[Pkg-shadow-devel] /usr/lib/passwd and OSTree
Colin Walters
walters at verbum.org
Fri Mar 7 19:48:43 UTC 2014
Hi,
I'd like to talk about my shadow-utils patch that lives here:
http://fedorapeople.org/~walters/Use-usr-lib-passwd-for-system-users-if-it-exists.patch
The commit message links to the Sourceware bug which has some
rationale, but let me retype it here briefly:
OSTree is a new general-purpose upgrade system for Linux-based
operating systems, designed to *complement* existing package systems
like dpkg/rpm. You feed it packages on the build server, and clients
merely pull from the repository.
In this model, there is no %post/postinst - no code execution at all.
That means no calls to /usr/sbin/adduser to add new system users from
new packages.
In order to make this work then, the system users come in
/usr/lib/passwd, and any end up in /etc/passwd.
On the client side, https://github.com/aperezdc/nss-altfiles is used as
a NSS module to tell glibc to find the file.
Fortuitously, shadow-utils already has a '-r' option to specify a
system user. So on the build server side, any RPMs whose %post calls
out to useradd will go in /usr/lib/passwd (if it exists).
The last bit is important - the patch checks to see if /usr/lib/passwd
exists, if it doesn't, the users end up in the traditional /etc/passwd,
so RPM/dpkg continue to work as is.
Comments appreciated!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/attachments/20140307/0e1bb01f/attachment.html>
More information about the Pkg-shadow-devel
mailing list