1 |
On Fri, 30 Mar 2018 18:52:18 +0000 (UTC) |
2 |
Farid BENAMROUCHE <fariouche@×××××.fr> wrote: |
3 |
|
4 |
> Yes, two years ago I've posted here to notify you about the creattion of users and groups when using "ROOT=". |
5 |
> As a reminder, if you currently emerge a package to a specific rootfs folder, some packages will actually not create the user and groups correctly inside this rootfs. |
6 |
> It will also not check for the existance of the user/group inside of the rootfs. |
7 |
> Everytime, it will check "/". |
8 |
> |
9 |
> This very old gentoo issue (I have to find again the GLEP talking about this issue). |
10 |
> |
11 |
> The solution is not possible without changing the behaviour of the tools used by portage. For example, portage is using shadow in most systems (and shadow is using the glibc). |
12 |
|
13 |
Hi, |
14 |
|
15 |
I have an interest this and was one of the early commenters in bug |
16 |
#541406. I made my own suggestions about how this might work. Your |
17 |
solution is cleaner in that it doesn't require modifying the users in |
18 |
the / system but it does require significant changes to tools, |
19 |
eclasses, and ebuilds so I'm on the fence about it. |
20 |
|
21 |
I did just have a lightbulb moment though. I've been playing with |
22 |
unshare recently and I wondered if we could leverage it here. First I |
23 |
tried this. |
24 |
|
25 |
$ sudo unshare -m /bin/sh -c "mount --bind /mnt/somewhere/etc/group /etc/group && groupadd foo" |
26 |
groupadd: failure while writing changes to /etc/group |
27 |
|
28 |
It is possible to bind mount individual files but it doesn't work here |
29 |
because it tries to rename /etc/group to made a backup. Next I tried |
30 |
the whole directory but it gives a strange error. |
31 |
|
32 |
$ sudo unshare -m /bin/sh -c "mount --bind /mnt/somewhere/etc /etc && groupadd foo" |
33 |
groupadd: Cannot determine your user name. |
34 |
|
35 |
This reveals more. |
36 |
|
37 |
$ sudo unshare -m /bin/sh -c "id && mount --bind /mnt/utilite/mnt/moi/etc /etc && id" |
38 |
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),20(dialout),26(tape),27(video) |
39 |
uid=0 gid=0 groups=0,1,2,3,4,6,10,11,20,26,27 |
40 |
|
41 |
I'm not sure why the IDs break like this and strace doesn't make it any |
42 |
clearer. This seems like a route worth pursuing though because you |
43 |
could create a bunch of wrappers for useradd, groupadd, chown and so on |
44 |
and it would then all work transparently, even when not using the |
45 |
eclass functions. |
46 |
|
47 |
Regards, |
48 |
-- |
49 |
James Le Cuirot (chewi) |
50 |
Gentoo Linux Developer |