Skip to content

Comments

swtpm: install sysusers.d and tmpfiles.d configs#1056

Merged
stefanberger merged 2 commits intostefanberger:masterfrom
bluca:sysusers_tmpfiles
Sep 23, 2025
Merged

swtpm: install sysusers.d and tmpfiles.d configs#1056
stefanberger merged 2 commits intostefanberger:masterfrom
bluca:sysusers_tmpfiles

Conversation

@bluca
Copy link
Contributor

@bluca bluca commented Sep 22, 2025

These configuration files will create the required user, group and
data directory on first boot/factory reset/package installation,
without requiring manual scripts or actions. This is very important
for image-based OSes, but it is useful in other cases to, to allow
using declarative configuration instead of scripts.

RPM now has built-in support for sysusers.d too.

https://www.freedesktop.org/software/systemd/man/latest/tmpfiles.d.html
https://www.freedesktop.org/software/systemd/man/latest/sysusers.d.html

@bluca
swtpm: install sysusers.d and tmpfiles.d configs
e9db00f 
These configuration files will create the required user, group and
data directory on first boot/factory reset/package installation,
without requiring manual scripts or actions. This is very important
for image-based OSes, but it is useful in other cases to, to allow
using declarative configuration instead of scripts.

RPM now has built-in support for sysusers.d too.

https://www.freedesktop.org/software/systemd/man/latest/tmpfiles.d.html
https://www.freedesktop.org/software/systemd/man/latest/sysusers.d.html

Signed-off-by: Luca Boccassi <luca.boccassi@gmail.com>
@bluca
debian: drop postinst, no longer needed
3f687bd 
Use sysusers and tmpfiles

Signed-off-by: Luca Boccassi <luca.boccassi@gmail.com>
@stefanberger
Copy link
Owner

stefanberger commented Sep 23, 2025

@elmarco @lvoytek Can you have a look?

@bluca , do we need to change something in the rpm.spec for this?

@elmarco
Copy link
Contributor

elmarco commented Sep 23, 2025

@stefanberger lgtm

@bluca
Copy link
Contributor Author

bluca commented Sep 23, 2025

It will not cause any issues to just ship these, that I do know, so it should be safe to ship as-is.

To make use of it from RPM directly though I am not sure, I guess it might depend on the distro, @keszybz do you know if you need to change a spec file to make RPM use the sysusers.d file?

@lvoytek
Copy link
Contributor

lvoytek commented Sep 23, 2025

@stefanberger looks good to me too, should work fine for Debian + Ubuntu
Also @bluca I noticed you are taking over swtpm in Debian. If you need anything from me I'm happy to help!

stefanberger
stefanberger reviewed Sep 23, 2025
View reviewed changes
debian/control
Rules-Requires-Root: no
Build-Depends: debhelper (>= 10),
dh-apparmor,
dh-sequence-installsysusers,
Copy link
Owner

@stefanberger stefanberger Sep 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this script will cause that the contents of the two new config files will be read?

Copy link
Contributor Author

@bluca bluca Sep 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The tmpfiles.d is used automatically, this is needed for sysusers.d to be used - and by used I mean the autogenerated snippets will be created automatically in the postinst files at build time

@stefanberger stefanberger merged commit 5c21ea0 into stefanberger:master Sep 23, 2025
1 check passed
@stefanberger
Copy link
Owner

stefanberger commented Sep 23, 2025

Thanks!

@bluca bluca deleted the sysusers_tmpfiles branch September 23, 2025 13:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@stefanberger stefanberger stefanberger left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@bluca @stefanberger @elmarco @lvoytek