| 1 |
Am Montag, 4. September 2006 04:42 schrieb Mike Kelly: |
| 2 |
> On Sun, 03 Sep 2006 18:11:12 +0200 |
| 3 |
> |
| 4 |
> Christian Affolter <c.affolter@××××××××××××××.ch> wrote: |
| 5 |
> > As soon as the shadow chroot patch [2] from GLEP 27 [3] is |
| 6 |
> > implemented, we will be able to build striped down gentoo instances |
| 7 |
> > without any development dependencies (with the help of the emerge |
| 8 |
> > ROOT environment variable) in a sane and easy way. |
| 9 |
> > |
| 10 |
> > [2] |
| 11 |
> > http://soc.gentoo.org/viewcvs.py/glep0027/patches/shadow-4.0.16-chroot.pa |
| 12 |
> >tch?rev=48&view=markup [3] |
| 13 |
> > http://www.gentoo.org/proj/en/glep/glep-0027.html [4] |
| 14 |
> |
| 15 |
> Hello, |
| 16 |
> |
| 17 |
> Nice to be mentioned :-p |
| 18 |
> |
| 19 |
> In regards to the shadow chroot patch, I'm poking at that bit by bit, |
| 20 |
> but I think that the upstream author is already considering doing |
| 21 |
> something similar to this. I've got a good idea of what needs to be |
| 22 |
> done when it is built w/o PAM, but when PAM comes into play, it gets |
| 23 |
> tricky. |
| 24 |
> |
| 25 |
> In regards to the GLEP 27 stuff in general, I have a project which is |
| 26 |
> still at a fairly alpha level, but I would appreciate contributions of |
| 27 |
> auth system helper scripts for any and all architectures / userlands. |
| 28 |
> I've written up some documentation with some examples [1]. Also, I'd |
| 29 |
> appreciate folks who know packages well (like apache, etc) writing the |
| 30 |
> proper user/group data files for them (this format is also |
| 31 |
> documented[2]). |
| 32 |
> |
| 33 |
> For those a little more curious about how this system will ultimately |
| 34 |
> integrate with portage and other package managers, you may wish to take |
| 35 |
> a look at my API specifications[3] (now with flow charts!). Or, for |
| 36 |
> those who are IRC-inclined, feel free to join me in #dynusers on |
| 37 |
> freenode. |
| 38 |
> |
| 39 |
> I'll work on getting a more unified / up-to-date webpage[4] together |
| 40 |
> about his project later this week. |
| 41 |
> |
| 42 |
> [1] http://www.pioto.org/~pioto/gentoo/soc2006/doc/auth_modules.html |
| 43 |
> [2] http://www.pioto.org/~pioto/gentoo/soc2006/doc/datafiles.html |
| 44 |
> [3] http://www.pioto.org/~pioto/gentoo/soc2006/doc/API.html |
| 45 |
> [4] http://soc.pioto.org/ |
| 46 |
|
| 47 |
I know it's OT but considering your post in which you describe a possible |
| 48 |
solution for GREP 27 I ask myself if we should think about deleting unused |
| 49 |
users after uninstalling packages? Think of removing the apache user after |
| 50 |
unmerging apache itself. |
| 51 |
|
| 52 |
In recent Portage eclasses I never found functions like edeleteuser or |
| 53 |
edeletegroup (or something similar) which might do those tasks. But I'm sure |
| 54 |
it would be possible to implement them. |
Archives