From f8b5d99408e016ecb3d9bcffcee8c65ef6bc26f6 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Thu, 12 Jun 2014 23:22:27 +0200 Subject: sysuser: generate default snippet incorporating TTY_GID properly When the user specifies --with-tty-gid= then we should honour that and write it to the snippet, too. --- Makefile.am | 8 ++++++-- configure.ac | 8 ++++++-- sysusers.d/systemd.conf | 45 --------------------------------------------- sysusers.d/systemd.conf.in | 45 +++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 57 insertions(+), 49 deletions(-) delete mode 100644 sysusers.d/systemd.conf create mode 100644 sysusers.d/systemd.conf.in diff --git a/Makefile.am b/Makefile.am index 733886816c..685066ff48 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1772,9 +1772,12 @@ systemd_sysusers_LDADD = \ rootbin_PROGRAMS += \ systemd-sysusers -dist_sysusers_DATA = \ +nodist_sysusers_DATA = \ sysusers.d/systemd.conf +EXTRA_DIST += \ + sysusers.d/systemd.conf.in + INSTALL_DIRS += \ $(sysusersdir) endif @@ -4934,7 +4937,8 @@ substitutions = \ '|NTP_SERVERS=$(NTP_SERVERS)|' \ '|DNS_SERVERS=$(DNS_SERVERS)|' \ '|systemuidmax=$(SYSTEM_UID_MAX)|' \ - '|systemgidmax=$(SYSTEM_GID_MAX)|' + '|systemgidmax=$(SYSTEM_GID_MAX)|' \ + '|TTY_GID=$(TTY_GID)|' SED_PROCESS = \ $(AM_V_GEN)$(MKDIR_P) $(dir $@) && \ diff --git a/configure.ac b/configure.ac index c68c75930d..e35d86408d 100644 --- a/configure.ac +++ b/configure.ac @@ -1050,8 +1050,11 @@ AM_CONDITIONAL(HAVE_SYSV_COMPAT, test "$SYSTEM_SYSV_COMPAT" = "yes") AC_ARG_WITH([tty-gid], [AS_HELP_STRING([--with-tty-gid=GID], [Specify the numeric GID of the 'tty' group])], - [AC_DEFINE_UNQUOTED(TTY_GID, [$withval], [GID of the 'tty' group])], - []) + [TTY_GID="$withval"], + [TTY_GID="5"]) + +AC_DEFINE_UNQUOTED(TTY_GID, [$TTY_GID], [GID of the 'tty' group]) +AC_SUBST(TTY_GID) AC_ARG_WITH([dbuspolicydir], AS_HELP_STRING([--with-dbuspolicydir=DIR], [D-Bus policy directory]), @@ -1234,6 +1237,7 @@ AC_MSG_RESULT([ Extra start script: ${RC_LOCAL_SCRIPT_PATH_START} Extra stop script: ${RC_LOCAL_SCRIPT_PATH_STOP} Debug shell: ${SUSHELL} @ ${DEBUGTTY} + TTY GID: ${TTY_GID} Maximum System UID: ${SYSTEM_UID_MAX} Maximum System GID: ${SYSTEM_GID_MAX} diff --git a/sysusers.d/systemd.conf b/sysusers.d/systemd.conf deleted file mode 100644 index 76d6a373f1..0000000000 --- a/sysusers.d/systemd.conf +++ /dev/null @@ -1,45 +0,0 @@ -# This file is part of systemd. -# -# systemd is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published by -# the Free Software Foundation; either version 2.1 of the License, or -# (at your option) any later version. - -# The superuser -u root 0 "Super User" - -# The nobody use for NFS file systems -u nobody 65534 "Nobody" - -# Administrator group: can *see* more than normal users -g adm - - - -# Administrator group: can *do* more than normal users -g wheel - - - -# Access to certain kernel and userspace facilities -g kmem - - -g lock - - -g tty 5 - -g utmp - - - -# Hardware access groups -g audio - - -g cdrom - - -g dialout - - -g disk - - -g input - - -g lp - - -g tape - - -g video - - - -# Default group for normal users -g users - - - -# Users and groups for specific systemd subsystems -g systemd-journal - - -u systemd-journal-gateway - "systemd Journal Gateway" -u systemd-bus-proxy - "systemd Bus Proxy" -u systemd-network - "systemd Network Management" -u systemd-resolve - "systemd Resolver" -u systemd-timesync - "systemd Time Synchronization" diff --git a/sysusers.d/systemd.conf.in b/sysusers.d/systemd.conf.in new file mode 100644 index 0000000000..b34a8071aa --- /dev/null +++ b/sysusers.d/systemd.conf.in @@ -0,0 +1,45 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +# The superuser +u root 0 "Super User" + +# The nobody use for NFS file systems +u nobody 65534 "Nobody" + +# Administrator group: can *see* more than normal users +g adm - - + +# Administrator group: can *do* more than normal users +g wheel - - + +# Access to certain kernel and userspace facilities +g kmem - - +g lock - - +g tty @TTY_GID@ - +g utmp - - + +# Hardware access groups +g audio - - +g cdrom - - +g dialout - - +g disk - - +g input - - +g lp - - +g tape - - +g video - - + +# Default group for normal users +g users - - + +# Users and groups for specific systemd subsystems +g systemd-journal - - +u systemd-journal-gateway - "systemd Journal Gateway" +u systemd-bus-proxy - "systemd Bus Proxy" +u systemd-network - "systemd Network Management" +u systemd-resolve - "systemd Resolver" +u systemd-timesync - "systemd Time Synchronization" -- cgit v1.2.3-54-g00ecf