diff options
Diffstat (limited to 'sysusers.d')
| -rw-r--r-- | sysusers.d/README | 8 | ||||
| -rw-r--r-- | sysusers.d/basic.conf.in | 41 | ||||
| -rw-r--r-- | sysusers.d/meson.build | 39 | ||||
| -rw-r--r-- | sysusers.d/systemd-coredump.conf | 8 | ||||
| -rw-r--r-- | sysusers.d/systemd-journal.conf.in | 8 | ||||
| -rw-r--r-- | sysusers.d/systemd-network.conf.in | 8 | ||||
| -rw-r--r-- | sysusers.d/systemd-oom.conf | 8 | ||||
| -rw-r--r-- | sysusers.d/systemd-remote.conf | 8 | ||||
| -rw-r--r-- | sysusers.d/systemd-resolve.conf.in | 8 | ||||
| -rw-r--r-- | sysusers.d/systemd-timesync.conf.in | 8 |
10 files changed, 144 insertions, 0 deletions
diff --git a/sysusers.d/README b/sysusers.d/README new file mode 100644 index 0000000..df3049c --- /dev/null +++ b/sysusers.d/README @@ -0,0 +1,8 @@ +Files in this directory contain configuration for systemd-sysusers, a program +to allocate system users and groups. + +See man:sysusers.d(5) for explanation of the configuration file format, and +man:systemd-sysusers(8) for a description of when and how this configuration is +applied. + +Use 'systemd-analyze cat-config sysusers.d' to display the effective config. diff --git a/sysusers.d/basic.conf.in b/sysusers.d/basic.conf.in new file mode 100644 index 0000000..0aec080 --- /dev/null +++ b/sysusers.d/basic.conf.in @@ -0,0 +1,41 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +# The superuser +g root 0 - - +u root 0:0 "Super User" /root + +# The nobody user/group for NFS file systems +g {{NOBODY_GROUP_NAME}} 65534 - - +u {{NOBODY_USER_NAME }} 65534:65534 "Kernel Overflow User" - + +# Administrator group: can *see* more than normal users +g adm {{ADM_GID }} - - + +# Administrator group: can *do* more than normal users +g wheel {{WHEEL_GID }} - - + +# Access to shared database of users on the system +g utmp {{UTMP_GID }} - - + +# Physical and virtual hardware access groups +g audio {{AUDIO_GID }} - - +g cdrom {{CDROM_GID }} - - +g dialout {{DIALOUT_GID}} - - +g disk {{DISK_GID }} - - +g input {{INPUT_GID }} - - +g kmem {{KMEM_GID }} - - +g kvm {{KVM_GID }} - - +g lp {{LP_GID }} - - +g render {{RENDER_GID }} - - +g sgx {{SGX_GID }} - - +g tape {{TAPE_GID }} - - +g tty {{TTY_GID }} - - +g video {{VIDEO_GID }} - - + +# Default group for normal users +g users {{USERS_GID }} - - diff --git a/sysusers.d/meson.build b/sysusers.d/meson.build new file mode 100644 index 0000000..608c4b7 --- /dev/null +++ b/sysusers.d/meson.build @@ -0,0 +1,39 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +files = [['README', ''], + ['systemd-coredump.conf', 'ENABLE_COREDUMP'], + ['systemd-oom.conf', 'ENABLE_OOMD']] + +foreach pair : files + if not enable_sysusers + # do nothing + elif pair[1] == '' or conf.get(pair[1]) == 1 + install_data(pair[0], install_dir : sysusersdir) + else + message('Not installing sysusers.d/@0@ because @1@ is @2@' + .format(pair[0], pair[1], conf.get(pair[1], 0))) + endif +endforeach + + +if enable_sysusers and conf.get('ENABLE_REMOTE') == 1 and conf.get('HAVE_MICROHTTPD') == 1 + install_data('systemd-remote.conf', install_dir : sysusersdir) +endif + + +in_files = [['basic.conf', enable_sysusers], + ['systemd-journal.conf', enable_sysusers], + ['systemd-network.conf', enable_sysusers and conf.get('ENABLE_NETWORKD') == 1], + ['systemd-resolve.conf', enable_sysusers and conf.get('ENABLE_RESOLVE') == 1], + ['systemd-timesync.conf', enable_sysusers and conf.get('ENABLE_TIMESYNCD') == 1]] + +foreach tuple : in_files + file = tuple[0] + custom_target( + file, + input : file + '.in', + output: file, + command : [jinja2_cmdline, '@INPUT@', '@OUTPUT@'], + install : tuple[1], + install_dir : sysusersdir) +endforeach diff --git a/sysusers.d/systemd-coredump.conf b/sysusers.d/systemd-coredump.conf new file mode 100644 index 0000000..c4ff003 --- /dev/null +++ b/sysusers.d/systemd-coredump.conf @@ -0,0 +1,8 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +u systemd-coredump - "systemd Core Dumper" diff --git a/sysusers.d/systemd-journal.conf.in b/sysusers.d/systemd-journal.conf.in new file mode 100644 index 0000000..61768b2 --- /dev/null +++ b/sysusers.d/systemd-journal.conf.in @@ -0,0 +1,8 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +g systemd-journal {{SYSTEMD_JOURNAL_GID}} - diff --git a/sysusers.d/systemd-network.conf.in b/sysusers.d/systemd-network.conf.in new file mode 100644 index 0000000..7c64a46 --- /dev/null +++ b/sysusers.d/systemd-network.conf.in @@ -0,0 +1,8 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +u systemd-network {{SYSTEMD_NETWORK_UID}} "systemd Network Management" diff --git a/sysusers.d/systemd-oom.conf b/sysusers.d/systemd-oom.conf new file mode 100644 index 0000000..27e571f --- /dev/null +++ b/sysusers.d/systemd-oom.conf @@ -0,0 +1,8 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +u systemd-oom - "systemd Userspace OOM Killer" diff --git a/sysusers.d/systemd-remote.conf b/sysusers.d/systemd-remote.conf new file mode 100644 index 0000000..ca20c24 --- /dev/null +++ b/sysusers.d/systemd-remote.conf @@ -0,0 +1,8 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +u systemd-journal-remote - "systemd Journal Remote" diff --git a/sysusers.d/systemd-resolve.conf.in b/sysusers.d/systemd-resolve.conf.in new file mode 100644 index 0000000..9f02ef9 --- /dev/null +++ b/sysusers.d/systemd-resolve.conf.in @@ -0,0 +1,8 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +u systemd-resolve {{SYSTEMD_RESOLVE_UID}} "systemd Resolver" diff --git a/sysusers.d/systemd-timesync.conf.in b/sysusers.d/systemd-timesync.conf.in new file mode 100644 index 0000000..e50f025 --- /dev/null +++ b/sysusers.d/systemd-timesync.conf.in @@ -0,0 +1,8 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +u systemd-timesync {{SYSTEMD_TIMESYNC_UID}} "systemd Time Synchronization" |