From the systemd os-release man page:

> /etc/os-release should be a relative symlink to /usr/lib/os-release,
> to provide compatibility with applications only looking at /etc/.

While systemd ships a tmpfiles dropin that will make the symlink, when
building e.g. portable service images, those might not have systemd
itself, and thus won't have the tmpfiles dropin. To make sure all Arch
images have the symlink, let's create it as part of the filesystem package
since we already ship /usr/lib/os-release in the filesystem package as
well.

We do this in a install script to avoid messing with any existing
/etc/os-release files or symlinks. For safety we only create the file
symlink if /etc/os-release is not yet a symlink and doesn't exist.

Alphabetically sorted arrays with one entry per line are easier to read.
Furthermore, git commits changing the files are easier to read as well.

Signed-off-by: David Runge <dvzrv@archlinux.org>

Robin Candau authored 11 months ago and David Runge committed 11 months ago

See detailed discussion around the reasons for this change:
https://lists.archlinux.org/archives/list/arch-dev-public@lists.archlinux.org/thread/5GU7ZUFI25T2IRXIQ62YYERQKIPE3U6E/

To streamline file installation, use an associative array to declare
targets, source file, mode, user and group owner.

Be verbose about the installation of files.

Add usr/share/factory/etc/profile.d/locale.sh, so that etc/ profile.d/
locale.sh can be replaced by a factory file in case /etc is deleted.
Extend tmpfiles.d setup for etc/profile.d/locale.sh.

Add /etc/arch-release as file (also to factory), as it is seemingly
still used by legacy OS detection methods (looking at you cmake).

Signed-off-by: David Runge <dvzrv@archlinux.org>

Add a local associative array to unify the data representation of the
installed directories, their mode, user and group ownerships.
Add a local associative array to streamline the representation of
symlinks names and their targets.

Be verbose about directory and symlink creation.

Signed-off-by: David Runge <dvzrv@archlinux.org>

Release various new changes:
- Add additional ld.so.conf dir with /usr/lib/ld.so.conf.d/
- Update root's shell to /usr/bin/bash
- Update BUG_REPORT_URL to new GitLab location

Update maintainer info.

nl6720 authored 1 year ago and David Runge committed 1 year ago

The bug tracker moved from Flyspray to GitLab.

See https://lists.archlinux.org/hyperkitty/list/arch-dev-public@lists.archlinux.org/thread/WYXDTJ3TR2DWRQCDZK44BQDH67IDVGTS/

Match the SHELL value in /etc/default/useradd.

Related to shadow@16ecf814

Vicki Pfau authored 1 year ago and Daurnimator committed 1 year ago

Closes #6

Add valid locations in /usr/bin to shells: https://bugs.archlinux.org/task/33677
Remove custom umask setting from /etc/profile: https://bugs.archlinux.org/task/66068

Set architecture to 'any' as we are not shipping architecture-specific files in this package.
Set license to GPL-3.0-or-later to align with https://terms.archlinux.org/docs/terms-of-service/#_contribution_licenses

As we want to centralize the umask setting via `UMASK` and `HOME_MODE`
in /etc/login.defs, we rely on pam_umask.so and no longer need a custom
umask setting in /etc/profile.
https://bugs.archlinux.org/task/66068



Signed-off-by: David Runge <dvzrv@archlinux.org>

- add /etc/subuid and /etc/subgid files (FS#68741)

- use systemd recommended settings for /etc/nsswitch.conf

- implement FS#72870

- make append_path function available to profile.d scripts (see FS#66338)

This will prevent root login with an empty password on a fresh Arch Linux
installation.

This is only about the default behaviour, you could restore the previous one by
running `passwd -d root'.
Please note, this is not recommended and behave inconsistenly between
applications.

We use a trick in the shadow file to set a default password which never allow
login by using this password.

The special value '*' is used in the shadow file.
We don't use '!', '!!', '!*' on purpose.
The special '!' char, which should mean password locked (and not account locked)
is interpreted by some applications (e.g. sshd) as an account locked and will
prevent root login.

This change was suggested by Lennart Poettering and Zbigniew Jedrzejewski-Szmek
to security@archlinux.org.

- fix FS#66499

- Restore ID
- Add BUILD_ID
- Add DOCUMENTATION_URL

- fid FS#58499