| 1 |
On Fri, 30 Mar 2018 18:52:18 +0000 (UTC) |
| 2 |
Farid BENAMROUCHE <fariouche@×××××.fr> wrote: |
| 3 |
|
| 4 |
> Yes, two years ago I've posted here to notify you about the creattion of users and groups when using "ROOT=". |
| 5 |
> As a reminder, if you currently emerge a package to a specific rootfs folder, some packages will actually not create the user and groups correctly inside this rootfs. |
| 6 |
> It will also not check for the existance of the user/group inside of the rootfs. |
| 7 |
> Everytime, it will check "/". |
| 8 |
> |
| 9 |
> This very old gentoo issue (I have to find again the GLEP talking about this issue). |
| 10 |
> |
| 11 |
> The solution is not possible without changing the behaviour of the tools used by portage. For example, portage is using shadow in most systems (and shadow is using the glibc). |
| 12 |
|
| 13 |
Hi, |
| 14 |
|
| 15 |
I have an interest this and was one of the early commenters in bug |
| 16 |
#541406. I made my own suggestions about how this might work. Your |
| 17 |
solution is cleaner in that it doesn't require modifying the users in |
| 18 |
the / system but it does require significant changes to tools, |
| 19 |
eclasses, and ebuilds so I'm on the fence about it. |
| 20 |
|
| 21 |
I did just have a lightbulb moment though. I've been playing with |
| 22 |
unshare recently and I wondered if we could leverage it here. First I |
| 23 |
tried this. |
| 24 |
|
| 25 |
$ sudo unshare -m /bin/sh -c "mount --bind /mnt/somewhere/etc/group /etc/group && groupadd foo" |
| 26 |
groupadd: failure while writing changes to /etc/group |
| 27 |
|
| 28 |
It is possible to bind mount individual files but it doesn't work here |
| 29 |
because it tries to rename /etc/group to made a backup. Next I tried |
| 30 |
the whole directory but it gives a strange error. |
| 31 |
|
| 32 |
$ sudo unshare -m /bin/sh -c "mount --bind /mnt/somewhere/etc /etc && groupadd foo" |
| 33 |
groupadd: Cannot determine your user name. |
| 34 |
|
| 35 |
This reveals more. |
| 36 |
|
| 37 |
$ sudo unshare -m /bin/sh -c "id && mount --bind /mnt/utilite/mnt/moi/etc /etc && id" |
| 38 |
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),20(dialout),26(tape),27(video) |
| 39 |
uid=0 gid=0 groups=0,1,2,3,4,6,10,11,20,26,27 |
| 40 |
|
| 41 |
I'm not sure why the IDs break like this and strace doesn't make it any |
| 42 |
clearer. This seems like a route worth pursuing though because you |
| 43 |
could create a bunch of wrappers for useradd, groupadd, chown and so on |
| 44 |
and it would then all work transparently, even when not using the |
| 45 |
eclass functions. |
| 46 |
|
| 47 |
Regards, |
| 48 |
-- |
| 49 |
James Le Cuirot (chewi) |
| 50 |
Gentoo Linux Developer |
Archives