Writable Legato with Read-Only root fs

I’m deploying Legato onto a custom Linux distro where the root file system is mounted read-only. However, we still want Legato to be writable.

This trick requires we build our filesystem with Legato somewhere non-standard, and then symlink from the new non-standard directories to /mnt/legato, /data/le_fs, /mnt/flash, etc… It almost works.

The sticking point is /etc/group and /etc/passwd. Our /etc directory is read-only, so you can’t just re-rewrite those files. My current ideas are:

• put the new group and passwd files somewhere else and mount them into /etc. But this file might be temporary, and I suspect it will be a problem. Files created by apps might have the wrong userid for a future invocaiton of the app.
• have supervisor ignore the copy-file error, then refuse the launch an app whose user and groups do not already exist. In effect, this means our group and passwd files must include all the IDs needed by Legato applications “out of the box”.

Both require supervisor changes.

Is there a known/preferred solution to this problem? And what are my chances of getting such modifications added to a future release?

If specific users or groups are required for Legato, they should be created at build time in yocto.As the root file system is also R/O modifications of /etc/passwd or /etc/groups is not possible.A custom /etc/passwd and /etc/group are maintained in the target sysroot during builds.you can change it in yocto.

1. Add RDEPENDS_${PN} += “sudo” in meta-swi/common/recipes-core/packagegroups/packagegroup-swi-image-target.bb
2. Create user and passwd
   useradd test
   passwd test (here give password)
3. Reboot and login as “test” with created password