Bug 15847

Summary: Systemd: Incorrect Permission on /usr/lib/systemd
Product: buildroot Reporter: fandingo <justin.brown>
Component: OtherAssignee: unassigned
Status: RESOLVED MOVED    
Severity: minor CC: buildroot, justin.brown, yann.morin.1998
Priority: P5    
Version: 2023.08.2   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Host: Target:
Build:

Description fandingo 2023-11-09 11:07:14 UTC 
I'm trying to use systemd as my init and systemd-networkd as my connection manager. There appears to be a problem with the file permissions that prevent networkd from starting. 


CONFIG:
=======

I'm tracking origin/master and am up to date with fd41e442f0f from Nov. 7th. My defconfig is qemu_x86_64_defconfig with two modifications: BR2_INIT_SYSTEMD=y (including BR2_PACKAGE_SYSTEMD_NETWORKD=y) and a BR2_ROOTFS_OVERLAY that provides a etc/systemd/network/01.network basic DHCP unit file. (Plus the additional both required and optional linux.config modifications for systemd specified at https://github.com/systemd/systemd/blob/main/README.) 


PROBLEM:
========

The systemd package creates a systemd-network user, and the systemd-networkd.service unit executes as that user. However, the file permissions prohibit this non-root user from executing /usr/lib/systemd/systemd-networkd:


# ls -ald /usr/lib/systemd/
drwxrwx---   13 root     root          2048 Nov  9 10:10 /usr/lib/systemd/

# ls -al /usr/lib/systemd/systemd-networkd
-rwxr-xr-x    1 root     root       1579456 Nov  9 10:10 /usr/lib/systemd/systemd-networkd


Note that the /usr/lib/systemd directory does not allow the necessary o=rx permissions for a non-root user to access these binaries.


REQUEST:
========

I'm not well versed in writing makefiles, yet. But from a sh perspective, the solution seems to be that the systemd package makefile needs to do the equivalent of:

chmod o+rx /usr/lib/systemd
Comment 1 Arnout Vandecappelle 2023-11-10 19:52:29 UTC 
I've taken qemu_x86_64_defconfig with BR2_INIT_SYSTEMD and _NETWORKD, and I don't see the same issue:

# ls -ald /usr/lib/systemd/
drwxr-xr-x   13 root     root          2048 Nov 10 19:43 /usr/lib/systemd/
# ls -al /usr/lib/systemd/systemd-networkd
-rwxr-xr-x    1 root     root       1579456 Nov 10 19:43 /usr/lib/systemd/systemd-networkd
# ps -ef | grep network
   84 systemd- /usr/lib/systemd/systemd-networkd
  119 root     grep network
# systemctl status systemd-networkd
● systemd-networkd.service - Network Configuration
     Loaded: loaded (/usr/lib/systemd/system/systemd-networkd.service; enabled; preset: enabled)
     Active: active (running) since Fri 2023-11-10 19:48:48 UTC; 2min 8s ago
TriggeredBy: ● systemd-networkd.socket
       Docs: man:systemd-networkd.service(8)
             man:org.freedesktop.network1(5)
   Main PID: 84 (systemd-network)
     Status: "Processing requests..."
   FD Store: 0 (limit: 512)
        CPU: 220ms
     CGroup: /system.slice/systemd-networkd.service
             └─84 /usr/lib/systemd/systemd-networkd

Nov 10 19:48:47 buildroot systemd[1]: Starting Network Configuration...
Nov 10 19:48:47 buildroot systemd-networkd[84]: lo: Link UP
Nov 10 19:48:47 buildroot systemd-networkd[84]: lo: Gained carrier
Nov 10 19:48:48 buildroot systemd-networkd[84]: Enumeration completed
Nov 10 19:48:48 buildroot systemd[1]: Started Network Configuration.
Nov 10 19:48:49 buildroot systemd-networkd[84]: eth0: Interface name change detected, renamed to enp0s3.

(I didn't bother changing the kernel config and I didn't add anything in /etc/systemd/network, so the network isn't actually coming up, but systemd-networkd is running.)

It seems that something went wrong in your build and /usr/lib/systemd was created with the wrong permissions?
Comment 2 fandingo 2023-11-22 08:58:23 UTC 
Sorry for the delayed response. I've been working on my project on and off, and I've done tons of builds since posting this report. The o=rx permissions aren't getting set. I'm wondering if you have some kind of umask of ACL setting on your host OS that's makes it work for you. 

I ended up doing with a device_table.txt:

# <name>                                <type>  <mode>  <uid>   <gid>   <major> <minor> <start> <inc>   <count>
/usr/lib/systemd                        d       755     0       0       -       -       -       -       -
Comment 3 Yann E. MORIN 2024-06-15 15:13:43 UTC 
Thank you for your report.

The issue tracker for the Buildroot project has been moved to
the Gitlab.com issue tracker:
    https://gitlab.com/buildroot.org/buildroot/-/issues

We are taking this opportunity to close old issues in this old
tracker. If you believe your issue is still relevant, please
open one in the new issue tracker.

Thank you!