Import patches-unapplied version 2.278 to ubuntu/vivid-proposed

Imported using git-ubuntu import. Changelog parent: a2210d3df2c8c97c80fa10710ea65220ff4a5fcc New changelog entries: * Add live-build/ubuntu-core/hooks/99zz-check-uid-gid.chroot, copy of live-build/ubuntu-touch/hooks/99zz-check-uid-gid.chroot with just the error message changed. Currently, the passwd/group checks weren't run. * live-build/ubuntu-touch/hooks/00-uid-gid-fix.chroot_early: also add input group. * Core: drop live-build/ubuntu-core/hooks/12-add-docker-user.chroot and move docker user creation to live-build/ubuntu-core/hooks/00-uid-gid-fix.chroot_early; add ubuntu user to docker group in live-build/ubuntu-core/hooks/02-add_user_to_groups.chroot. This fixes static uid/gid maps for docker user/group. * Update post-debootstrap hashes in live-build/ubuntu-core/hooks/00-uid-gid-fix.chroot_early.
2025-04-07 08:13:37 +00:00 · 2015-02-04 14:28:37 +01:00 · 2015-02-04 14:28:37 +01:00 · 6c019ed452
commit 6c019ed452
parent a2210d3df2
6 changed files with 81 additions and 23 deletions
--- a/debian/changelog
+++ b/debian/changelog
@ -1,3 +1,21 @@
+livecd-rootfs (2.278) vivid; urgency=medium
+
+  * Add live-build/ubuntu-core/hooks/99zz-check-uid-gid.chroot, copy of
+    live-build/ubuntu-touch/hooks/99zz-check-uid-gid.chroot with just the
+    error message changed. Currently, the passwd/group checks weren't run.
+  * live-build/ubuntu-touch/hooks/00-uid-gid-fix.chroot_early: also add input
+    group.
+  * Core: drop live-build/ubuntu-core/hooks/12-add-docker-user.chroot and move
+    docker user creation to
+    live-build/ubuntu-core/hooks/00-uid-gid-fix.chroot_early; add ubuntu user
+    to docker group in
+    live-build/ubuntu-core/hooks/02-add_user_to_groups.chroot. This fixes
+    static uid/gid maps for docker user/group.
+  * Update post-debootstrap hashes in
+    live-build/ubuntu-core/hooks/00-uid-gid-fix.chroot_early.
+
+ -- Loïc Minier <loic.minier@ubuntu.com>  Wed, 04 Feb 2015 14:28:37 +0100
+
 livecd-rootfs (2.277) vivid; urgency=medium

  * live-build/ubuntu-core/hooks/00-uid-gid-fix.chroot_early: add new "input"
--- a/live-build/ubuntu-core/hooks/00-uid-gid-fix.chroot_early
+++ b/live-build/ubuntu-core/hooks/00-uid-gid-fix.chroot_early
@ -1,10 +1,10 @@
 #!/bin/sh -eu

 # Known good post-debootstrap values
-passwd_bootstrap="9738946debbc125bd6cf3f197582a8a5"
-shadow_bootstrap="4d299751999cae6de045390dd568812c"
-group_bootstrap="dd4a0ebdd3f5d170d5a46e6bade5c6c3"
-gshadow_bootstrap="42025e85925432105b429b7c801a50a4"
+passwd_bootstrap="9ebb1c3da5b0ad8f1d366528b32c97cb"
+shadow_bootstrap="1c562aa2ed2f443b9151953e800eca16"
+group_bootstrap="60cd81599d39db5d624e63c8c18d4a5e"
+gshadow_bootstrap="3819432fb99fe6b8f38410c58d503de1"

 # Current post-debootstrap values
 passwd_hash=$(set -- $(md5sum /etc/passwd) && echo $1)
@ -40,6 +40,7 @@ systemd-timesync:x:103:108:systemd Time Synchronization,,,:/run/systemd:/bin/fal
 systemd-network:x:104:109:systemd Network Management,,,:/run/systemd/netif:/bin/false
 systemd-resolve:x:105:110:systemd Resolver,,,:/run/systemd/resolve:/bin/false
 systemd-bus-proxy:x:106:111:systemd Bus Proxy,,,:/run/systemd:/bin/false
+docker:x:107:113::/nonexistent:/bin/false
 EOF
 else
    echo "/etc/passwd post-debootstrap hash doesn't match record" >&2
@ -74,6 +75,7 @@ systemd-timesync:*:16413:0:99999:7:::
 systemd-network:*:16413:0:99999:7:::
 systemd-resolve:*:16413:0:99999:7:::
 systemd-bus-proxy:*:16413:0:99999:7:::
+docker:*:16413:0:99999:7:::
 EOF
 else
    echo "/etc/shadow post-debootstrap hash doesn't match record" >&2
@ -134,6 +136,7 @@ systemd-network:x:109:
 systemd-resolve:x:110:
 systemd-bus-proxy:x:111:
 input:x:112:
+docker:x:113:
 EOF
 else
    echo "/etc/group post-debootstrap hash doesn't match record" >&2
@ -194,6 +197,7 @@ systemd-network:!::
 systemd-resolve:!::
 systemd-bus-proxy:!::
 input:!::
+docker:!::
 EOF
 else
    echo "/etc/gshadow post-debootstrap hash doesn't match record" >&2
--- a/live-build/ubuntu-core/hooks/02-add_user_to_groups.chroot
+++ b/live-build/ubuntu-core/hooks/02-add_user_to_groups.chroot
@ -2,7 +2,7 @@

 USER=ubuntu

-DEFGROUPS="sudo"
+DEFGROUPS="docker sudo"

 echo "I: add $USER to ($DEFGROUPS) group(s)"
 usermod -a -G ${DEFGROUPS} ${USER}
--- a/live-build/ubuntu-core/hooks/12-add-docker-user.chroot
+++ b/live-build/ubuntu-core/hooks/12-add-docker-user.chroot
@ -1,18 +0,0 @@
-#!/bin/sh -x
-
-# FIXME: add click hook for user creation
-
-USER=docker
-
-echo "I: creating docker user"
-
-addgroup --system --quiet $USER
-adduser --system \
-        --ingroup $USER \
-        --disabled-login \
-        --shell /bin/false \
-        --no-create-home \
-        $USER
-
-# ensure that the ubuntu user has the right group
-adduser ubuntu docker
--- a/live-build/ubuntu-core/hooks/99zz-check-uid-gid.chroot
+++ b/live-build/ubuntu-core/hooks/99zz-check-uid-gid.chroot
@ -0,0 +1,52 @@
+#!/bin/sh -eu
+
+ERRCNT=""
+
+passwd_hash=$(set -- $(md5sum /etc/passwd) && echo $1)
+shadow_hash=$(set -- $(cat /etc/shadow | sed "s/:.*:0:99999:/:0:99999:/g" | md5sum) && echo $1)
+group_length=$(cat /etc/group | wc -l)
+gshadow_length=$(cat /etc/gshadow | wc -l)
+
+passwd_orig_hash=$(set -- $(md5sum /etc/passwd.orig) && echo $1)
+shadow_orig_hash=$(set -- $(cat /etc/shadow.orig | sed "s/:.*:0:99999:/:0:99999:/g" | md5sum) && echo $1)
+group_orig_length=$(cat /etc/group.orig | wc -l)
+gshadow_orig_length=$(cat /etc/gshadow.orig | wc -l)
+
+if [ "$passwd_hash" != "$passwd_orig_hash" ]; then
+    echo "/etc/passwd has changed during setup." >&2
+    echo "The new /etc/passwd md5sum is: $passwd_hash" >&2
+    diff -Nrup /etc/passwd.orig /etc/passwd >&2 || true
+    ERRCNT=1
+fi
+
+if [ "$shadow_hash" != "$shadow_orig_hash" ]; then
+    echo "/etc/shadow has changed during setup." >&2
+    echo "The new /etc/shadow md5sum is: $shadow_hash" >&2
+    diff -Nrup /etc/shadow.orig /etc/shadow >&2 || true
+    ERRCNT=1
+fi
+
+if [ "$group_length" != "$group_orig_length" ]; then
+    echo "/etc/group has changed during setup." >&2
+    diff -Nrup /etc/group.orig /etc/group >&2 || true
+    ERRCNT=1
+fi
+
+if [ "$gshadow_length" != "$gshadow_orig_length" ]; then
+    echo "/etc/gshadow has changed during setup." >&2
+    diff -Nrup /etc/gshadow.orig /etc/gshadow >&2 || true
+    ERRCNT=1
+fi
+
+if [ -n "$ERRCNT" ]; then
+	echo "There were changes to the password database," >&2
+	echo "please adjust the values in the livecd-rootfs source in the file:" >&2
+	echo "live-build/ubuntu-core/hooks/00-uid-gid-fix.chroot_early" >&2
+	echo >&2
+	echo "Please check also if a maintainer script of the package" >&2
+	echo "that added these entries perhaps created a home directory and," >&2
+	echo "if needed, add code for creation of it to the above hook" >&2
+	exit 1
+fi
+
+rm /etc/passwd.orig /etc/shadow.orig /etc/group.orig /etc/gshadow.orig
--- a/live-build/ubuntu-touch/hooks/00-uid-gid-fix.chroot_early
+++ b/live-build/ubuntu-touch/hooks/00-uid-gid-fix.chroot_early
@ -175,6 +175,7 @@ systemd-network:x:117:
 systemd-resolve:x:118:
 systemd-bus-proxy:x:119:
 systemd-journal-remote:x:120:
+input:x:121:
 EOF
 else
    echo "/etc/group post-debootstrap hash doesn't match record" >&2
@ -256,6 +257,7 @@ systemd-network:!::
 systemd-resolve:!::
 systemd-bus-proxy:!::
 systemd-journal-remote:!::
+input:!::
 EOF
 else
    echo "/etc/gshadow post-debootstrap hash doesn't match record" >&2