summaryrefslogtreecommitdiff
path: root/meta-phosphor/recipes-core/base-files
AgeCommit message (Collapse)AuthorFilesLines
2021-04-12Enable Systemd NSS module to support DynamicUsersAnton D. Kachalov1-0/+2
DynamicUsers flag in systemd service configuration file required to create, handle and recycle temporary users. This is essential module for upcoming daemons' privilege separation work. Reference: https://github.com/openbmc/openbmc/issues/3383 Signed-off-by: Anton D. Kachalov <gmouse@google.com> Change-Id: Iabd709c4a20f754fc6ea505e640b2d361aba0be2
2020-09-01meta-phosphor: ldap: nsswitch: add rootfs posthookBrad Bishop2-25/+1
An ldap image feature was recently added. If the image feature is used without the distro feature, nsswitch will have the wrong content and the function won't work. Move this logic to a rootfs post hook so that the distro feature is not required (and can be deprecated) and because this is the expected way to make these sorts of modifications to base files anyway. (From meta-phosphor rev: 22de160c862b4cf4fee2a3f62e9bd7fad807344d) Change-Id: I1bc69a96e833801c58bebce68b633e8550982fb8 Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com> Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
2020-07-15base-files: Add fstab for eMMCAdriana Kobylak2-0/+10
For eMMC, let the initramfs mount the read-only rootfs, read-write, and overlay filesystems, then have fstab setup any additional mounts such as bind mounts. (From meta-phosphor rev: 06cbc8e09667d07e2b575e08a15c4f09f66ebd0e) Change-Id: Icb2e1d360b301752b4a0458d20243520eb6e27e4 Signed-off-by: Adriana Kobylak <anoo@us.ibm.com> Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
2019-04-29Enable reverse-path filter for IPv4Vernon Mauery2-0/+9
/proc/sys/net/ipv4/conf/*/rp_filter enforces filtering of packets to make sure that only packets that match the route can be sent on an interface. This is recommended for reducing IP spoofing as will as allowing for proper UDP behavior when multiple configured NICs have the same subnet. This is needed for the upcoming change of phosphor-ipmi-net, were its socket file uses the bind-to-device option to be able to bind each instance to a single network interface. This allows each RMCP+ bridge to accept only incoming packets on that interface. But in order to do this with two NICs on the same subnet, reverse-path filtering must be enabled in the kernel. (From meta-phosphor rev: 62a4b6cde3046a2439bdcef79a6ac85fd6684194) Change-Id: Ia4ba2523ded0d18d99f8be2fedd42666e96c34d2 Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com> Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
2019-04-10LDAP:create single nsswitch.conf fileraviteja-b1-1/+1
Earlier thought was there would be overhead if we include "ldap" here in the nssswitch.conf file so created nsswitch_ldap.conf, but we have tested both the cases(ldap/local) and we don't find any overhead,so we don't need both nsswitch.conf and nsswitch_ldap.conf files Here is link for nss-pam-ldapd-users discussion thread https://lists.arthurdejong.org/nss-pam-ldapd-users/2019/msg00021.html Tested local and ldap user authentication with valid and invalid credentials. (From meta-phosphor rev: a4ac97cdb199af84a28c2ad691aa5ef85b32d66f) Change-Id: I0c72d3a32a51dcc0cb8cf9c67411d26b5d8658d2 Signed-off-by: Ravi Teja <raviteja28031990@gmail.com> Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
2018-10-08nsswitch: Add LDAP lookup in passwd, group and shadow mapsRatan Gupta2-0/+30
The Name Service Switch (NSS) configuration file (nsswitch.conf), is used by the GNU C Library to determine the sources from which to obtain name-service information in a range of categories, and in what order With the introduction of LDAP we have to add the LDAP as a source for the name service info for the various maps/database(passwd, group, shadow). (From meta-phosphor rev: 68f0934af8ebb0332e5075728d8006e4d846bd78) Change-Id: I0781da24c50278e439e953d595d275fbfc6bf48a Signed-off-by: Ratan Gupta <ratagupt@in.ibm.com> Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
2018-10-08Moving fstab file into subdirectoryRatan Gupta2-1/+1
FILESEXTRAPATHS_prepend was conditional for only ubi-based-file system now we have the requirement where we want to prepend path for all other cases,so moving the fstab file in the specific directory and add that subdirectory-path conditionaly. (From meta-phosphor rev: cb9552f017c3803dc0ec0ab628dce14863bf8389) Change-Id: I9d3baf42ef1d712ec6c52f53a5ae56a2ceef1ddf Signed-off-by: Ratan Gupta <ratagupt@in.ibm.com> Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
2018-09-06meta-phosphor: Move layer content from common/Brad Bishop2-0/+16
Adopt a more conventional directory hierarchy. meta-phosphor is still a _long_ way from suitable for hosting on yoctoproject.org but things like this don't help. (From meta-phosphor rev: 471cfcefa74b8c7ceb704cb670e6d915cf27c63b) Change-Id: I3f106b2f6cdc6cec734be28a6090800546f362eb Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
generated by cgit v1.2.3 (git 2.39.0) at 2024-07-09 03:51:02 +0300