mirror of
https://github.com/systemd/systemd
synced 2024-09-06 16:56:43 +00:00
a777a59243
We would create root account from sysusers or from firstboot, depending on
which one ran earlier. Since firstboot offers more options, in particular can
set the root password, we needed to order it earlier. This created an ugly
ordering requirement:
systemd-sysusers.service > systemd-firstboot.service > ... >
systemd-remount-fs.service > systemd-tmpfiles-setup-dev.service >
systemd-sysusers.service
We want sysusers.service to create basic users, so we can create nodes in dev,
so we can operate on block devices and such, so that we can resize and remount
things. But at the same time, systemd-firstboot.service can only work if it is
run early, before systemd-sysusers.service has created /etc/passwd. We can't
have it both ways: the units that want to have a fully writable root file
system cannot be ordered before units which are required to do file system
preparation.
Instead of trying to order firstboot very early, let's let it do its thing even
if it is started later. Instead of refusing to create to the root account if
/etc/passwd and /etc/shadow exist, actually check if the account is configured.
Now sysusers writes root account with password PASSWORD_UNPROVISIONED
("!unprovisioned"), and then firstboot checks for this, and will configure root
in this case.
This allows sysusers to be executed earlier (or accounts to be set up earlier
in another way).
This effectively reverts b825ab1a99.
42 lines
1.3 KiB
Desktop File
42 lines
1.3 KiB
Desktop File
# SPDX-License-Identifier: LGPL-2.1-or-later
|
|
#
|
|
# This file is part of systemd.
|
|
#
|
|
# systemd is free software; you can redistribute it and/or modify it
|
|
# under the terms of the GNU Lesser General Public License as published by
|
|
# the Free Software Foundation; either version 2.1 of the License, or
|
|
# (at your option) any later version.
|
|
|
|
[Unit]
|
|
Description=First Boot Wizard
|
|
Documentation=man:systemd-firstboot(1)
|
|
|
|
ConditionPathIsReadWrite=/etc
|
|
ConditionFirstBoot=yes
|
|
|
|
DefaultDependencies=no
|
|
After=systemd-remount-fs.service
|
|
Before=systemd-vconsole-setup.service sysinit.target first-boot-complete.target
|
|
Wants=first-boot-complete.target
|
|
Conflicts=shutdown.target
|
|
Before=shutdown.target
|
|
|
|
[Service]
|
|
Type=oneshot
|
|
RemainAfterExit=yes
|
|
ExecStart=systemd-firstboot --prompt-locale --prompt-timezone --prompt-root-password
|
|
StandardOutput=tty
|
|
StandardInput=tty
|
|
StandardError=tty
|
|
|
|
# Optionally, pick up basic fields from credentials passed to the service
|
|
# manager. This is useful for importing this data from nspawn's
|
|
# --set-credential= switch.
|
|
LoadCredential=passwd.hashed-password.root
|
|
LoadCredential=passwd.plaintext-password.root
|
|
LoadCredential=passwd.shell.root
|
|
LoadCredential=firstboot.locale
|
|
LoadCredential=firstboot.locale-messages
|
|
LoadCredential=firstboot.keymap
|
|
LoadCredential=firstboot.timezone
|