[Piuparts-commits] [piuparts] 04/07: scripts/post_setup_dummy_users: block uids likely being used by the host

Holger Levsen holger at layer-acht.org
Sat Jan 14 20:26:20 UTC 2017 

This is an automated email from the git hooks/post-receive script.

holger pushed a commit to branch develop
in repository piuparts.

commit 0dc7532830548a80f441aeb8ba3b78d6d812fbbc
Author: Andreas Beckmann <anbe at debian.org>
Date:   Sat Jan 14 19:35:28 2017 +0100

    scripts/post_setup_dummy_users: block uids likely being used by the host
    
    to avoid having (non-root) processes running in the chroot
    with ids being actively used on the host
    
    Signed-off-by: Andreas Beckmann <anbe at debian.org>
    Signed-off-by: Holger Levsen <holger at layer-acht.org>
---
 custom-scripts/scripts/post_setup_dummy_users | 15 +++++++++++++++
 debian/changelog                              |  2 ++
 2 files changed, 17 insertions(+)

diff --git a/custom-scripts/scripts/post_setup_dummy_users b/custom-scripts/scripts/post_setup_dummy_users
new file mode 100755
index 0000000..fafef0c
--- /dev/null
+++ b/custom-scripts/scripts/post_setup_dummy_users
@@ -0,0 +1,15 @@
+#!/bin/sh
+set -e
+
+case ${PIUPARTS_OBJECTS%%=*} in
+	dpkg)
+		# skip while creating the tarball
+		exit 0
+		;;
+esac
+
+for id in $(seq 100 149) $(seq 1000 1010)
+do
+	getent group $id > /dev/null || groupadd --system -g $id dummy$id
+	getent passwd $id > /dev/null || useradd --system -u $id -g 100 dummy$id
+done
diff --git a/debian/changelog b/debian/changelog
index df61643..e3af583 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -37,6 +37,8 @@ piuparts (0.74) UNRELEASED; urgency=medium
     uninstallable (or similarily broken) packages from being tested.
   * scripts/post_setup_minimize: New custom script to minimize chroots.
     - Remove tzdata and lsb-base from sid and stretch.
+  * scripts/post_setup_dummy_users: New custom script to create dummy groups
+    and users that block ids that are likely being used by the host system.
   * custom-scripts/scripts-debug-{remove,purge}: Improved debugging of
     maintainer scripts during package removal.
   * known_problems/debsums_mismatch_*.conf: Report missing symlinks and

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/piuparts/piuparts.git

More information about the Piuparts-commits mailing list