Home-Assistant/operating-system
1
0
Fork 0
mirror of https://github.com/home-assistant/operating-system.git synced 2026-02-21 18:29:02 +00:00
Code Activity
Files
rel-5
operating-system/buildroot-external/scripts/rootfs-layer.sh
Stefan Agner 7c25f7c187 Fix DNS resolving (#1004) 
* Add resolved.conf to disable stub resolver and DNSSEC

There are Add-Ons which try to bind port 53 on all interfaces including
127.0.0.53. Disable the stub resolver to make them continue working. We
don't need the resolver currently anyway.

Also disable DNSSEC to make sure the baords can access a NTP time server
even when their time is incorrect (since DNSSEC validation may fail).
This is a known chicken-egg problem with systemd-resolved/systemd-timesyncd
and might be addressed in a future version, with what we can reenable
DNSSEC:
https://github.com/systemd/systemd/issues/5873

* Make sure resolve gets added only once to nsswitch.conf

Only add resolve to nsswitch.conf if not already present.
2020-11-18 09:56:38 +01:00

50 lines
1.5 KiB
Bash
Executable File
Raw Permalink Blame History

#!/bin/bash
function fix_rootfs() {
# Cleanup etc
rm -rf "${TARGET_DIR:?}/etc/init.d"
rm -rf "${TARGET_DIR:?}/etc/network"
rm -rf "${TARGET_DIR:?}/etc/X11"
rm -rf "${TARGET_DIR:?}/etc/xdg"
# Cleanup root
rm -rf "${TARGET_DIR:?}/media"
rm -rf "${TARGET_DIR:?}/srv"
rm -rf "${TARGET_DIR:?}/opt"
# Cleanup miscs
rm -rf "${TARGET_DIR}/usr/lib/modules-load.d"
# systemd-update-done.service relies on writeable /var and /etc
rm -f "${TARGET_DIR}/usr/lib/systemd/system/sysinit.target.wants/systemd-update-done.service"
# Fix: permission for system connection files
chmod 600 "${TARGET_DIR}/etc/NetworkManager/system-connections"/*
# Fix: tempfs with /srv
sed -i "/srv/d" "${TARGET_DIR}/usr/lib/tmpfiles.d/home.conf"
# Fix: Could not generate persistent MAC address
sed -i "s/MACAddressPolicy=persistent/MACAddressPolicy=none/g" "${TARGET_DIR}/usr/lib/systemd/network/99-default.link"
# Use systemd-resolved for Host OS resolve
sed -i '/^hosts:/ {/resolve/! s/files/resolve [!UNAVAIL=return] files/}' "${TARGET_DIR}/etc/nsswitch.conf"
}
function install_hassos_cli() {
# shellcheck disable=SC1117
sed -i "s|\(root:.*\)/bin/sh|\1/usr/sbin/hassos-cli|" "${TARGET_DIR}/etc/passwd"
if ! grep "hassos-cli" "${TARGET_DIR}/etc/shells"; then
echo "/usr/sbin/hassos-cli" >> "${TARGET_DIR}/etc/shells"
fi
}
function install_tini_docker() {
ln -fs /usr/bin/tini "${TARGET_DIR}/usr/bin/docker-init"
}
View Git Blame Copy Permalink