On Wed, 2023-11-29 at 11:56 +0000, Ross Burton wrote: > On 14 Nov 2023, at 20:34, Joakim Tjernlund via lists.openembedded.org > <Joakim.Tjernlund=infinera....@lists.openembedded.org> wrote: > > > > These patches adds the possibility to store passwd/shadow files > > in a sub dir, like /etc/pwdb > > In a RO Root FS one can bind mount a writeable dir on /etc/pwdb > > to support password changes etc. > > What’s so special about passwd/shadow that they need special treatment in for > read-only rootfs? What happens when you next want to support changes to > /etc/group: do we add another variable for that, or re-use PW_SUBDIR? What > about /etc/hostname? This has a scaling problem: it’s solving your one > particular problem but not the general problem. > You don't think most users want to change default passwd in systems? group is included in this patch too should you want to add/change group /etc/hostname can be fixed by using a symlink but managing passwd changes can not as shadow does not follow symlinks. --root/--prefix options in shadow only works for root user
> Anyway, isn’t this a solved problem by using overlayfs? That would create other problems, the underlaying RO FS needs to stay unchanged over time and a SW upgrade updating RO FS can change anything in /etc. Could also be considered a security issue as one could update any file in /etc Jocke > > Ross
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191448): https://lists.openembedded.org/g/openembedded-core/message/191448 Mute This Topic: https://lists.openembedded.org/mt/102591944/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
