/[gentoo]/xml/htdocs/proj/en/glep/glep-0027.html
Gentoo

Contents of /xml/htdocs/proj/en/glep/glep-0027.html

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.4 - (hide annotations) (download) (as text)
Sun Sep 18 20:48:23 2005 UTC (9 years, 3 months ago) by vapier
Branch: MAIN
Changes since 1.3: +4 -4 lines
File MIME type: text/html
this glep has been approved ...

1 g2boojum 1.1 <?xml version="1.0" encoding="utf-8" ?>
2     <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3     <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
4     <!--
5     This HTML is auto-generated. DO NOT EDIT THIS FILE! If you are writing a new
6     PEP, see http://www.python.org/peps/pep-0001.html for instructions and links
7     to templates. DO NOT USE THIS HTML FILE AS YOUR TEMPLATE!
8     -->
9     <head>
10     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
11 vapier 1.3 <meta name="generator" content="Docutils 0.3.9: http://docutils.sourceforge.net/" />
12 g2boojum 1.1 <title>GLEP 27 -- Portage Management of UIDs/GIDs</title>
13     <link rel="stylesheet" href="tools/glep.css" type="text/css" />
14     </head>
15     <body bgcolor="white">
16     <table class="navigation" cellpadding="0" cellspacing="0"
17     width="100%" border="0">
18     <tr><td class="navicon" width="150" height="35">
19     <a href="http://www.gentoo.org/" title="Gentoo Linux Home Page">
20     <img src="http://www.gentoo.org/images/gentoo-new.gif" alt="[Gentoo]"
21     border="0" width="150" height="35" /></a></td>
22     <td class="textlinks" align="left">
23     [<b><a href="http://www.gentoo.org/">Gentoo Linux Home</a></b>]
24     [<b><a href="http://www.gentoo.org/proj/en/glep">GLEP Index</a></b>]
25 g2boojum 1.2 [<b><a href="./glep-0027.txt">GLEP Source</a></b>]
26 g2boojum 1.1 </td></tr></table>
27 vapier 1.3 <table class="rfc2822 docutils field-list" frame="void" rules="none">
28 g2boojum 1.1 <col class="field-name" />
29     <col class="field-body" />
30     <tbody valign="top">
31     <tr class="field"><th class="field-name">GLEP:</th><td class="field-body">27</td>
32     </tr>
33     <tr class="field"><th class="field-name">Title:</th><td class="field-body">Portage Management of UIDs/GIDs</td>
34     </tr>
35 vapier 1.4 <tr class="field"><th class="field-name">Version:</th><td class="field-body">1.4</td>
36 g2boojum 1.1 </tr>
37 vapier 1.4 <tr class="field"><th class="field-name">Last-Modified:</th><td class="field-body"><a class="reference" href="http://www.gentoo.org/cgi-bin/viewcvs/xml/htdocs/proj/en/glep/glep-0027.txt?cvsroot=gentoo">2005/09/15 02:39:54</a></td>
38 g2boojum 1.1 </tr>
39     <tr class="field"><th class="field-name">Author:</th><td class="field-body">Mike Frysinger &lt;vapier&#32;&#97;t&#32;gentoo.org&gt;</td>
40     </tr>
41 vapier 1.4 <tr class="field"><th class="field-name">Status:</th><td class="field-body">Approved</td>
42 g2boojum 1.1 </tr>
43     <tr class="field"><th class="field-name">Type:</th><td class="field-body">Standards Track</td>
44     </tr>
45 vapier 1.3 <tr class="field"><th class="field-name">Content-Type:</th><td class="field-body"><a class="reference" href="http://www.python.org/peps/glep-0012.html">text/x-rst</a></td>
46 g2boojum 1.1 </tr>
47     <tr class="field"><th class="field-name">Created:</th><td class="field-body">29 May 2004</td>
48     </tr>
49 g2boojum 1.2 <tr class="field"><th class="field-name">Post-History:</th><td class="field-body">29-May-2004, 20-Jul-2004</td>
50 g2boojum 1.1 </tr>
51     </tbody>
52     </table>
53     <hr />
54     <div class="contents topic" id="contents">
55 g2boojum 1.2 <p class="topic-title first"><a name="contents">Contents</a></p>
56 g2boojum 1.1 <ul class="simple">
57 g2boojum 1.2 <li><a class="reference" href="#status" id="id2" name="id2">Status</a></li>
58     <li><a class="reference" href="#abstract" id="id3" name="id3">Abstract</a></li>
59     <li><a class="reference" href="#motivation" id="id4" name="id4">Motivation</a></li>
60     <li><a class="reference" href="#specification" id="id5" name="id5">Specification</a><ul>
61     <li><a class="reference" href="#portage-structure" id="id6" name="id6">Portage Structure</a><ul>
62     <li><a class="reference" href="#defining-accounts" id="id7" name="id7">Defining Accounts</a></li>
63     <li><a class="reference" href="#local-overrides" id="id8" name="id8">Local Overrides</a></li>
64 g2boojum 1.1 </ul>
65     </li>
66 g2boojum 1.2 <li><a class="reference" href="#developer-interface" id="id9" name="id9">Developer Interface</a><ul>
67     <li><a class="reference" href="#eusers-egroups" id="id10" name="id10">EUSERS + EGROUPS</a></li>
68     <li><a class="reference" href="#id1" id="id11" name="id11">Defining Accounts</a></li>
69 g2boojum 1.1 </ul>
70     </li>
71 g2boojum 1.2 <li><a class="reference" href="#user-interface" id="id12" name="id12">User Interface</a><ul>
72     <li><a class="reference" href="#users-update" id="id13" name="id13">users-update</a></li>
73     <li><a class="reference" href="#features-noautoaccts" id="id14" name="id14">FEATURES=noautoaccts</a></li>
74 g2boojum 1.1 </ul>
75     </li>
76     </ul>
77     </li>
78 g2boojum 1.2 <li><a class="reference" href="#rationale" id="id15" name="id15">Rationale</a></li>
79     <li><a class="reference" href="#backwards-compatibility" id="id16" name="id16">Backwards Compatibility</a></li>
80     <li><a class="reference" href="#references" id="id17" name="id17">References</a></li>
81     <li><a class="reference" href="#copyright" id="id18" name="id18">Copyright</a></li>
82 g2boojum 1.1 </ul>
83     </div>
84 g2boojum 1.2 <div class="section" id="status">
85     <h1><a class="toc-backref" href="#id2" name="status">Status</a></h1>
86     <p>This GLEP was approved as-is on 14-Jun-2004.</p>
87     </div>
88 g2boojum 1.1 <div class="section" id="abstract">
89 g2boojum 1.2 <h1><a class="toc-backref" href="#id3" name="abstract">Abstract</a></h1>
90 g2boojum 1.1 <p>The current handling of users and groups in the portage system lacks
91     policy and a decent API. We need an API that is both simple for
92     developers and end users.</p>
93     </div>
94     <div class="section" id="motivation">
95 g2boojum 1.2 <h1><a class="toc-backref" href="#id4" name="motivation">Motivation</a></h1>
96 g2boojum 1.1 <p>Currently the policy is left up to respective ebuild maintainers to
97     choose the username, id, shell settings, etc... and to have them added
98     in the right place at the right time in the right way. When the
99     addition of users was found to often times have broken logic, the
100     enewuser and enewgroup functions were designed to remove all the
101     details. However, these functions still suffer from some fundamental
102     problems. First, there is no local customization. Second, maintainers
103     still use the functions improperly (binary packages have suffered the
104     most thus far). Third, the functions are not portable across non-linux
105     systems and not friendly to cross compiling or other exotic setups.
106     There are other reasons, but these listed few are enough to warrant
107     change.</p>
108     </div>
109     <div class="section" id="specification">
110 g2boojum 1.2 <h1><a class="toc-backref" href="#id5" name="specification">Specification</a></h1>
111 g2boojum 1.1 <div class="section" id="portage-structure">
112 g2boojum 1.2 <h2><a class="toc-backref" href="#id6" name="portage-structure">Portage Structure</a></h2>
113 g2boojum 1.1 <div class="section" id="defining-accounts">
114 g2boojum 1.2 <h3><a class="toc-backref" href="#id7" name="defining-accounts">Defining Accounts</a></h3>
115 vapier 1.3 <p>New directories will need to be added to the rsync tree to store the files
116     that define the default values for new accounts. They will be stored on a
117     per-profile basis, that way sub-profiles may easily override parent profiles.
118     The default location will be the base profile since all other profiles inherit
119     from there.</p>
120 g2boojum 1.1 <pre class="literal-block">
121 vapier 1.3 portage/profiles/base/accounts/
122     user/&lt;username&gt;
123     group/&lt;groupname&gt;
124     accounts
125 g2boojum 1.1 </pre>
126     <p>The files are named with the respective user/group name since they need
127     to be unique in their respective domains. For example, the file
128 vapier 1.3 detailing the ntp user would be located accounts/user/ntp. Each
129     username file will detail the required information about each user.
130 g2boojum 1.1 Certain account features that exist on one class of systems (Linux) but
131 vapier 1.3 not on others (*BSD) can be redefined in their respective subprofiles. Each
132     groupname will follow similar guidelines. The accounts file will be used to
133     describe global account defaults such as the default range of 'valid system'
134     ids. For example, if the UID 123 is already used on a system, but the ntp
135 g2boojum 1.1 user defaults to '123', we obviously cannot just duplicate it. So we
136     would select the next available UID on the system based upon the range
137     defined here.</p>
138     </div>
139     <div class="section" id="local-overrides">
140 g2boojum 1.2 <h3><a class="toc-backref" href="#id8" name="local-overrides">Local Overrides</a></h3>
141 g2boojum 1.1 <p>Following the tried and true style of custom local portage files being
142     found in /etc/portage, this new system will follow the same. Users can
143 vapier 1.3 setup their own directory heirarchy in /etc/portage/profile/accounts/ that
144     mimics the heirarchy found in the portage tree. When portage attempts to add
145     a new user, it will first check /etc/portage/profile/accounts/user/&lt;username&gt;.
146 g2boojum 1.1 If it does not exist, it will simply use the default definition in the
147     portage tree.</p>
148     </div>
149     </div>
150     <div class="section" id="developer-interface">
151 g2boojum 1.2 <h2><a class="toc-backref" href="#id9" name="developer-interface">Developer Interface</a></h2>
152 g2boojum 1.1 <div class="section" id="eusers-egroups">
153 g2boojum 1.2 <h3><a class="toc-backref" href="#id10" name="eusers-egroups">EUSERS + EGROUPS</a></h3>
154 g2boojum 1.1 <p>Ebuilds that wish to add users or groups to the system must set these
155     variables. They are both space delimited lists that tells portage what
156     users/groups must be added to the system before emerging the ebuild. The
157     maintainer of the ebuild can assume the users/groups they have listed
158     exist before the functions in the ebuild (pkg_setup, src_install, etc...)
159     are ever run.</p>
160     </div>
161     <div class="section" id="id1">
162 g2boojum 1.2 <h3><a class="toc-backref" href="#id11" name="id1">Defining Accounts</a></h3>
163 g2boojum 1.1 <p>Any developer is free to add users/groups in their ebuilds provided they
164     create the required account definition files.</p>
165     </div>
166     </div>
167     <div class="section" id="user-interface">
168 g2boojum 1.2 <h2><a class="toc-backref" href="#id12" name="user-interface">User Interface</a></h2>
169 g2boojum 1.1 <div class="section" id="users-update">
170 g2boojum 1.2 <h3><a class="toc-backref" href="#id13" name="users-update">users-update</a></h3>
171 g2boojum 1.1 <p>When this script is run, all the users/groups that have been added by
172     portage to the system will be shown along with the packages that have
173     added said users/groups. Here they can delete accounts that are no longer
174     required by the currently installed packages (and optionally run a
175     script that will try to locate all files on the system that may still be
176     owned by the account).</p>
177     </div>
178     <div class="section" id="features-noautoaccts">
179 g2boojum 1.2 <h3><a class="toc-backref" href="#id14" name="features-noautoaccts">FEATURES=noautoaccts</a></h3>
180 g2boojum 1.1 <p>This is for the people who never want portage creating accounts for them.
181     When portage needs to add an account to the system but &quot;noautoaccts&quot; is
182     in FEATURES, portage will abort with a message instructing the user to
183     add the accounts that are listed in EUSERS and EGROUPS. This is
184     obviously a required step before the package will be emerged.</p>
185     </div>
186     </div>
187     </div>
188     <div class="section" id="rationale">
189 g2boojum 1.2 <h1><a class="toc-backref" href="#id15" name="rationale">Rationale</a></h1>
190 g2boojum 1.1 <p>Developers no longer have to worry about how to properly add users/groups
191     to systems and worry about whether or not their code will work on all
192     systems (LDAP vs local shadow vs cross compile vs etc...). Users can
193     easily override the defaults Gentoo has before dictated. The default
194     passwd and group database can once again be trimmed down to the barest of
195     accounts.</p>
196     </div>
197     <div class="section" id="backwards-compatibility">
198 g2boojum 1.2 <h1><a class="toc-backref" href="#id16" name="backwards-compatibility">Backwards Compatibility</a></h1>
199 g2boojum 1.1 <p>Handled in similar fashion as other portage rollouts. When using the new
200     account system, add a DEPEND for the required version of portage to the
201     ebuild.</p>
202     </div>
203     <div class="section" id="references">
204 g2boojum 1.2 <h1><a class="toc-backref" href="#id17" name="references">References</a></h1>
205 vapier 1.3 <table class="docutils footnote" frame="void" id="apibug" rules="none">
206 g2boojum 1.1 <colgroup><col class="label" /><col /></colgroup>
207     <tbody valign="top">
208     <tr><td class="label"><a name="apibug">[1]</a></td><td><a class="reference" href="http://bugs.gentoo.org/show_bug.cgi?id=8634">http://bugs.gentoo.org/show_bug.cgi?id=8634</a></td></tr>
209     </tbody>
210     </table>
211     </div>
212     <div class="section" id="copyright">
213 g2boojum 1.2 <h1><a class="toc-backref" href="#id18" name="copyright">Copyright</a></h1>
214 g2boojum 1.1 <p>This document has been placed in the public domain.</p>
215     </div>
216 vapier 1.3
217 g2boojum 1.1 </div>
218 vapier 1.3 <div class="footer">
219 g2boojum 1.2 <hr class="footer" />
220 g2boojum 1.1 <a class="reference" href="glep-0027.txt">View document source</a>.
221 vapier 1.4 Generated on: 2005-09-18 20:48 UTC.
222 g2boojum 1.1 Generated by <a class="reference" href="http://docutils.sourceforge.net/">Docutils</a> from <a class="reference" href="http://docutils.sourceforge.net/rst.html">reStructuredText</a> source.
223 vapier 1.3
224 g2boojum 1.1 </div>
225     </body>
226     </html>

  ViewVC Help
Powered by ViewVC 1.1.20