Merge "Refactor patches for setup package"

This commit is contained in:
Zuul 2018-11-29 20:37:56 +00:00 committed by Gerrit Code Review
commit 7986a987bb
36 changed files with 204 additions and 913 deletions

View File

@ -0,0 +1,2 @@
SRC_DIR="files"
TIS_PATCH_VER=0

View File

@ -0,0 +1,41 @@
Summary: setup-config
Name: setup-config
Version: 1.0
Release: %{tis_patch_ver}%{?_tis_dist}
License: Apache-2.0
Group: base
Packager: StarlingX
URL: unknown
BuildArch: noarch
Source: %name-%version.tar.gz
Requires: setup
Summary: package StarlingX configuration files of setup to system folder.
%description
package StarlingX configuration files of setup to system folder.
%prep
%setup
%build
%install
%{__install} -d %{buildroot}%{_sysconfdir}/profile.d
%{__install} -d %{buildroot}%{_datadir}/starlingx
%{__install} -m 644 motd %{buildroot}%{_datadir}/starlingx/stx.motd
%{__install} -m 644 prompt.sh %{buildroot}%{_sysconfdir}/profile.d/prompt.sh
%{__install} -m 644 custom.sh %{buildroot}%{_sysconfdir}/profile.d/custom.sh
%post
if [ $1 -eq 1 ] ; then
# Initial installation
cp -f %{_datadir}/starlingx/stx.motd %{_sysconfdir}/motd
chmod 600 %{_sysconfdir}/{exports,fstab}
fi
%files
%defattr(-,root,root,-)
%{_datadir}/starlingx/stx.motd
%{_sysconfdir}/profile.d/prompt.sh
%{_sysconfdir}/profile.d/custom.sh

View File

@ -1,2 +1,2 @@
COPY_LIST="files/*"
TIS_PATCH_VER=13
TIS_PATCH_VER=14

View File

@ -0,0 +1,34 @@
From e3aba238a88f73392d832b5ae366466f783adce4 Mon Sep 17 00:00:00 2001
From: zhipengl <zhipengs.liu@intel.com>
Date: Sun, 18 Nov 2018 10:06:23 +0000
Subject: [PATCH] WRS: 0001-patch-passwd-group.patch
---
SPECS/setup.spec | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/SPECS/setup.spec b/SPECS/setup.spec
index 0bd1e98..a173b95 100644
--- a/SPECS/setup.spec
+++ b/SPECS/setup.spec
@@ -21,6 +21,8 @@ Patch5: setup-2.8.71-fullpath.patch
Patch6: setup-2.8.71-tapeid.patch
Patch7: setup-2.8.71-shlocal.patch
+Patch8: 0001-Change-group-passwd-and-uidgid.patch
+
%description
The setup package contains a set of important system configuration and
setup files, such as passwd, group, and profile.
@@ -36,6 +38,8 @@ setup files, such as passwd, group, and profile.
%patch6 -p1
%patch7 -p1
+%patch8 -p1
+
./shadowconvert.sh
%build
--
1.8.3.1

View File

@ -1,15 +1,2 @@
spec-include-TiS-changes.patch
spec-include-tis-uid-gid.patch
spec-set-custom-prompt.patch
updating-gids-and-uids-to-support-upgrade-from-wrl.patch
spec-passwd-remove-unused-default-users-and-groups.patch
spec-include-snmpd-fm-user-group.patch
security-make-exports-and-fstab-only-root-accessible.patch
spec-remove-unused-default-groups.patch
0001-Update-package-versioning-for-TIS-format.patch
spec-add-TMOUT-variable.patch
spec-include-add-fm-user-to-snmpd-group.patch
spec-add-magnum-uid-gid.patch
spec-add-ironic-uid-gid.patch
spec-add-murano-uid-gid.patch
spec-add-uid-gid-for-telemetry-services.patch
0001-WRS-change-passwd-group-uidgid.patch

View File

@ -1,27 +0,0 @@
From 6d54fd5dff19e69d2d9c01e508fd4276e4eaef5b Mon Sep 17 00:00:00 2001
From: Jim Somerville <Jim.Somerville@windriver.com>
Date: Tue, 12 Jul 2016 15:43:47 -0400
Subject: [PATCH 07/15] security make exports and fstab only root accessible
Apply a chmod of 600 to the two files.
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
---
SPECS/setup.spec | 1 +
1 file changed, 1 insertion(+)
diff --git a/SPECS/setup.spec b/SPECS/setup.spec
index db3ed17..a612d24 100644
--- a/SPECS/setup.spec
+++ b/SPECS/setup.spec
@@ -69,6 +69,7 @@ chmod 0644 %{buildroot}/var/log/lastlog
touch %{buildroot}/etc/fstab
touch %{buildroot}/etc/subuid
touch %{buildroot}/etc/subgid
+chmod 0600 %{buildroot}/etc/{exports,fstab}
install -m 644 %{SOURCE1} %{buildroot}/etc/
install -m 644 %{SOURCE2} %{buildroot}/etc/profile.d/prompt.sh
mkdir -p %{buildroot}/etc/profile.d
--
2.7.4

View File

@ -1,43 +0,0 @@
From d8ab20a896750f9fcd257d3e64cb0ef34e35140a Mon Sep 17 00:00:00 2001
From: David Balme <david.balme@windriver.com>
Date: Thu, 13 Oct 2016 08:40:27 -0400
Subject: [PATCH 10/15] add TMOUT variable
---
SPECS/setup.spec | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/SPECS/setup.spec b/SPECS/setup.spec
index 8f5fc46..a6465dc 100644
--- a/SPECS/setup.spec
+++ b/SPECS/setup.spec
@@ -8,6 +8,7 @@ URL: https://pagure.io/setup/
Source0: http://releases.pagure.org/%{name}/%{name}-%{version}.tar.bz2
Source1: motd
Source2: prompt.sh
+Source3: custom.sh
BuildArch: noarch
BuildRequires: bash tcsh perl
#require system release for saner dependency order
@@ -73,8 +74,9 @@ touch %{buildroot}/etc/subuid
touch %{buildroot}/etc/subgid
chmod 0600 %{buildroot}/etc/{exports,fstab}
install -m 644 %{SOURCE1} %{buildroot}/etc/
-install -m 644 %{SOURCE2} %{buildroot}/etc/profile.d/prompt.sh
mkdir -p %{buildroot}/etc/profile.d
+install -m 644 %{SOURCE2} %{buildroot}/etc/profile.d/prompt.sh
+install -m 644 %{SOURCE3} %{buildroot}/etc/profile.d/custom.sh
echo "#Add any required envvar overrides to this file, it is sourced from /etc/profile" >%{buildroot}/etc/profile.d/sh.local
echo "#Add any required envvar overrides to this file, is sourced from /etc/csh.login" >%{buildroot}/etc/profile.d/csh.local
@@ -133,6 +135,7 @@ end
%config(noreplace) /etc/motd
%dir /etc/profile.d
/etc/profile.d/prompt.sh
+/etc/profile.d/custom.sh
%config(noreplace) /etc/profile.d/sh.local
%config(noreplace) /etc/profile.d/csh.local
%config(noreplace) %verify(not md5 size mtime) /etc/shells
--
2.7.4

View File

@ -1,33 +0,0 @@
From 1c1e025ff9cdf5a5041959434a79014e24015271 Mon Sep 17 00:00:00 2001
From: Shoaib Nasir <shoaib.nasir@windriver.com>
Date: Mon, 27 Aug 2018 17:55:18 +0800
Add ironic-uid-gid.patch to SPECS
---
SPECS/setup.spec | 2 ++
1 file changed, 2 insertions(+)
diff --git a/SPECS/setup.spec b/SPECS/setup.spec
index 367a13b..974113e 100644
--- a/SPECS/setup.spec
+++ b/SPECS/setup.spec
@@ -30,6 +30,7 @@ Patch11: snmpd-fm-user-group.patch
Patch12: remove-unused-default-groups.patch
Patch13: add-fm-user-to-snmpd-group.patch
Patch14: add-magnum-uid-gid.patch
+Patch15: add-ironic-uid-gid.patch
%description
The setup package contains a set of important system configuration and
@@ -52,6 +53,7 @@ setup files, such as passwd, group, and profile.
%patch12 -p1
%patch13 -p1
%patch14 -p1
+%patch15 -p1
./shadowconvert.sh
--
2.7.4

View File

@ -1,32 +0,0 @@
From 23dda8869b96f7df3db3fc885ca960b4889c82c0 Mon Sep 17 00:00:00 2001
From: Jerry Sun <jerry.sun@windriver.com>
Date: Thu, 3 Aug 2017 16:18:34 -0400
Subject: [PATCH 12/15] meta add magnum uid and gid
---
SPECS/setup.spec | 2 ++
1 file changed, 2 insertions(+)
diff --git a/SPECS/setup.spec b/SPECS/setup.spec
index 6a871f3..367a13b 100644
--- a/SPECS/setup.spec
+++ b/SPECS/setup.spec
@@ -29,6 +29,7 @@ Patch10: passwd-remove-unused-default-users-and-groups.patch
Patch11: snmpd-fm-user-group.patch
Patch12: remove-unused-default-groups.patch
Patch13: add-fm-user-to-snmpd-group.patch
+Patch14: add-magnum-uid-gid.patch
%description
The setup package contains a set of important system configuration and
@@ -50,6 +51,7 @@ setup files, such as passwd, group, and profile.
%patch11 -p1
%patch12 -p1
%patch13 -p1
+%patch14 -p1
./shadowconvert.sh
--
2.7.4

View File

@ -1,32 +0,0 @@
From 07aca8a7f571059552dceb9a83d7b231e6ba01ff Mon Sep 17 00:00:00 2001
From: Jerry Sun <jerry.sun@windriver.com>
Date: Mon, 8 Jan 2018 12:28:08 -0500
Subject: [PATCH 14/15] meta add murano uid and gid
---
SPECS/setup.spec | 2 ++
1 file changed, 2 insertions(+)
diff --git a/SPECS/setup.spec b/SPECS/setup.spec
index 974113e..7f636ea 100644
--- a/SPECS/setup.spec
+++ b/SPECS/setup.spec
@@ -31,6 +31,7 @@ Patch12: remove-unused-default-groups.patch
Patch13: add-fm-user-to-snmpd-group.patch
Patch14: add-magnum-uid-gid.patch
Patch15: add-ironic-uid-gid.patch
+Patch16: add-murano-uid-gid.patch
%description
The setup package contains a set of important system configuration and
@@ -54,6 +55,7 @@ setup files, such as passwd, group, and profile.
%patch13 -p1
%patch14 -p1
%patch15 -p1
+%patch16 -p1
./shadowconvert.sh
--
2.7.4

View File

@ -1,32 +0,0 @@
From 34c8b5f204877ae54d07248b9729353c8f8dfecf Mon Sep 17 00:00:00 2001
From: Angie Wang <angie.Wang@windriver.com>
Date: Thu, 7 Jun 2018 16:39:08 -0400
Subject: [PATCH 15/15] spec add uid gid for telemetry services
---
SPECS/setup.spec | 2 ++
1 file changed, 2 insertions(+)
diff --git a/SPECS/setup.spec b/SPECS/setup.spec
index 7f636ea..4f11a37 100644
--- a/SPECS/setup.spec
+++ b/SPECS/setup.spec
@@ -32,6 +32,7 @@ Patch13: add-fm-user-to-snmpd-group.patch
Patch14: add-magnum-uid-gid.patch
Patch15: add-ironic-uid-gid.patch
Patch16: add-murano-uid-gid.patch
+Patch17: add-uid-gid-for-telemetry-services.patch
%description
The setup package contains a set of important system configuration and
@@ -56,6 +57,7 @@ setup files, such as passwd, group, and profile.
%patch14 -p1
%patch15 -p1
%patch16 -p1
+%patch17 -p1
./shadowconvert.sh
--
2.7.4

View File

@ -1,43 +0,0 @@
From 236314295289b829e6216022a247017f7c0851c7 Mon Sep 17 00:00:00 2001
From: slin14 <shuicheng.lin@intel.com>
Date: Tue, 7 Aug 2018 22:41:01 +0800
Subject: [PATCH 01/15] setup.spec: to include Titanium Cloud specific changes
To include files under cgcs/recipes-base/setup/files/*
Signed-off-by: slin14 <shuicheng.lin@intel.com>
---
SPECS/setup.spec | 3 +++
1 file changed, 3 insertions(+)
diff --git a/SPECS/setup.spec b/SPECS/setup.spec
index 317132b..4ac1019 100644
--- a/SPECS/setup.spec
+++ b/SPECS/setup.spec
@@ -6,6 +6,7 @@ License: Public Domain
Group: System Environment/Base
URL: https://pagure.io/setup/
Source0: http://releases.pagure.org/%{name}/%{name}-%{version}.tar.bz2
+Source1: motd
BuildArch: noarch
BuildRequires: bash tcsh perl
#require system release for saner dependency order
@@ -59,6 +60,7 @@ chmod 0644 %{buildroot}/var/log/lastlog
touch %{buildroot}/etc/fstab
touch %{buildroot}/etc/subuid
touch %{buildroot}/etc/subgid
+install -m 644 %{SOURCE1} %{buildroot}/etc/
mkdir -p %{buildroot}/etc/profile.d
echo "#Add any required envvar overrides to this file, it is sourced from /etc/profile" >%{buildroot}/etc/profile.d/sh.local
echo "#Add any required envvar overrides to this file, is sourced from /etc/csh.login" >%{buildroot}/etc/profile.d/csh.local
@@ -115,6 +117,7 @@ end
%attr(0600,root,root) %config(noreplace,missingok) /etc/securetty
%config(noreplace) /etc/csh.login
%config(noreplace) /etc/csh.cshrc
+%config(noreplace) /etc/motd
%dir /etc/profile.d
%config(noreplace) /etc/profile.d/sh.local
%config(noreplace) /etc/profile.d/csh.local
--
2.7.4

View File

@ -1,33 +0,0 @@
From 3eb03183dc24b865dd3e84495a82899f39665690 Mon Sep 17 00:00:00 2001
From: slin14 <shuicheng.lin@intel.com>
Date: Tue, 7 Aug 2018 23:17:05 +0800
Subject: [PATCH 11/15] spec-include-add-fm-user-to-snmpd-group
Signed-off-by: slin14 <shuicheng.lin@intel.com>
---
SPECS/setup.spec | 2 ++
1 file changed, 2 insertions(+)
diff --git a/SPECS/setup.spec b/SPECS/setup.spec
index a6465dc..6a871f3 100644
--- a/SPECS/setup.spec
+++ b/SPECS/setup.spec
@@ -28,6 +28,7 @@ Patch9: updating-gids-and-uids-to-support-upgrade-from-wrl.patch
Patch10: passwd-remove-unused-default-users-and-groups.patch
Patch11: snmpd-fm-user-group.patch
Patch12: remove-unused-default-groups.patch
+Patch13: add-fm-user-to-snmpd-group.patch
%description
The setup package contains a set of important system configuration and
@@ -48,6 +49,7 @@ setup files, such as passwd, group, and profile.
%patch10 -p1
%patch11 -p1
%patch12 -p1
+%patch13 -p1
./shadowconvert.sh
--
2.7.4

View File

@ -1,32 +0,0 @@
From f0882fad769c71cb70b44251c79f39e7e13dbc48 Mon Sep 17 00:00:00 2001
From: Kam Nasim <kam.nasim@windriver.com>
Date: Fri, 12 Aug 2016 17:35:28 -0400
Subject: [PATCH 06/15] meta patch for snmpd-user-group.patch
---
SPECS/setup.spec | 2 ++
1 file changed, 2 insertions(+)
diff --git a/SPECS/setup.spec b/SPECS/setup.spec
index 10d151b..db3ed17 100644
--- a/SPECS/setup.spec
+++ b/SPECS/setup.spec
@@ -25,6 +25,7 @@ Patch7: setup-2.8.71-shlocal.patch
Patch8: tis-uid-gid.patch
Patch9: updating-gids-and-uids-to-support-upgrade-from-wrl.patch
Patch10: passwd-remove-unused-default-users-and-groups.patch
+Patch11: snmpd-fm-user-group.patch
%description
The setup package contains a set of important system configuration and
@@ -43,6 +44,7 @@ setup files, such as passwd, group, and profile.
%patch8 -p1
%patch9 -p1
%patch10 -p1
+%patch11 -p1
./shadowconvert.sh
--
2.7.4

View File

@ -1,32 +0,0 @@
From e6d1a2794975f708a682a2094df65e14ddaa1eb0 Mon Sep 17 00:00:00 2001
From: Don Penney <dpenney@yow-dpenney-lx.corp.ad.wrs.com>
Date: Mon, 25 Apr 2016 13:15:13 -0400
Subject: [PATCH 02/15] WRS: spec-include-tis-uid-gid.patch
---
SPECS/setup.spec | 2 ++
1 file changed, 2 insertions(+)
diff --git a/SPECS/setup.spec b/SPECS/setup.spec
index 4ac1019..72cbcba 100644
--- a/SPECS/setup.spec
+++ b/SPECS/setup.spec
@@ -21,6 +21,7 @@ Patch4: setup-2.8.71-filesystems.patch
Patch5: setup-2.8.71-fullpath.patch
Patch6: setup-2.8.71-tapeid.patch
Patch7: setup-2.8.71-shlocal.patch
+Patch8: tis-uid-gid.patch
%description
The setup package contains a set of important system configuration and
@@ -36,6 +37,7 @@ setup files, such as passwd, group, and profile.
%patch5 -p1
%patch6 -p1
%patch7 -p1
+%patch8 -p1
./shadowconvert.sh
--
2.7.4

View File

@ -1,33 +0,0 @@
From 1285d1381237a94df55df913aa268cd5bb9c6b89 Mon Sep 17 00:00:00 2001
From: Michel Thebeau <michel.thebeau@windriver.com>
Date: Thu, 21 Jul 2016 11:47:55 -0400
Subject: [PATCH 05/15] spec: add patch to remove unused users and groups
Signed-off-by: Michel Thebeau <michel.thebeau@windriver.com>
---
SPECS/setup.spec | 2 ++
1 file changed, 2 insertions(+)
diff --git a/SPECS/setup.spec b/SPECS/setup.spec
index 18283cd..10d151b 100644
--- a/SPECS/setup.spec
+++ b/SPECS/setup.spec
@@ -24,6 +24,7 @@ Patch6: setup-2.8.71-tapeid.patch
Patch7: setup-2.8.71-shlocal.patch
Patch8: tis-uid-gid.patch
Patch9: updating-gids-and-uids-to-support-upgrade-from-wrl.patch
+Patch10: passwd-remove-unused-default-users-and-groups.patch
%description
The setup package contains a set of important system configuration and
@@ -41,6 +42,7 @@ setup files, such as passwd, group, and profile.
%patch7 -p1
%patch8 -p1
%patch9 -p1
+%patch10 -p1
./shadowconvert.sh
--
2.7.4

View File

@ -1,33 +0,0 @@
From 22d06a6c5c7b44db10060bf95b623dc3c1943a9a Mon Sep 17 00:00:00 2001
From: Michel Thebeau <michel.thebeau@windriver.com>
Date: Fri, 19 Aug 2016 09:28:43 -0400
Subject: [PATCH 08/15] spec: add patch to remove unused groups
Signed-off-by: Michel Thebeau <michel.thebeau@windriver.com>
---
SPECS/setup.spec | 2 ++
1 file changed, 2 insertions(+)
diff --git a/SPECS/setup.spec b/SPECS/setup.spec
index a612d24..3ad2458 100644
--- a/SPECS/setup.spec
+++ b/SPECS/setup.spec
@@ -26,6 +26,7 @@ Patch8: tis-uid-gid.patch
Patch9: updating-gids-and-uids-to-support-upgrade-from-wrl.patch
Patch10: passwd-remove-unused-default-users-and-groups.patch
Patch11: snmpd-fm-user-group.patch
+Patch12: remove-unused-default-groups.patch
%description
The setup package contains a set of important system configuration and
@@ -45,6 +46,7 @@ setup files, such as passwd, group, and profile.
%patch9 -p1
%patch10 -p1
%patch11 -p1
+%patch12 -p1
./shadowconvert.sh
--
2.7.4

View File

@ -1,46 +0,0 @@
From d298b3b8a8a27e23d1589b99a2f9419505563a92 Mon Sep 17 00:00:00 2001
From: slin14 <shuicheng.lin@intel.com>
Date: Tue, 7 Aug 2018 22:53:18 +0800
Subject: [PATCH 03/15] setup.spec: add custom shell login prompt
A user can be set to use "sh" (which points to bash) as login prompt.
This makes the login shell to enter "POSIX" mode which will only
read/executes file /etc/profle and files in /etc/profiled.d. So create
custom login prompt in /etc/profiles.d
Signed-off-by: slin14 <shuicheng.lin@intel.com>
---
SPECS/setup.spec | 3 +++
1 file changed, 3 insertions(+)
diff --git a/SPECS/setup.spec b/SPECS/setup.spec
index 72cbcba..aa6b36e 100644
--- a/SPECS/setup.spec
+++ b/SPECS/setup.spec
@@ -7,6 +7,7 @@ Group: System Environment/Base
URL: https://pagure.io/setup/
Source0: http://releases.pagure.org/%{name}/%{name}-%{version}.tar.bz2
Source1: motd
+Source2: prompt.sh
BuildArch: noarch
BuildRequires: bash tcsh perl
#require system release for saner dependency order
@@ -63,6 +64,7 @@ touch %{buildroot}/etc/fstab
touch %{buildroot}/etc/subuid
touch %{buildroot}/etc/subgid
install -m 644 %{SOURCE1} %{buildroot}/etc/
+install -m 644 %{SOURCE2} %{buildroot}/etc/profile.d/prompt.sh
mkdir -p %{buildroot}/etc/profile.d
echo "#Add any required envvar overrides to this file, it is sourced from /etc/profile" >%{buildroot}/etc/profile.d/sh.local
echo "#Add any required envvar overrides to this file, is sourced from /etc/csh.login" >%{buildroot}/etc/profile.d/csh.local
@@ -121,6 +123,7 @@ end
%config(noreplace) /etc/csh.cshrc
%config(noreplace) /etc/motd
%dir /etc/profile.d
+/etc/profile.d/prompt.sh
%config(noreplace) /etc/profile.d/sh.local
%config(noreplace) /etc/profile.d/csh.local
%config(noreplace) %verify(not md5 size mtime) /etc/shells
--
2.7.4

View File

@ -1,33 +0,0 @@
From 935277306d01c917b81fa33ebc7f27b0edd61f7f Mon Sep 17 00:00:00 2001
From: Bart Wensley <barton.wensley@windriver.com>
Date: Mon, 27 Jun 2016 12:28:36 -0400
Subject: [PATCH 04/15]
updating-gids-and-uids-to-support-upgrade-from-wrl.patch
---
SPECS/setup.spec | 2 ++
1 file changed, 2 insertions(+)
diff --git a/SPECS/setup.spec b/SPECS/setup.spec
index aa6b36e..18283cd 100644
--- a/SPECS/setup.spec
+++ b/SPECS/setup.spec
@@ -23,6 +23,7 @@ Patch5: setup-2.8.71-fullpath.patch
Patch6: setup-2.8.71-tapeid.patch
Patch7: setup-2.8.71-shlocal.patch
Patch8: tis-uid-gid.patch
+Patch9: updating-gids-and-uids-to-support-upgrade-from-wrl.patch
%description
The setup package contains a set of important system configuration and
@@ -39,6 +40,7 @@ setup files, such as passwd, group, and profile.
%patch6 -p1
%patch7 -p1
%patch8 -p1
+%patch9 -p1
./shadowconvert.sh
--
2.7.4

View File

@ -0,0 +1,122 @@
From ea7244550eb6369536f0f0484f5091a77a1c0aaf Mon Sep 17 00:00:00 2001
From: zhipengl <zhipengs.liu@intel.com>
Date: Sun, 18 Nov 2018 10:26:34 +0000
Subject: [PATCH] Change group,passwd,and uidgid
Signed-off-by: zhipengl <zhipengs.liu@intel.com>
---
group | 30 ++++++++++++++++++++----------
passwd | 27 +++++++++++++++++++--------
uidgid | 3 +++
3 files changed, 42 insertions(+), 18 deletions(-)
diff --git a/group b/group
index 2753bd8..101a7a0 100644
--- a/group
+++ b/group
@@ -1,24 +1,34 @@
root::0:
-bin::1:
-daemon::2:
sys::3:
-adm::4:
tty::5:
disk::6:
-lp::7:
-mem::8:
kmem::9:
wheel::10:
cdrom::11:
mail::12:
-man::15:
dialout::18:
floppy::19:
-games::20:
tape::33:
-video::39:
-ftp::50:
lock::54:
-audio::63:
nobody::99:
users::100:
+murano:x:105:murano
+postgres:x:120:
+rabbitmq:x:121:
+glance:x:161:glance
+nova:x:162:nova
+keystone:x:163:keystone
+neutron:x:164:neutron
+cinder:x:165:cinder
+ceilometer:x:166:ceilometer
+sysinv:x:168:sysinv
+snmpd:x:169:snmpd,fm
+nfv:x:172:nfv
+heat:x:187:heat
+fm:x:195:fm
+panko:x:989:panko,ceilometer
+gnocchi:x:990:gnocchi
+libvirt:x:991:nova
+aodh:x:992:aodh
+magnum:x:1870:magnum
+ironic:x:1874:ironic
diff --git a/passwd b/passwd
index 6c6a8eb..bfd8ee0 100644
--- a/passwd
+++ b/passwd
@@ -1,13 +1,24 @@
root:*:0:0:root:/root:/bin/bash
-bin:*:1:1:bin:/bin:/sbin/nologin
-daemon:*:2:2:daemon:/sbin:/sbin/nologin
-adm:*:3:4:adm:/var/adm:/sbin/nologin
-lp:*:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:*:5:0:sync:/sbin:/bin/sync
shutdown:*:6:0:shutdown:/sbin:/sbin/shutdown
halt:*:7:0:halt:/sbin:/sbin/halt
-mail:*:8:12:mail:/var/spool/mail:/sbin/nologin
-operator:*:11:0:operator:/root:/sbin/nologin
-games:*:12:100:games:/usr/games:/sbin/nologin
-ftp:*:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:*:99:99:Nobody:/:/sbin/nologin
+murano:x:105:105:OpenStack Murano Daemons:/home/murano:/sbin/nologin
+postgres:x:120:120:PostgreSQL Server:/var/lib/pgsql:/bin/sh
+rabbitmq:x:121:121::/var/lib/rabbitmq:/bin/sh
+glance:x:161:161:OpenStack Glance Daemons:/opt/cgcs/glance:/sbin/nologin
+neutron:x:164:164:OpenStack Neutron Daemons:/var/lib/neutron:/sbin/nologin
+cinder:x:165:165:OpenStack Cinder Daemons:/var/lib/cinder:/sbin/nologin
+sysinv:x:168:168:sysinv Daemons:/var/lib/sysinv:/sbin/nologin
+snmpd:x:169:169:net-snmp:/usr/share/snmp:/sbin/nologin
+nfv:x:172:172:nfvi:/var/lib/nfv:/sbin/nologin
+fm:x:195:195:fm-mgr:/var/lib/fm:/sbin/nologin
+ceilometer:x:991:166::/home/ceilometer:/bin/sh
+heat:x:992:187::/home/heat:/bin/sh
+keystone:x:993:163::/home/keystone:/bin/sh
+nova:x:994:162::/var/lib/nova:/bin/false
+panko:x:995:989:OpenStack panko Daemons:/var/lib/panko:/sbin/nologin
+gnocchi:x:996:990:gnocchi Daemons:/var/lib/gnocchi:/sbin/nologin
+aodh:x:997:992:OpenStack aodh Daemons:/var/lib/aodh:/sbin/nologin
+magnum:x:1870:1870:OpenStack Magnum Daemons:/var/lib/magnum:/sbin/nologin
+ironic:x:1874:1874:OpenStack Ironic Daemons:/var/lib/ironic:/sbin/nologin
diff --git a/uidgid b/uidgid
index c6bbd4b..f779665 100644
--- a/uidgid
+++ b/uidgid
@@ -134,6 +134,8 @@ quantum 164 164 /var/lib/quantum /sbin/nologin openstack-quantum
cinder 165 165 /var/lib/cinder /sbin/nologin openstack-cinder
ceilometer 166 166 /var/lib/ceilometer /sbin/nologin openstack-ceilometer
ceph 167 167 /var/lib/ceph /sbin/nologin ceph-common
+sysinv 168 168 /var/lib/sysinv /sbin/nologin sysinv
+snmpd 169 169 /usr/share/snmp /sbin/nologin net-snmp
avahi-autoipd 170 170 /var/lib/avahi-autoipd /sbin/nologin avahi
pulse 171 171 /var/run/pulse /sbin/nologin pulseaudio
rtkit 172 172 /proc /sbin/nologin rtkit
@@ -163,6 +165,7 @@ systemd-network 192 192 / /sbin/nologin systemd
systemd-resolve 193 193 / /sbin/nologin systemd
gnats ? ? ? ? gnats, gnats-db
listar ? ? ? ? listar
+fm 195 195 /var/lib/fm /sbin/nologin fm-mgr
nfsnobody 65534 65534 /var/lib/nfs /sbin/nologin nfs-utils
# Note: nfsnobody is 4294967294 on 64-bit platforms (-2)
--
1.8.3.1

View File

@ -1,26 +0,0 @@
From 02610c6c7bf89593a9b1e98eb5ee0cfba5c48707 Mon Sep 17 00:00:00 2001
From: slin14 <shuicheng.lin@intel.com>
Date: Thu, 16 Aug 2018 00:13:14 +0800
Subject: [PATCH] add-fm-user-to-snmpd-group
Signed-off-by: slin14 <shuicheng.lin@intel.com>
---
group | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/group b/group
index a3bb69e..9b77aae 100644
--- a/group
+++ b/group
@@ -21,7 +21,7 @@ neutron:x:164:neutron
cinder:x:165:cinder
ceilometer:x:166:ceilometer
sysinv:x:168:sysinv
-snmpd:x:169:snmpd
+snmpd:x:169:snmpd,fm
heat:x:187:heat
nfv:x:172:nfv
fm:x:195:fm
--
2.7.4

View File

@ -1,32 +0,0 @@
From 15d0ef24f88290887f1e154352b53f373a04e783 Mon Sep 17 00:00:00 2001
From: slin14 <shuicheng.lin@intel.com>
Date: Thu, 16 Aug 2018 00:15:04 +0800
Subject: [PATCH] add-ironic-uid-gid
Signed-off-by: slin14 <shuicheng.lin@intel.com>
---
group | 1 +
passwd | 1 +
2 files changed, 2 insertions(+)
diff --git a/group b/group
index f6a75e5..d9050fa 100644
--- a/group
+++ b/group
@@ -27,3 +27,4 @@ nfv:x:172:nfv
fm:x:195:fm
libvirt:x:991:nova
magnum:x:1870:magnum
+ironic:x:1874:ironic
diff --git a/passwd b/passwd
index fce82e7..fb49ea3 100644
--- a/passwd
+++ b/passwd
@@ -17,3 +17,4 @@ postgres:x:120:120:PostgreSQL Server:/var/lib/pgsql:/bin/sh
snmpd:x:169:169:net-snmp:/usr/share/snmp:/sbin/nologin
fm:x:195:195:fm-mgr:/var/lib/fm:/sbin/nologin
magnum:x:1870:1870:OpenStack Magnum Daemons:/var/lib/magnum:/sbin/nologin
+ironic:x:1874:1874:OpenStack Ironic Daemons:/var/lib/ironic:/sbin/nologin
--
2.7.4

View File

@ -1,31 +0,0 @@
From b7fa16379bf880fb0fe5d36cd2dac9182176d433 Mon Sep 17 00:00:00 2001
From: Jerry Sun <jerry.sun@windriver.com>
Date: Thu, 3 Aug 2017 16:11:37 -0400
Subject: [PATCH 1/1] Added magnum uid/gid to the group and passwd files
---
group | 1 +
passwd | 1 +
2 files changed, 2 insertions(+)
diff --git a/group b/group
index 8924954..7d0244f 100644
--- a/group
+++ b/group
@@ -26,3 +26,4 @@ heat:x:187:heat
nfv:x:172:nfv
fm:x:195:fm
libvirt:x:991:nova
+magnum:x:1870:magnum
diff --git a/passwd b/passwd
index 2fb16ee..fce82e7 100644
--- a/passwd
+++ b/passwd
@@ -16,3 +16,4 @@ nfv:x:172:172:nfvi:/var/lib/nfv:/sbin/nologin
postgres:x:120:120:PostgreSQL Server:/var/lib/pgsql:/bin/sh
snmpd:x:169:169:net-snmp:/usr/share/snmp:/sbin/nologin
fm:x:195:195:fm-mgr:/var/lib/fm:/sbin/nologin
+magnum:x:1870:1870:OpenStack Magnum Daemons:/var/lib/magnum:/sbin/nologin
--
1.8.3.1

View File

@ -1,31 +0,0 @@
From daeb87a5c097ad17ccbb90c6f15b9042bb991b7a Mon Sep 17 00:00:00 2001
From: Jerry Sun <jerry.sun@windriver.com>
Date: Mon, 8 Jan 2018 12:25:06 -0500
Subject: [PATCH 1/1] Added murano uid/gid to the group and passwd files
---
group | 1 +
passwd | 1 +
2 files changed, 2 insertions(+)
diff --git a/group b/group
index 9979b99..22fa91d 100644
--- a/group
+++ b/group
@@ -28,3 +28,4 @@ fm:x:195:fm
libvirt:x:991:nova
magnum:x:1870:magnum
ironic:x:1874:ironic
+murano:x:105:murano
diff --git a/passwd b/passwd
index fb49ea3..dfb96b7 100644
--- a/passwd
+++ b/passwd
@@ -18,3 +18,4 @@ snmpd:x:169:169:net-snmp:/usr/share/snmp:/sbin/nologin
fm:x:195:195:fm-mgr:/var/lib/fm:/sbin/nologin
magnum:x:1870:1870:OpenStack Magnum Daemons:/var/lib/magnum:/sbin/nologin
ironic:x:1874:1874:OpenStack Ironic Daemons:/var/lib/ironic:/sbin/nologin
+murano:x:105:105:OpenStack Murano Daemons:/home/murano:/sbin/nologin
--
1.8.3.1

View File

@ -1,35 +0,0 @@
From 5d0869348945228a40c60fc5316d53b1e93e8bce Mon Sep 17 00:00:00 2001
From: Angie Wang <angie.Wang@windriver.com>
Date: Thu, 7 Jun 2018 16:35:19 -0400
Subject: [PATCH] add uid gid for telemetry services
---
group | 3 +++
passwd | 3 +++
2 files changed, 6 insertions(+)
diff --git a/group b/group
index 22fa91d..551b1e4 100644
--- a/group
+++ b/group
@@ -29,3 +29,6 @@ libvirt:x:991:nova
magnum:x:1870:magnum
ironic:x:1874:ironic
murano:x:105:murano
+aodh:x:992:aodh
+gnocchi:x:990:gnocchi
+panko:x:989:panko,ceilometer
diff --git a/passwd b/passwd
index dfb96b7..bfd8ee0 100644
--- a/passwd
+++ b/passwd
@@ -19,3 +19,6 @@ fm:x:195:195:fm-mgr:/var/lib/fm:/sbin/nologin
magnum:x:1870:1870:OpenStack Magnum Daemons:/var/lib/magnum:/sbin/nologin
ironic:x:1874:1874:OpenStack Ironic Daemons:/var/lib/ironic:/sbin/nologin
murano:x:105:105:OpenStack Murano Daemons:/home/murano:/sbin/nologin
+aodh:x:997:992:OpenStack aodh Daemons:/var/lib/aodh:/sbin/nologin
+gnocchi:x:996:990:gnocchi Daemons:/var/lib/gnocchi:/sbin/nologin
+panko:x:995:989:OpenStack panko Daemons:/var/lib/panko:/sbin/nologin
--
1.8.3.1

View File

@ -1,66 +0,0 @@
From fed037afbe78b47d46dbbd5838468e57bfe19884 Mon Sep 17 00:00:00 2001
From: Michel Thebeau <michel.thebeau@windriver.com>
Date: Thu, 11 Aug 2016 18:24:25 -0400
Subject: [PATCH] passwd: remove unused default users and groups
A customer request to remove unused users and groups. These are default
users/groups on centos which have no bearing on a Titanium Cloud cluster.
Signed-off-by: Michel Thebeau <michel.thebeau@windriver.com>
---
group | 8 --------
passwd | 8 --------
2 files changed, 16 deletions(-)
diff --git a/group b/group
index 825edbb..0a0a1b0 100644
--- a/group
+++ b/group
@@ -1,11 +1,7 @@
root::0:
-bin::1:
-daemon::2:
sys::3:
-adm::4:
tty::5:
disk::6:
-lp::7:
mem::8:
kmem::9:
wheel::10:
@@ -14,12 +10,8 @@ mail::12:
man::15:
dialout::18:
floppy::19:
-games::20:
tape::33:
-video::39:
-ftp::50:
lock::54:
-audio::63:
nobody::99:
users::100:
postgres:x:120:
diff --git a/passwd b/passwd
index 548435f..46a3d52 100644
--- a/passwd
+++ b/passwd
@@ -1,15 +1,7 @@
root:*:0:0:root:/root:/bin/bash
-bin:*:1:1:bin:/bin:/sbin/nologin
-daemon:*:2:2:daemon:/sbin:/sbin/nologin
-adm:*:3:4:adm:/var/adm:/sbin/nologin
-lp:*:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:*:5:0:sync:/sbin:/bin/sync
shutdown:*:6:0:shutdown:/sbin:/sbin/shutdown
halt:*:7:0:halt:/sbin:/sbin/halt
-mail:*:8:12:mail:/var/spool/mail:/sbin/nologin
-operator:*:11:0:operator:/root:/sbin/nologin
-games:*:12:100:games:/usr/games:/sbin/nologin
-ftp:*:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:*:99:99:Nobody:/:/sbin/nologin
rabbitmq:x:121:121::/var/lib/rabbitmq:/bin/sh
nova:x:994:162::/var/lib/nova:/bin/false
--
2.7.4

View File

@ -1,35 +0,0 @@
From dbc791c8f24ffac0d98e86213e4d592660f6087c Mon Sep 17 00:00:00 2001
From: Michel Thebeau <michel.thebeau@windriver.com>
Date: Fri, 19 Aug 2016 09:21:44 -0400
Subject: [PATCH] CGTS-4685: setup: remove unused default groups
A customer request to remove unused users and groups. These are default
users/groups on centos which have no bearing on a Titanium Cloud cluster.
Two additional groups are removed: mem, man
Signed-off-by: Michel Thebeau <michel.thebeau@windriver.com>
---
group | 2 --
1 file changed, 2 deletions(-)
diff --git a/group b/group
index 42a8ed1..a3bb69e 100644
--- a/group
+++ b/group
@@ -2,12 +2,10 @@ root::0:
sys::3:
tty::5:
disk::6:
-mem::8:
kmem::9:
wheel::10:
cdrom::11:
mail::12:
-man::15:
dialout::18:
floppy::19:
tape::33:
--
2.7.4

View File

@ -1,61 +0,0 @@
From 725f6245c1a45973731eb853e9e1b0d388295f92 Mon Sep 17 00:00:00 2001
From: Kam Nasim <kam.nasim@windriver.com>
Date: Fri, 12 Aug 2016 17:40:31 -0400
Subject: [PATCH] US84147: Security: NON-OPENSTACK Processes: External services
must run as non-root
Add new snmpd and fm users/groups so that those services may be run as
non-root.
---
group | 2 ++
passwd | 2 ++
uidgid | 3 +++
3 files changed, 7 insertions(+)
diff --git a/group b/group
index 87a03c1..8794dde 100644
--- a/group
+++ b/group
@@ -23,6 +23,8 @@ neutron:x:164:neutron
cinder:x:165:cinder
ceilometer:x:166:ceilometer
sysinv:x:168:sysinv
+snmpd:x:169:snmpd
heat:x:187:heat
nfv:x:172:nfv
+fm:x:195:fm
libvirt:x:991:nova
diff --git a/passwd b/passwd
index 46a3d52..2fb16ee 100644
--- a/passwd
+++ b/passwd
@@ -14,3 +14,5 @@ heat:x:992:187::/home/heat:/bin/sh
ceilometer:x:991:166::/home/ceilometer:/bin/sh
nfv:x:172:172:nfvi:/var/lib/nfv:/sbin/nologin
postgres:x:120:120:PostgreSQL Server:/var/lib/pgsql:/bin/sh
+snmpd:x:169:169:net-snmp:/usr/share/snmp:/sbin/nologin
+fm:x:195:195:fm-mgr:/var/lib/fm:/sbin/nologin
diff --git a/uidgid b/uidgid
index c6bbd4b..f779665 100644
--- a/uidgid
+++ b/uidgid
@@ -134,6 +134,8 @@ quantum 164 164 /var/lib/quantum /sbin/nologin openstack-quantum
cinder 165 165 /var/lib/cinder /sbin/nologin openstack-cinder
ceilometer 166 166 /var/lib/ceilometer /sbin/nologin openstack-ceilometer
ceph 167 167 /var/lib/ceph /sbin/nologin ceph-common
+sysinv 168 168 /var/lib/sysinv /sbin/nologin sysinv
+snmpd 169 169 /usr/share/snmp /sbin/nologin net-snmp
avahi-autoipd 170 170 /var/lib/avahi-autoipd /sbin/nologin avahi
pulse 171 171 /var/run/pulse /sbin/nologin pulseaudio
rtkit 172 172 /proc /sbin/nologin rtkit
@@ -163,6 +165,7 @@ systemd-network 192 192 / /sbin/nologin systemd
systemd-resolve 193 193 / /sbin/nologin systemd
gnats ? ? ? ? gnats, gnats-db
listar ? ? ? ? listar
+fm 195 195 /var/lib/fm /sbin/nologin fm-mgr
nfsnobody 65534 65534 /var/lib/nfs /sbin/nologin nfs-utils
# Note: nfsnobody is 4294967294 on 64-bit platforms (-2)
--
1.8.3.1

View File

@ -1,50 +0,0 @@
From fcfa685f89f2dbabf8b73e64cb0941098269856e Mon Sep 17 00:00:00 2001
From: Don Penney <dpenney@yow-dpenney-lx.corp.ad.wrs.com>
Date: Mon, 25 Apr 2016 13:06:49 -0400
Subject: [PATCH 1/1] WRS: Patch5: tis-uid-gid.patch
---
group | 11 +++++++++++
passwd | 10 ++++++++++
2 files changed, 21 insertions(+)
diff --git a/group b/group
index be01f5c..3a0560d 100644
--- a/group
+++ b/group
@@ -22,3 +22,14 @@ lock::54:
audio::63:
nobody::99:
users::100:
+rabbitmq:x:121:
+glance:x:161:glance
+nova:x:162:nova
+keystone:x:163:keystone
+neutron:x:164:neutron
+cinder:x:165:cinder
+ceilometer:x:166:ceilometer
+sysinv:x:168:sysinv
+heat:x:187:heat
+nfv:x:172:nfv
+libvirt:x:991:nova
diff --git a/passwd b/passwd
index 6c6a8eb..3f28c4e 100644
--- a/passwd
+++ b/passwd
@@ -11,3 +11,13 @@ operator:*:11:0:operator:/root:/sbin/nologin
games:*:12:100:games:/usr/games:/sbin/nologin
ftp:*:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:*:99:99:Nobody:/:/sbin/nologin
+rabbitmq:x:121:121::/var/lib/rabbitmq:/bin/sh
+nova:x:994:992::/var/lib/nova:/bin/false
+keystone:x:993:991::/home/keystone:/bin/sh
+glance:x:161:161:OpenStack Glance Daemons:/opt/cgcs/glance:/sbin/nologin
+cinder:x:165:165:OpenStack Cinder Daemons:/var/lib/cinder:/sbin/nologin
+sysinv:x:168:168:sysinv Daemons:/var/lib/sysinv:/sbin/nologin
+neutron:x:164:164:OpenStack Neutron Daemons:/var/lib/neutron:/sbin/nologin
+heat:x:992:990::/home/heat:/bin/sh
+ceilometer:x:991:989::/home/ceilometer:/bin/sh
+nfv:x:172:172:nfvi:/var/lib/nfv:/sbin/nologin
--
1.8.3.1

View File

@ -1,47 +0,0 @@
From c254a8d2bfdcd4509f84b34ca0d92068a2b28618 Mon Sep 17 00:00:00 2001
From: Bart Wensley <barton.wensley@windriver.com>
Date: Wed, 29 Jun 2016 08:15:32 -0400
Subject: [PATCH 1/1] updating gids and uids to support upgrade from wrl
---
group | 1 +
passwd | 9 +++++----
2 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/group b/group
index 3a0560d..c21e2de 100644
--- a/group
+++ b/group
@@ -22,6 +22,7 @@ lock::54:
audio::63:
nobody::99:
users::100:
+postgres:x:120:
rabbitmq:x:121:
glance:x:161:glance
nova:x:162:nova
diff --git a/passwd b/passwd
index 3f28c4e..548435f 100644
--- a/passwd
+++ b/passwd
@@ -12,12 +12,13 @@ games:*:12:100:games:/usr/games:/sbin/nologin
ftp:*:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:*:99:99:Nobody:/:/sbin/nologin
rabbitmq:x:121:121::/var/lib/rabbitmq:/bin/sh
-nova:x:994:992::/var/lib/nova:/bin/false
-keystone:x:993:991::/home/keystone:/bin/sh
+nova:x:994:162::/var/lib/nova:/bin/false
+keystone:x:993:163::/home/keystone:/bin/sh
glance:x:161:161:OpenStack Glance Daemons:/opt/cgcs/glance:/sbin/nologin
cinder:x:165:165:OpenStack Cinder Daemons:/var/lib/cinder:/sbin/nologin
sysinv:x:168:168:sysinv Daemons:/var/lib/sysinv:/sbin/nologin
neutron:x:164:164:OpenStack Neutron Daemons:/var/lib/neutron:/sbin/nologin
-heat:x:992:990::/home/heat:/bin/sh
-ceilometer:x:991:989::/home/ceilometer:/bin/sh
+heat:x:992:187::/home/heat:/bin/sh
+ceilometer:x:991:166::/home/ceilometer:/bin/sh
nfv:x:172:172:nfvi:/var/lib/nfv:/sbin/nologin
+postgres:x:120:120:PostgreSQL Server:/var/lib/pgsql:/bin/sh
--
1.8.3.1

View File

@ -168,6 +168,7 @@ initscripts-config
# setup
setup
setup-config
# nss-pam-ldapd
nss-pam-ldapd

View File

@ -1,6 +1,7 @@
tools/vm-topology
base/initscripts
base/initscripts-config
base/setup-config
base/setup
utilities/namespace-utils
base/centos-release-config

View File

@ -14,6 +14,7 @@ Source2: clear_shadow_locks.service
BuildArch: noarch
# systemd provides %{_unitdir}
BuildRequires: systemd
Requires: setup
Requires: shadow-utils
%define debug_package %{nil}