1 |
Am Montag, 4. September 2006 04:42 schrieb Mike Kelly: |
2 |
> On Sun, 03 Sep 2006 18:11:12 +0200 |
3 |
> |
4 |
> Christian Affolter <c.affolter@××××××××××××××.ch> wrote: |
5 |
> > As soon as the shadow chroot patch [2] from GLEP 27 [3] is |
6 |
> > implemented, we will be able to build striped down gentoo instances |
7 |
> > without any development dependencies (with the help of the emerge |
8 |
> > ROOT environment variable) in a sane and easy way. |
9 |
> > |
10 |
> > [2] |
11 |
> > http://soc.gentoo.org/viewcvs.py/glep0027/patches/shadow-4.0.16-chroot.pa |
12 |
> >tch?rev=48&view=markup [3] |
13 |
> > http://www.gentoo.org/proj/en/glep/glep-0027.html [4] |
14 |
> |
15 |
> Hello, |
16 |
> |
17 |
> Nice to be mentioned :-p |
18 |
> |
19 |
> In regards to the shadow chroot patch, I'm poking at that bit by bit, |
20 |
> but I think that the upstream author is already considering doing |
21 |
> something similar to this. I've got a good idea of what needs to be |
22 |
> done when it is built w/o PAM, but when PAM comes into play, it gets |
23 |
> tricky. |
24 |
> |
25 |
> In regards to the GLEP 27 stuff in general, I have a project which is |
26 |
> still at a fairly alpha level, but I would appreciate contributions of |
27 |
> auth system helper scripts for any and all architectures / userlands. |
28 |
> I've written up some documentation with some examples [1]. Also, I'd |
29 |
> appreciate folks who know packages well (like apache, etc) writing the |
30 |
> proper user/group data files for them (this format is also |
31 |
> documented[2]). |
32 |
> |
33 |
> For those a little more curious about how this system will ultimately |
34 |
> integrate with portage and other package managers, you may wish to take |
35 |
> a look at my API specifications[3] (now with flow charts!). Or, for |
36 |
> those who are IRC-inclined, feel free to join me in #dynusers on |
37 |
> freenode. |
38 |
> |
39 |
> I'll work on getting a more unified / up-to-date webpage[4] together |
40 |
> about his project later this week. |
41 |
> |
42 |
> [1] http://www.pioto.org/~pioto/gentoo/soc2006/doc/auth_modules.html |
43 |
> [2] http://www.pioto.org/~pioto/gentoo/soc2006/doc/datafiles.html |
44 |
> [3] http://www.pioto.org/~pioto/gentoo/soc2006/doc/API.html |
45 |
> [4] http://soc.pioto.org/ |
46 |
|
47 |
I know it's OT but considering your post in which you describe a possible |
48 |
solution for GREP 27 I ask myself if we should think about deleting unused |
49 |
users after uninstalling packages? Think of removing the apache user after |
50 |
unmerging apache itself. |
51 |
|
52 |
In recent Portage eclasses I never found functions like edeleteuser or |
53 |
edeletegroup (or something similar) which might do those tasks. But I'm sure |
54 |
it would be possible to implement them. |