User:Przemoc/Todo/Users and groups for AL 3.4: Difference between revisions
m (Fix formatting) |
m (Fix omission) |
||
Line 105: | Line 105: | ||
* [http://git.alpinelinux.org/cgit/aports/commit/?id=a835b6916533 a835b6916533] testing/[various]: Add group and use it as primary in .pre-* scripts. (2016-06-07) | * [http://git.alpinelinux.org/cgit/aports/commit/?id=a835b6916533 a835b6916533] testing/[various]: Add group and use it as primary in .pre-* scripts. (2016-06-07) | ||
They are (apart from first one) part of patch set: | They are (apart from the first one) part of patch set: | ||
* [http://lists.alpinelinux.org/alpine-aports/3059.html Pre-upgrade/pre-install addgroup/adduser fixes.] | * [http://lists.alpinelinux.org/alpine-aports/3059.html Pre-upgrade/pre-install addgroup/adduser fixes.] (15 patches) | ||
Following packages still need patches: | Following packages still need patches: |
Revision as of 10:33, 15 June 2016
What I want to do for AL.
Users and groups
Pre-install/upgrade scripts
Improvements
Make all packages create only system users and groups
(MOSTLY DONE)
Call adduser
and addgroup
with -S
option in pre-install/upgrade scripts.
It's mostly done already and only mostly, because 1) some new packages might have been added that aren't using -S
yet and 2) it introduced problems, which aren't fully fixed yet.
System user creation doesn't add same named group and uses nogroup as primary group unless explicitly specified via -G
.
It means that system user creation (adduser
with -S
option present)
differs from normal user creation (adduser
without -S
option) in more
ways than the range of used UIDs and the default GECOS field.
Normal user, when created via adduser
, gets its own automatically
created group, and this group becomes primary group of that user.
Group creation can be avoided if -G
option is used, but then already
existing group has to be provided there.
System user, when created via adduser
, never gets its own automatically
created group and by default primary group of that user becomes group
called nogroup
, unless -G
option is used to provide other already
existing group.
My commit:
* ccc056dbf9d3 Add lacking -S option (system) to adduser/addgroup in scripts. (2016-04-25)
It was part of patch set:
Corrections
Fix problems introduced by adding -S to adduser
(MOSTLY DONE)
I somehow overlooked different adduser behavior explained in above note
and thus my sole adding of -S
to adduser
calls
in commit ccc056dbf9d3
(i.e. without proper -G
option and preceding addgroup
call when needed)
proved to be drastic in effects, i.e. status quo has not been preserved,
because primary groups of those users in new Alpine Linux installations has been changed.
Alpine Linux 3.4.0 is affected by this.
Lesson relearned. Beware of such small and allegedly "cosmetic" changes!
Pre-install/upgrade scripts are already mostly fixed in master branch of aports repository.
Packages creating users that were badly touched by commit ccc056dbf9d3 and should have been already fixed:
- community/caddy
- community/domoticz
- community/oscam
- community/syncthing
- main/apache2
- main/aports-build
- main/atheme-iris
- main/clamav
- main/clamsmtp
- main/coova-chilli
- main/dhcp
- main/djbdns
- main/dovecot
- main/ez-ipupdate
- main/fetchmail
- main/freeswitch
- main/gitolite
- main/gnats
- main/gross
- main/icecast
- main/lighttpd
- main/memcached
- main/ngircd
- main/nrpe
- main/openntpd
- main/postgrey
- main/snort
- main/squid
- main/transmission
- main/znc
- testing/at
- testing/dbmail
- testing/dspam
- testing/opensips
- testing/pdns
- testing/qpage
- testing/rrdbot
- testing/wt
My commits fixing them are:
* 1de4b02204f7 main/lighttpd: Fix lighttpd user's primary group. (2016-06-03) * f27dface22b3 testing/at: Properly set primary group in .pre-install. (2016-06-07) * 40521bdafd3c main/dovecot: Properly set primary group in .pre-install. (2016-06-07) * 3c1fa46624bd main/{npre, postgrey}: Properly set primary group in .pre-install. (2016-06-07) * a7d67c695ca2 main/[various]: Add group and use it as primary in .pre-* scripts. (2016-06-07) * 5708404c50a7 community/[various]: Add group and use it as primary in .pre-* scripts. (2016-06-07) * a835b6916533 testing/[various]: Add group and use it as primary in .pre-* scripts. (2016-06-07)
They are (apart from the first one) part of patch set:
- Pre-upgrade/pre-install addgroup/adduser fixes. (15 patches)
Following packages still need patches:
- testing/buildbot
- testing/buildbot-slave
- testing/clapf