| 1 |
On 29/01/2017 19:05, Michael Orlitzky wrote: |
| 2 |
> On 01/29/2017 03:26 AM, Alan McKinnon wrote: |
| 3 |
>>> |
| 4 |
>>> Can anyone think of an upgrade path for fixed UIDs? That issue aside, I |
| 5 |
>>> may have convinced myself that fixed UIDs are better. |
| 6 |
>> |
| 7 |
>> The general process I would recommend is that if the ebuild finds the user |
| 8 |
>> already exists, leave it, it's UID and it's file ownerships alone, and keep |
| 9 |
>> them as they are. If the user does not exist then create it. |
| 10 |
> |
| 11 |
> That's what I've got it doing now... |
| 12 |
> |
| 13 |
> |
| 14 |
>> Preferably use a pre-assigned UID/GID so there is some consistency |
| 15 |
>> with most other Gentoo things out there. |
| 16 |
> |
| 17 |
> This is the only point we have left to consider. To recap, there are |
| 18 |
> three approaches to try: |
| 19 |
|
| 20 |
|
| 21 |
[snip] |
| 22 |
|
| 23 |
> 3 Mostly fixed UIDs, but with a fallback to random ones if you don't |
| 24 |
> get the UID you want. Here, everyone specifies their "preferred" |
| 25 |
> UID, and we try that first. If it doesn't work, you get the random |
| 26 |
> assignment. |
| 27 |
> |
| 28 |
> Pros (w.r.t option 2): |
| 29 |
> |
| 30 |
> * On a new installation, all of the UIDs that are assigned will |
| 31 |
> likely be fixed, so you get some of the benefit of the first |
| 32 |
> option without having to create an overlay. |
| 33 |
|
| 34 |
This is my preferred choice |
| 35 |
|
| 36 |
> |
| 37 |
> Cons (w.r.t. option 2): |
| 38 |
> |
| 39 |
> * The upgrade path is a little hairier. On an existing system, |
| 40 |
> we'll be introducing a bunch of new user packages that want |
| 41 |
> a particular UID but don't get it. On existing systems, the |
| 42 |
> UID assignment will still essentially be random. That's |
| 43 |
> problematic for packages that truly need the UID they've |
| 44 |
> requested. |
| 45 |
|
| 46 |
I say drop the upgrade path entirely. Why do you as a dev care? |
| 47 |
You've made a compelling case that making any changes at all is hairy, |
| 48 |
so don't even try and automate it. |
| 49 |
|
| 50 |
As a mere user I personally would never expect Gentoo devs to deal with |
| 51 |
this, and if there's a knob in make.conf to enable/disable such a user |
| 52 |
upgrade path, I'd probably disable it. |
| 53 |
|
| 54 |
I've had to do this exercise more times than I care to admit, usually to |
| 55 |
get multiple machines across a network in sync or to deal with nfsv3, |
| 56 |
and it's not something I'd ever dare throw a script or ebuild at. |
| 57 |
|
| 58 |
If you achieved the simpler status of new installs of packages get the |
| 59 |
preferred UID if available, then I'm 100% happy and over the moon. |
| 60 |
Everything else is my problem, not yours (although I appreciate the |
| 61 |
effort to even make the attempt) |
| 62 |
|
| 63 |
> Option #1 is pretty much dead in the water without an upgrade path. |
| 64 |
> We're considering #2 and #3 at the moment, but they're really not |
| 65 |
> that different. |
| 66 |
> |
| 67 |
> |
| 68 |
>> It could output an elog |
| 69 |
>> saying the uid/gid doesn't match the new Gentoo norm, and provide the |
| 70 |
>> commands to run to bring things into line (usermod, groupmod, find / |
| 71 |
>> -user -exec chown, etc, etc) |
| 72 |
>> |
| 73 |
> |
| 74 |
> There's no safe way to do that. If you call chown (as root) on |
| 75 |
> everything in a user-owned directory, that user can just create a |
| 76 |
> symlink to e.g. /root/.bashrc and you'll give it root. It's really a |
| 77 |
> miserable time trying to switch ownership of anything safely once it's |
| 78 |
> been created. |
| 79 |
|
| 80 |
Sure it can be done, just don't chown -R <user> ~user. DO it the VERY |
| 81 |
long way round, file by file. Say you changed user "awesome" uid 300 to 400: |
| 82 |
|
| 83 |
find / -uid 300 -exec chown awesome {} \+ |
| 84 |
|
| 85 |
It works every time, but involves " find / " - ouch - and you can't do |
| 86 |
it if the user is logged in or has running processes. This is all for |
| 87 |
system accounts, so I reckon you have a huge show stopper right there, |
| 88 |
requiring admin intervention |
| 89 |
|
| 90 |
-- |
| 91 |
Alan McKinnon |
| 92 |
alan.mckinnon@×××××.com |
Archives