How to add users at build time via Yocto?

Question

I am working on a custom board with an i.MX6 DL, Yocto Pyro, and kernel 4.14.16, and am trying to figure out how to add a new user. I have tried the suggestion provided here: How to add an user and re set the root user in yocto? to no avail. I also tried running the demo useradd-example.bb recipe (located in the recipes-skeleton layer) as is which also didn't work.

It compiles and I can build an image, but when I try to log in as any of the new users, I get login incorrect. If I log in as root, I am seeing no folders in the /home/ directory (I have moved the root home folder to /root). I am guessing there is something missing.

Here is the recipe I am using:

SUMMARY = "Add the user accounts that the production printer will need."
LICENSE = "CLOSED"

#inherit extrausers
#
#EXTRA_USERS_PARAMS = "\
#    useradd -P Z2tQc0Ewto0c. mi_printer; \
#    usermod -P Z2tQc0Ewto0c. root;"


#SUMMARY = "Example recipe for using inherit useradd"
#DESCRIPTION = "This recipe serves as an example for using features from useradd.bbclass"
#SECTION = "examples"
#PR = "r1"
#LICENSE = "MIT"
#LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"

SRC_URI = "file://file1 \
           file://file2 \
           file://file3 \
           file://file4"

S = "${WORKDIR}"

PACKAGES =+ "${PN}-user3"

#EXCLUDE_FROM_WORLD = "1"

inherit useradd

# You must set USERADD_PACKAGES when you inherit useradd. This
# lists which output packages will include the user/group
# creation code.
USERADD_PACKAGES = "${PN} ${PN}-user3"

# You must also set USERADD_PARAM and/or GROUPADD_PARAM when
# you inherit useradd.

# USERADD_PARAM specifies command line options to pass to the
# useradd command. Multiple users can be created by separating
# the commands with a semicolon. Here we'll create two users,
# user1 and user2:
USERADD_PARAM_${PN} = "-u 1200 -d /home/user1 -r -s /bin/bash user1; -u 1201 -d /home/user2 -r -s /bin/bash user2"

# user3 will be managed in the useradd-example-user3 pacakge:
# As an example, we use the -P option to set clear text password for user3
USERADD_PARAM_${PN}-user3 = "-u 1202 -d /home/user3 -r -s /bin/bash -P 'user3' user3"

# GROUPADD_PARAM works the same way, which you set to the options
# you'd normally pass to the groupadd command. This will create
# groups group1 and group2:
GROUPADD_PARAM_${PN} = "-g 880 group1; -g 890 group2"

# Likewise, we'll manage group3 in the useradd-example-user3 package:
GROUPADD_PARAM_${PN}-user3 = "-g 900 group3"

do_install () {
    install -d -m 755 ${D}${datadir}/user1
    install -d -m 755 ${D}${datadir}/user2
    install -d -m 755 ${D}${datadir}/user3

    install -p -m 644 file1 ${D}${datadir}/user1/
    install -p -m 644 file2 ${D}${datadir}/user1/

    install -p -m 644 file2 ${D}${datadir}/user2/
    install -p -m 644 file3 ${D}${datadir}/user2/

    install -p -m 644 file3 ${D}${datadir}/user3/
    install -p -m 644 file4 ${D}${datadir}/user3/

    # The new users and groups are created before the do_install
    # step, so you are now free to make use of them:
    chown -R user1 ${D}${datadir}/user1
    chown -R user2 ${D}${datadir}/user2
    chown -R user3 ${D}${datadir}/user3

    chgrp -R group1 ${D}${datadir}/user1
    chgrp -R group2 ${D}${datadir}/user2
    chgrp -R group3 ${D}${datadir}/user3
}

FILES_${PN} = "${datadir}/user1/* ${datadir}/user2/*"
FILES_${PN}-user3 = "${datadir}/user3/*"

# Prevents do_package failures with:
# debugsources.list: No such file or directory:
INHIBIT_PACKAGE_DEBUG_SPLIT = "1"

The short commented out blurb using extrausers at the beginning is something I tried that I saw elsewhere on the web. Ideally I would like to add a single user called printer, but as long as I can get something to work, I can probably take it the rest of the way.

UPDATE: The final recipe looks as follows:

SUMMARY = "Add the user accounts that the production printer will need."
LICENSE = "CLOSED"

SRC_URI = "file://file1 \
           file://file2"

S = "${WORKDIR}"

inherit useradd

USERADD_PACKAGES = "${PN}"
USERADD_PARAM_${PN} = "-u 1200 -d /home/user1 -m -s /bin/sh -p Z2tQc0Ewto0c. mi-printer"

GROUPADD_PARAM_${PN} = "-g 880 group1"

do_install () {
    install -d -m 755 ${D}${datadir}/mi-printer

    install -p -m 644 file1 ${D}${datadir}/mi-printer/
    install -p -m 644 file2 ${D}${datadir}/mi-printer/

    # The new users and groups are created before the do_install
    # step, so you are now free to make use of them:
    chown -R mi-printer ${D}${datadir}/mi-printer

    chgrp -R group1 ${D}${datadir}/mi-printer
}

FILES_${PN} = "${datadir}/mi-printer/*"

# Prevents do_package failures with:
# debugsources.list: No such file or directory:
INHIBIT_PACKAGE_DEBUG_SPLIT = "1"

The password hash was obtained by running openssl passwd password

Answer 1

Your question seems to consists of two parts:

1. How to add a user

   The useradd part in your example is doing this already; look into the /etc/passwd file and you will find the user1

2. How to set the password

   You have to specify the password with the -p option and ensure that a login shell (and e.g. not /bin/false) has been given:

USERADD_PARAM_${PN} = "-s /bin/bash -p '$1$HzRkQcjT$/jV0VB4GJd1b3DTXfCYNo.' user1" 

But in most cases you do not need step 2 because there are usually only service users but no ordinary users on embedded systems.

Answer 2

The example recipe is misleading

The example recipe tells you to do all sorts of stuff in ${D}${datadir}/username, and you expect this to be a sane thing to do. However, ${datadir} is actually /usr/share, so take a look at /usr/share/mi-printer in your image. That's where your stuff actually is.

I've just replaced ${datadir} with /home in my recipe, and that solved everything.

If you have a different package that then install things in the newly-created homedirectory, be use to use DIRFILES in it to disclaim ownership of the homedir itself.