Gentoo Archives: gentoo-dev

From: Jaco Kroon <jaco@××××××.za>
To: gentoo-dev@l.g.o
Subject: [gentoo-dev] dynamic groups and users
Date: Thu, 01 Aug 2019 19:04:47
Message-Id: 76000f9a-31ac-f652-797a-d7494edac176@uls.co.za
Hi,

Looking at the new eclasses for acct-user and acct-group.

These enforce that a group and user id should be set.

This is not a requirement for enewuser nor enewgroup.

As a further discrepancy, the user eclass requires >0 for the IDs, 
whereas the checks in acct-user and acct-group is for >= 0.

Would it be ok to suggest that we allow -1 (or 0, but that could be 
confused with the root user/group) in acct-user and acct-group to 
specify "no specific id, please allocate dynamically"?

Use case:  I'm building some experimental packages in an overlay, and I 
really don't care what the UID and GID values are, I just need something 
unique on the host I can use to avoid running the service as root.  
Guessing I could just manually useradd -r but then again ... if I do 
later submit these into the main tree (or other packages) then it 
becomes a problem, and maintaining acct-{user,group}/* outside of main 
tree could conflict with main tree at a later stage ... either way, 
having some way to say "I honestly don't care, just give me a random 
number" is probably a good thing.

Kind Regards,
Jaco

Replies

Subject Author
Re: [gentoo-dev] dynamic groups and users Mike Gilbert <floppym@g.o>
Re: [gentoo-dev] dynamic groups and users "Michał Górny" <mgorny@g.o>
Re: [gentoo-dev] dynamic groups and users "Michał Górny" <mgorny@g.o>