On Fri, Jul 28, 2023 at 5:40 AM Alex Kiernan <alex.kier...@gmail.com> wrote: > > To avoid errors from eudev/udev we need an sgx group, but if we add it > via groupadd that causes shadow login to be brought into an image, which > causes images which have CONFIG_MULTIUSER unset to fail with `setgid: > Function not implemented` as shadow's login doesn't implement the > heuristics which busybox has to handle this kernel configuration.
Firstly, thank you very much for fixing this. I was having lots of trouble with it. I just wanted to point out that the underlying sgx issue is unique to Intel/x86. So, it might make sense to only apply this patch in this case. Thanks, Jon > Signed-off-by: Alex Kiernan <alex.kier...@gmail.com> > --- > > .../0001-base-passwd-Add-the-sgx-group.patch | 30 +++++++++++++++++++ > .../base-passwd/base-passwd_3.6.1.bb | 1 + > 2 files changed, 31 insertions(+) > create mode 100644 > meta/recipes-core/base-passwd/base-passwd/0001-base-passwd-Add-the-sgx-group.patch > > diff --git > a/meta/recipes-core/base-passwd/base-passwd/0001-base-passwd-Add-the-sgx-group.patch > > b/meta/recipes-core/base-passwd/base-passwd/0001-base-passwd-Add-the-sgx-group.patch > new file mode 100644 > index 000000000000..e1340e1b70cf > --- /dev/null > +++ > b/meta/recipes-core/base-passwd/base-passwd/0001-base-passwd-Add-the-sgx-group.patch > @@ -0,0 +1,30 @@ > +From 9e57771d138ac423d5139b984b8c869122ce4976 Mon Sep 17 00:00:00 2001 > +From: Alex Kiernan <al...@zuma.ai> > +Date: Fri, 28 Jul 2023 10:28:57 +0100 > +Subject: [PATCH] base-passwd: Add the sgx group > + > +To avoid errors from eudev/udev we need an sgx group, but if we add it > +via groupadd that causes shadow login to be brought into an image, which > +causes images which have CONFIG_MULTIUSER unset to fail with `setgid: > +Function not implemented` as shadow's login doesn't implement the > +heuristics which busybox has to handle this kernel configuration. > + > +Upstream-Status: Inappropriate [oe-specific] > + > +Signed-off-by: Alex Kiernan <alex.kier...@gmail.com> > +--- > + group.master | 1 + > + 1 file changed, 1 insertion(+) > + > +diff --git a/group.master b/group.master > +index d34d2b832d43..e54fd1d2c6dc 100644 > +--- a/group.master > ++++ b/group.master > +@@ -34,6 +34,7 @@ video:*:44: > + sasl:*:45: > + plugdev:*:46: > + kvm:*:47: > ++sgx:*:48: > + staff:*:50: > + games:*:60: > + shutdown:*:70: > diff --git a/meta/recipes-core/base-passwd/base-passwd_3.6.1.bb > b/meta/recipes-core/base-passwd/base-passwd_3.6.1.bb > index 204016b3e72e..44bcfb019930 100644 > --- a/meta/recipes-core/base-passwd/base-passwd_3.6.1.bb > +++ b/meta/recipes-core/base-passwd/base-passwd_3.6.1.bb > @@ -13,6 +13,7 @@ SRC_URI = > "https://launchpad.net/debian/+archive/primary/+files/${BPN}_${PV}.tar > file://0005-Add-kvm-group.patch \ > > file://0006-Make-it-possible-to-configure-whether-to-use-SELinux.patch \ > file://0007-Add-wheel-group.patch \ > + file://0001-base-passwd-Add-the-sgx-group.patch \ > " > > SRC_URI[sha256sum] = > "6ff369be59d586ba63c0c5fcb00f75f9953fe49db88bc6c6428f2c92866f79af" > -- > 2.39.0 > > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#185027): https://lists.openembedded.org/g/openembedded-core/message/185027 Mute This Topic: https://lists.openembedded.org/mt/100407464/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
