[yocto] problem adding a user

Wed May 15 16:58:26 PDT 2019

Glad to hear that it works now. I am planning on attending the YP DevDay.

:rjs

On Wed, May 15, 2019, 13:53 Greg Wilson-Lindberg <GWilson at sakuraus.com>
wrote:

> Thank you very much, that got me back on the right path.
>
> Maybe I'll see you at the Yocto day at the Embedded Linux Conference.
>
> Regards,
>
> [image: cid:image001.png at 01D35D7D.179A7510]
>
> *Greg Wilson-Lindberg  *
>
> *Principal Firmware Engineer | Sakura Finetek USA, Inc.  *
>
>
>
> 1750 W 214th Street | Torrance, CA 90501 | U.S.A.
>
> T: +1 310 783 5075
>
> F: +1 310 618 6902 | E: gwilson at sakuraus.com
>
> www.sakuraus.com
>
>
>
> [image: cid:image002.png at 01D35D7D.179A7510]
>
> [image: cid:image003.png at 01D35D7D.179A7510]
> ------------------------------
>
> Confidentiality Notice: This e-mail transmission may contain confidential
> or legally privileged information that is intended only for the individual
> or entity named in the e-mail address. If you are not the intended
> recipient, you are hereby notified that any disclosure, copying,
> distribution, or reliance upon the contents of this e-mail is strictly
> prohibited. If you have received this e-mail transmission in error, please
> reply to the sender, so that Sakura Finetek USA, Inc. can arrange for
> proper delivery, and then please delete the message from your inbox. Thank
> you.
>
>
>
>
>
> *From:* Rudolf J Streif [mailto:rudolf.streif at ibeeto.com]
> *Sent:* Wednesday, May 15, 2019 01:30 PM
> *To:* Greg Wilson-Lindberg <GWilson at sakuraus.com>; Yocto list discussion <
> yocto at yoctoproject.org>
> *Subject:* Re: [yocto] problem adding a user
>
>
>
> Instead of
>
>
>
> useradd -p `openssl passwd test` sakura
>
>
>
> which attempts to add the user and set the password which fails if the
> user already exists, use
>
>
>
> usermod -p `openssl passwd test` sakura
>
>
>
> which sets the user's password.
>
>
>
> :rjs
>
>
>
> On 5/15/19 1:18 PM, Greg Wilson-Lindberg wrote:
>
> Ok, I had been using the useradd class in a couple of other recipes to
> allow me to copy files to the sakura user directory and another location,
> but owned by sakura. That seems to have been what was causing the problem.
>
>
>
> I had been using the extrausers class in my top level image recipe.
>
>
> So now how do I get all of this to work together? Do I need to put
> everything that touches the sakura user in the same recipe? It seems that I
> need to use only one of the useradd or extrausers classes?
>
>
>
> Greg
> ------------------------------
>
> *From:* Rudolf J Streif <rudolf.streif at ibeeto.com>
> <rudolf.streif at ibeeto.com>
> *Sent:* Wednesday, May 15, 2019 12:31 PM
> *To:* Greg Wilson-Lindberg; Yocto list discussion
> *Subject:* Re: [yocto] problem adding a user
>
>
>
> The ! for the password in /etc/shadow indicates that the account is
> disabled:
>
> sakura:!:18031:0:99999:7:::
>
>
>
> Either there is something wrong with the password generation or it gets
> disabled by something else. Maybe it's worth trying with a plain image
> without Boot2Qt or anything else.
>
>
>
> :rjs
>
>
>
>
>
> On 5/15/19 11:46 AM, Greg Wilson-Lindberg wrote:
>
> Hi Rudolf,
>
> 1st, yes I inherit extrausers. Attached are the passwd & shadow files.
>
>
>
> It shouldn't make any difference, but I'm building this for an RPi3 using
> the Qt Boot2Qt version of the Yocto environment, distro 2.5.3.
>
>
>
> Greg
> ------------------------------
>
> *From:* Rudolf J Streif <rudolf.streif at ibeeto.com>
> <rudolf.streif at ibeeto.com>
> *Sent:* Wednesday, May 15, 2019 11:26 AM
> *To:* Greg Wilson-Lindberg; Yocto list discussion
> *Subject:* Re: [yocto] problem adding a user
>
>
>
> Hi Greg,
>
>
>
> > I've also tried both the back-quote and the single-quote, no difference.
>
>
>
> Help me to understand this. the back-quotes are the right ones. If you use
> the single ones your password in the /etc/shadow ends up being 'openssl
> passwd test' (without the quotes), unless the build fails because of a
> parsing error (I have not tried it). Silly question, you did inherit
> extrausers class?
>
>
>
> Can you post your /etc/passwd and /etc/shadow
>
>
>
> I am surprised that this does not work with your setup. I have been doing
> this a gazillion times always with success.
>
>
>
> :rjs
>
>
>
>
>
>
>
> On 5/15/19 11:03 AM, Greg Wilson-Lindberg wrote:
>
> Hi Rudolf,
>
> Thanks for the reply, and the information on how openssl works.
>
>
>
> I'm trying to create a user with the same group name so the code that I'm
> using reduces to:
>
> EXTRA_USERS_PARAMS = "\
>
>     useradd -p `openssl passwd test` sakura; \
>
>     usermod -a -G sudo ${SAKURA_USER}; \
>
>     "
>
> I also, as you can see, removed the macros to eliminate as much confusion
> as possible.
>
>
>
> I still can't login in using the password 'test'.
>
>
>
> I've also tried both the back-quote and the single-quote, no difference.
>
> Regards,
>
>
>
> Greg
> ------------------------------
>
> *From:* Rudolf J Streif <rudolf.streif at ibeeto.com>
> <rudolf.streif at ibeeto.com>
> *Sent:* Wednesday, May 15, 2019 10:07:47 AM
> *To:* Greg Wilson-Lindberg; Yocto list discussion
> *Subject:* Re: [yocto] problem adding a user
>
>
>
> Hi Greg,
>
> Well, I suppose I wrote the book you are referring to...
>
>
> Using
>
> useradd -p PASSWORD USER
>
> takes the password hash for PASSWORD hence the use of openssl in:
>
> useadd -p `openssl passwd PASSWORD` USER
>
> openssl password creates the password hash using the original crypt hash
> algorithm if no other options are specified. e.g.
>
> $ openssl passwd hello
> 6hEsTksgRkeiI
>
> With this the first two characters of the output is the salt and the
> rest is the password hash. If you want openssl to create the same result
> again:
>
> $ openssl passwd -salt "6h" hello
> 6hEsTksgRkeiI
>
> You can use newer algorithms like MD5 based BSD password algorithm 1:
>
> $ openssl passwd -1 hello
> $1$4Mu8Fcs.$eIKgPP7RCYrb3lFZjhADA1
>
> $1 : password algorithm 1
> $4Mu8Fcs. : salt
> $eIKgPP7RCYrb3lFZjhADA1 : password hash
>
>
> If you log into the system you have to use the clear password. The
> system reads the salt, creates the password hash and compares the results.
>
>
> :rjs
>
>
> On 5/14/19 5:34 PM, Greg Wilson-Lindberg wrote:
> > I'm trying to use the example in "Embedded Linux Systems with the Yocto
> Project" to add a user to my Yocto build. In the book the sample code:
> >
> >     useradd -p `openssl passwd ${DEV_PASSWORD}` developer; \
> >
> > uses openssl to generate the encrypted password string to pass to
> useradd. I have never been able to get this to work. When I run the openssl
> > command on the cmd line I get a different value every time, this seems
> wrong, How can the password code compare against it if every encode
> > produces a different value?
> >
> > I am getting the user added to the system, the home directory shows up
> and the user is in the passwd and group files. I just can't login to the
> > account.
> >
> > I've obviously got something confused, any help would be appreciated.
> >
> > Greg Wilson-Lindberg
> >
>
> --
> -----
> Rudolf J Streif
> CEO/CTO ibeeto
> +1.855.442.3396 x700
>
> --
>
> -----
>
> Rudolf J Streif
>
> CEO/CTO ibeeto
>
> +1.855.442.3396 x700
>
> --
>
> -----
>
> Rudolf J Streif
>
> CEO/CTO ibeeto
>
> +1.855.442.3396 x700
>
> --
>
> -----
>
> Rudolf J Streif
>
> CEO/CTO ibeeto
>
> +1.855.442.3396 x700
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/yocto/attachments/20190515/8eb41436/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 949 bytes
Desc: not available
URL: <http://lists.yoctoproject.org/pipermail/yocto/attachments/20190515/8eb41436/attachment-0001.png>