2020-11-09 04:23:58 +00:00
|
|
|
# SPDX-License-Identifier: LGPL-2.1-or-later
|
2017-11-18 16:35:03 +00:00
|
|
|
#
|
2014-07-07 13:05:37 +00:00
|
|
|
# This file is part of systemd.
|
|
|
|
|
#
|
|
|
|
|
# systemd is free software; you can redistribute it and/or modify it
|
|
|
|
|
# under the terms of the GNU Lesser General Public License as published by
|
|
|
|
|
# the Free Software Foundation; either version 2.1 of the License, or
|
|
|
|
|
# (at your option) any later version.
|
|
|
|
|
|
|
|
|
|
[Unit]
|
|
|
|
|
Description=First Boot Wizard
|
2014-08-28 20:01:44 +00:00
|
|
|
Documentation=man:systemd-firstboot(1)
|
2022-09-15 13:54:18 +00:00
|
|
|
|
|
|
|
|
ConditionPathIsReadWrite=/etc
|
|
|
|
|
ConditionFirstBoot=yes
|
|
|
|
|
|
2014-07-07 13:05:37 +00:00
|
|
|
DefaultDependencies=no
|
2014-10-22 23:24:59 +00:00
|
|
|
After=systemd-remount-fs.service
|
firstboot: process the root account after sysusers created it
We would create root account from sysusers or from firstboot, depending on
which one ran earlier. Since firstboot offers more options, in particular can
set the root password, we needed to order it earlier. This created an ugly
ordering requirement:
systemd-sysusers.service > systemd-firstboot.service > ... >
systemd-remount-fs.service > systemd-tmpfiles-setup-dev.service >
systemd-sysusers.service
We want sysusers.service to create basic users, so we can create nodes in dev,
so we can operate on block devices and such, so that we can resize and remount
things. But at the same time, systemd-firstboot.service can only work if it is
run early, before systemd-sysusers.service has created /etc/passwd. We can't
have it both ways: the units that want to have a fully writable root file
system cannot be ordered before units which are required to do file system
preparation.
Instead of trying to order firstboot very early, let's let it do its thing even
if it is started later. Instead of refusing to create to the root account if
/etc/passwd and /etc/shadow exist, actually check if the account is configured.
Now sysusers writes root account with password PASSWORD_UNPROVISIONED
("!unprovisioned"), and then firstboot checks for this, and will configure root
in this case.
This allows sysusers to be executed earlier (or accounts to be set up earlier
in another way).
This effectively reverts b825ab1a99b69956057c79838faaf7b44afee474.
2022-10-03 10:12:15 +00:00
|
|
|
Before=systemd-vconsole-setup.service sysinit.target first-boot-complete.target
|
2020-09-06 19:23:36 +00:00
|
|
|
Wants=first-boot-complete.target
|
2022-09-15 13:54:18 +00:00
|
|
|
Conflicts=shutdown.target
|
|
|
|
|
Before=shutdown.target
|
2014-07-07 13:05:37 +00:00
|
|
|
|
|
|
|
|
[Service]
|
|
|
|
|
Type=oneshot
|
|
|
|
|
RemainAfterExit=yes
|
2019-12-18 08:14:57 +00:00
|
|
|
ExecStart=systemd-firstboot --prompt-locale --prompt-timezone --prompt-root-password
|
2014-07-07 13:05:37 +00:00
|
|
|
StandardOutput=tty
|
|
|
|
|
StandardInput=tty
|
|
|
|
|
StandardError=tty
|
2021-03-11 10:47:57 +00:00
|
|
|
|
|
|
|
|
# Optionally, pick up basic fields from credentials passed to the service
|
|
|
|
|
# manager. This is useful for importing this data from nspawn's
|
|
|
|
|
# --set-credential= switch.
|
2021-05-02 15:05:48 +00:00
|
|
|
LoadCredential=passwd.hashed-password.root
|
|
|
|
|
LoadCredential=passwd.plaintext-password.root
|
|
|
|
|
LoadCredential=passwd.shell.root
|
|
|
|
|
LoadCredential=firstboot.locale
|
|
|
|
|
LoadCredential=firstboot.locale-messages
|
|
|
|
|
LoadCredential=firstboot.keymap
|
|
|
|
|
LoadCredential=firstboot.timezone
|