <demiobenour@gmail.com> -- Sincerely, Demi Marie Obenour (she/her/hers)
Demi Marie Obenour <demiobenour@gmail.com> writes:
On 12/9/25 05:57, Alyssa Ross wrote:
Demi Marie Obenour <demiobenour@gmail.com> writes:
On 12/9/25 03:56, Alyssa Ross wrote:
This will allow us to give shadow's useradd /run as a prefix, and have it be able to add users at runtime.
Signed-off-by: Alyssa Ross <hi@alyssa.is> --- host/rootfs/file-list.mk | 6 ++++-- host/rootfs/image/etc/group | 16 +--------------- host/rootfs/image/etc/passwd | 2 +- .../etc/{ => s6-linux-init/run-image/etc}/group | 0 .../run-image/etc}/group.license | 0 .../etc/{ => s6-linux-init/run-image/etc}/passwd | 0 .../run-image/etc}/passwd.license | 0
Is git somehow generating wrong diffstats?
It just generates extremely confusing output when you replace a file with a symlink.
7 files changed, 6 insertions(+), 18 deletions(-) mode change 100644 => 120000 host/rootfs/image/etc/group mode change 100644 => 120000 host/rootfs/image/etc/passwd copy host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/group (100%) rename host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/group.license (100%) copy host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/passwd (100%) rename host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/passwd.license (100%)
diff --git a/host/rootfs/file-list.mk b/host/rootfs/file-list.mk index df22bce..6ab78e6 100644 --- a/host/rootfs/file-list.mk +++ b/host/rootfs/file-list.mk @@ -4,13 +4,13 @@ FILES = \ image/etc/fonts/fonts.conf \ image/etc/fstab \ - image/etc/group \ image/etc/init \ image/etc/login \ image/etc/parse-devname \ - image/etc/passwd \ image/etc/s6-linux-init/env/WAYLAND_DISPLAY \ image/etc/s6-linux-init/env/XDG_RUNTIME_DIR \ + image/etc/s6-linux-init/run-image/etc/group \ + image/etc/s6-linux-init/run-image/etc/passwd \ image/etc/s6-linux-init/run-image/service/getty-tty1/run \ image/etc/s6-linux-init/run-image/service/getty-tty2/run \ image/etc/s6-linux-init/run-image/service/getty-tty3/run \ @@ -68,6 +68,8 @@ FILES = \
LINKS = \ image/bin \ + image/etc/group \ + image/etc/passwd \ image/etc/s6-linux-init/run-image/opengl-driver \ image/etc/s6-linux-init/run-image/service/vmm/template/run \ image/lib \ diff --git a/host/rootfs/image/etc/group b/host/rootfs/image/etc/group deleted file mode 100644 index e3ade46..0000000 --- a/host/rootfs/image/etc/group +++ /dev/null @@ -1,15 +0,0 @@ -root:x:0:root -clock:x:1: -dialout:x:2: -kmem:x:3: -input:x:4: -tty:x:5: -video:x:6: -render:x:7: -sgx:x:8: -audio:x:9: -lp:x:10: -disk:x:11: -cdrom:x:12: -tape:x:13: -kvm:x:14:
Why is this file deleted and not renamed?
git considers it a copy (see below) followed by a deletion and replacement with symlink. It is, effectively, renamed.
diff --git a/host/rootfs/image/etc/group b/host/rootfs/image/etc/group new file mode 120000 index 0000000..a9b248e --- /dev/null +++ b/host/rootfs/image/etc/group @@ -0,0 +1 @@ +/run/etc/group
../run/etc/group?
Okay, makes sense.
\ No newline at end of file diff --git a/host/rootfs/image/etc/passwd b/host/rootfs/image/etc/passwd deleted file mode 100644 index 29f3b25..0000000 --- a/host/rootfs/image/etc/passwd +++ /dev/null @@ -1 +0,0 @@ -root:x:0:0:System administrator:/:/bin/sh diff --git a/host/rootfs/image/etc/passwd b/host/rootfs/image/etc/passwd new file mode 120000 index 0000000..889bb76 --- /dev/null +++ b/host/rootfs/image/etc/passwd @@ -0,0 +1 @@ +/run/etc/passwd
../run/etc/passwd?
\ No newline at end of file diff --git a/host/rootfs/image/etc/group b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group similarity index 100% copy from host/rootfs/image/etc/group copy to host/rootfs/image/etc/s6-linux-init/run-image/etc/group diff --git a/host/rootfs/image/etc/group.license b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group.license similarity index 100% rename from host/rootfs/image/etc/group.license rename to host/rootfs/image/etc/s6-linux-init/run-image/etc/group.license diff --git a/host/rootfs/image/etc/passwd b/host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd similarity index 100% copy from host/rootfs/image/etc/passwd copy to host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd diff --git a/host/rootfs/image/etc/passwd.license b/host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd.license similarity index 100% rename from host/rootfs/image/etc/passwd.license rename to host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd.license
base-commit: d0efa283216ebc503b4b715c051518ae7dbd8409
-- Sincerely, Demi Marie Obenour (she/her/hers)
Assuming I understood the diff correctly, and with relative symlinks:
Reviewed-by: Demi Marie Obenour <demiobenour@gmail.com>
Wait, actually, why do we want relative symlinks? Previously I've used them so you can follow the symlinks in the development tree, but that doesn't work here anyway because there's obviously no run in the tree.
On 12/9/25 06:11, Alyssa Ross wrote:
Demi Marie Obenour <demiobenour@gmail.com> writes:
On 12/9/25 05:57, Alyssa Ross wrote:
Demi Marie Obenour <demiobenour@gmail.com> writes:
On 12/9/25 03:56, Alyssa Ross wrote:
This will allow us to give shadow's useradd /run as a prefix, and have it be able to add users at runtime.
Signed-off-by: Alyssa Ross <hi@alyssa.is> --- host/rootfs/file-list.mk | 6 ++++-- host/rootfs/image/etc/group | 16 +--------------- host/rootfs/image/etc/passwd | 2 +- .../etc/{ => s6-linux-init/run-image/etc}/group | 0 .../run-image/etc}/group.license | 0 .../etc/{ => s6-linux-init/run-image/etc}/passwd | 0 .../run-image/etc}/passwd.license | 0
Is git somehow generating wrong diffstats?
It just generates extremely confusing output when you replace a file with a symlink.
7 files changed, 6 insertions(+), 18 deletions(-) mode change 100644 => 120000 host/rootfs/image/etc/group mode change 100644 => 120000 host/rootfs/image/etc/passwd copy host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/group (100%) rename host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/group.license (100%) copy host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/passwd (100%) rename host/rootfs/image/etc/{ => s6-linux-init/run-image/etc}/passwd.license (100%)
diff --git a/host/rootfs/file-list.mk b/host/rootfs/file-list.mk index df22bce..6ab78e6 100644 --- a/host/rootfs/file-list.mk +++ b/host/rootfs/file-list.mk @@ -4,13 +4,13 @@ FILES = \ image/etc/fonts/fonts.conf \ image/etc/fstab \ - image/etc/group \ image/etc/init \ image/etc/login \ image/etc/parse-devname \ - image/etc/passwd \ image/etc/s6-linux-init/env/WAYLAND_DISPLAY \ image/etc/s6-linux-init/env/XDG_RUNTIME_DIR \ + image/etc/s6-linux-init/run-image/etc/group \ + image/etc/s6-linux-init/run-image/etc/passwd \ image/etc/s6-linux-init/run-image/service/getty-tty1/run \ image/etc/s6-linux-init/run-image/service/getty-tty2/run \ image/etc/s6-linux-init/run-image/service/getty-tty3/run \ @@ -68,6 +68,8 @@ FILES = \
LINKS = \ image/bin \ + image/etc/group \ + image/etc/passwd \ image/etc/s6-linux-init/run-image/opengl-driver \ image/etc/s6-linux-init/run-image/service/vmm/template/run \ image/lib \ diff --git a/host/rootfs/image/etc/group b/host/rootfs/image/etc/group deleted file mode 100644 index e3ade46..0000000 --- a/host/rootfs/image/etc/group +++ /dev/null @@ -1,15 +0,0 @@ -root:x:0:root -clock:x:1: -dialout:x:2: -kmem:x:3: -input:x:4: -tty:x:5: -video:x:6: -render:x:7: -sgx:x:8: -audio:x:9: -lp:x:10: -disk:x:11: -cdrom:x:12: -tape:x:13: -kvm:x:14:
Why is this file deleted and not renamed?
git considers it a copy (see below) followed by a deletion and replacement with symlink. It is, effectively, renamed.
diff --git a/host/rootfs/image/etc/group b/host/rootfs/image/etc/group new file mode 120000 index 0000000..a9b248e --- /dev/null +++ b/host/rootfs/image/etc/group @@ -0,0 +1 @@ +/run/etc/group
../run/etc/group?
Okay, makes sense.
\ No newline at end of file diff --git a/host/rootfs/image/etc/passwd b/host/rootfs/image/etc/passwd deleted file mode 100644 index 29f3b25..0000000 --- a/host/rootfs/image/etc/passwd +++ /dev/null @@ -1 +0,0 @@ -root:x:0:0:System administrator:/:/bin/sh diff --git a/host/rootfs/image/etc/passwd b/host/rootfs/image/etc/passwd new file mode 120000 index 0000000..889bb76 --- /dev/null +++ b/host/rootfs/image/etc/passwd @@ -0,0 +1 @@ +/run/etc/passwd
../run/etc/passwd?
\ No newline at end of file diff --git a/host/rootfs/image/etc/group b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group similarity index 100% copy from host/rootfs/image/etc/group copy to host/rootfs/image/etc/s6-linux-init/run-image/etc/group diff --git a/host/rootfs/image/etc/group.license b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group.license similarity index 100% rename from host/rootfs/image/etc/group.license rename to host/rootfs/image/etc/s6-linux-init/run-image/etc/group.license diff --git a/host/rootfs/image/etc/passwd b/host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd similarity index 100% copy from host/rootfs/image/etc/passwd copy to host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd diff --git a/host/rootfs/image/etc/passwd.license b/host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd.license similarity index 100% rename from host/rootfs/image/etc/passwd.license rename to host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd.license
base-commit: d0efa283216ebc503b4b715c051518ae7dbd8409
-- Sincerely, Demi Marie Obenour (she/her/hers)
Assuming I understood the diff correctly, and with relative symlinks:
Reviewed-by: Demi Marie Obenour <demiobenour@gmail.com>
Wait, actually, why do we want relative symlinks? Previously I've used them so you can follow the symlinks in the development tree, but that doesn't work here anyway because there's obviously no run in the tree.
Some tooling refuses to handle absolute symlinks as a security measure. Not being able to copy a Spectrum development tree using Qubes OS's qvm-copy would be less than great :). Furthermore, I'd rather be pointed to a nonexistent location in the development tree than to a nonexistent location in the real /run (which, on some systems, might even exist). -- Sincerely, Demi Marie Obenour (she/her/hers)
participants (2)
-
Alyssa Ross -
Demi Marie Obenour