/[gentoo]/xml/htdocs/proj/en/glep/glep-0027.html
Gentoo

Contents of /xml/htdocs/proj/en/glep/glep-0027.html

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.5 - (hide annotations) (download) (as text)
Tue Oct 10 20:25:14 2006 UTC (8 years, 2 months ago) by g2boojum
Branch: MAIN
Changes since 1.4: +343 -100 lines
File MIME type: text/html
regenerate all .html files

1 g2boojum 1.1 <?xml version="1.0" encoding="utf-8" ?>
2     <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3     <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
4     <!--
5     This HTML is auto-generated. DO NOT EDIT THIS FILE! If you are writing a new
6     PEP, see http://www.python.org/peps/pep-0001.html for instructions and links
7     to templates. DO NOT USE THIS HTML FILE AS YOUR TEMPLATE!
8     -->
9     <head>
10     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
11 g2boojum 1.5 <meta name="generator" content="Docutils 0.4: http://docutils.sourceforge.net/" />
12 g2boojum 1.1 <title>GLEP 27 -- Portage Management of UIDs/GIDs</title>
13 g2boojum 1.5 <style type="text/css">
14    
15     /*
16     :Author: David Goodger
17     :Contact: goodger@users.sourceforge.net
18     :date: $Date: 2003/06/02 17:03:08 $
19     :version: $Revision: 1.1 $
20     :copyright: This stylesheet has been placed in the public domain.
21    
22     Default cascading style sheet for the PEP HTML output of Docutils.
23     */
24    
25     .first {
26     margin-top: 0 }
27    
28     .last {
29     margin-bottom: 0 }
30    
31     .navigation {
32     width: 100% ;
33     background: #cc99ff ;
34     margin-top: 0px ;
35     margin-bottom: 0px }
36    
37     .navigation .navicon {
38     width: 150px ;
39     height: 35px }
40    
41     .navigation .textlinks {
42     padding-left: 1em ;
43     text-align: left }
44    
45     .navigation td, .navigation th {
46     padding-left: 0em ;
47     padding-right: 0em ;
48     vertical-align: middle }
49    
50     .rfc2822 {
51     margin-top: 0.5em ;
52     margin-left: 0.5em ;
53     margin-right: 0.5em ;
54     margin-bottom: 0em }
55    
56     .rfc2822 td {
57     text-align: left }
58    
59     .rfc2822 th.field-name {
60     text-align: right ;
61     font-family: sans-serif ;
62     padding-right: 0.5em ;
63     font-weight: bold ;
64     margin-bottom: 0em }
65    
66     a.toc-backref {
67     text-decoration: none ;
68     color: black }
69    
70     body {
71     margin: 0px ;
72     margin-bottom: 1em ;
73     padding: 0px }
74    
75     dd {
76     margin-bottom: 0.5em }
77    
78     div.section {
79     margin-left: 1em ;
80     margin-right: 1em ;
81     margin-bottom: 1.5em }
82    
83     div.section div.section {
84     margin-left: 0em ;
85     margin-right: 0em ;
86     margin-top: 1.5em }
87    
88     div.abstract {
89     margin: 2em 5em }
90    
91     div.abstract p.topic-title {
92     font-weight: bold ;
93     text-align: center }
94    
95     div.attention, div.caution, div.danger, div.error, div.hint,
96     div.important, div.note, div.tip, div.warning {
97     margin: 2em ;
98     border: medium outset ;
99     padding: 1em }
100    
101     div.attention p.admonition-title, div.caution p.admonition-title,
102     div.danger p.admonition-title, div.error p.admonition-title,
103     div.warning p.admonition-title {
104     color: red ;
105     font-weight: bold ;
106     font-family: sans-serif }
107    
108     div.hint p.admonition-title, div.important p.admonition-title,
109     div.note p.admonition-title, div.tip p.admonition-title {
110     font-weight: bold ;
111     font-family: sans-serif }
112    
113     div.figure {
114     margin-left: 2em }
115    
116     div.footer, div.header {
117     font-size: smaller }
118    
119     div.footer {
120     margin-left: 1em ;
121     margin-right: 1em }
122    
123     div.system-messages {
124     margin: 5em }
125    
126     div.system-messages h1 {
127     color: red }
128    
129     div.system-message {
130     border: medium outset ;
131     padding: 1em }
132    
133     div.system-message p.system-message-title {
134     color: red ;
135     font-weight: bold }
136    
137     div.topic {
138     margin: 2em }
139    
140     h1 {
141     font-family: sans-serif ;
142     font-size: large }
143    
144     h2 {
145     font-family: sans-serif ;
146     font-size: medium }
147    
148     h3 {
149     font-family: sans-serif ;
150     font-size: small }
151    
152     h4 {
153     font-family: sans-serif ;
154     font-style: italic ;
155     font-size: small }
156    
157     h5 {
158     font-family: sans-serif;
159     font-size: x-small }
160    
161     h6 {
162     font-family: sans-serif;
163     font-style: italic ;
164     font-size: x-small }
165    
166     .section hr {
167     width: 75% }
168    
169     ol.simple, ul.simple {
170     margin-bottom: 1em }
171    
172     ol.arabic {
173     list-style: decimal }
174    
175     ol.loweralpha {
176     list-style: lower-alpha }
177    
178     ol.upperalpha {
179     list-style: upper-alpha }
180    
181     ol.lowerroman {
182     list-style: lower-roman }
183    
184     ol.upperroman {
185     list-style: upper-roman }
186    
187     p.caption {
188     font-style: italic }
189    
190     p.credits {
191     font-style: italic ;
192     font-size: smaller }
193    
194     p.label {
195     white-space: nowrap }
196    
197     p.topic-title {
198     font-family: sans-serif ;
199     font-weight: bold }
200    
201     pre.line-block {
202     font-family: serif ;
203     font-size: 100% }
204    
205     pre.literal-block, pre.doctest-block {
206     margin-left: 2em ;
207     margin-right: 2em ;
208     background-color: #eeeeee }
209    
210     span.classifier {
211     font-family: sans-serif ;
212     font-style: oblique }
213    
214     span.classifier-delimiter {
215     font-family: sans-serif ;
216     font-weight: bold }
217    
218     span.interpreted {
219     font-family: sans-serif }
220    
221     span.option-argument {
222     font-style: italic }
223    
224     span.pre {
225     white-space: pre }
226    
227     span.problematic {
228     color: red }
229    
230     table {
231     margin-top: 0.5em ;
232     margin-bottom: 0.5em }
233    
234     td, th {
235     padding-left: 0.5em ;
236     padding-right: 0.5em ;
237     vertical-align: top }
238    
239     td.num {
240     text-align: right }
241    
242     th.field-name {
243     font-weight: bold ;
244     text-align: left ;
245     white-space: nowrap }
246    
247     h1 tt, h2 tt, h3 tt, h4 tt, h5 tt, h6 tt {
248     font-size: 100% }
249    
250     tt {
251     background-color: #eeeeee }
252    
253     ul.auto-toc {
254     list-style-type: none }
255    
256     </style>
257 g2boojum 1.1 </head>
258     <body bgcolor="white">
259     <table class="navigation" cellpadding="0" cellspacing="0"
260     width="100%" border="0">
261     <tr><td class="navicon" width="150" height="35">
262     <a href="http://www.gentoo.org/" title="Gentoo Linux Home Page">
263     <img src="http://www.gentoo.org/images/gentoo-new.gif" alt="[Gentoo]"
264     border="0" width="150" height="35" /></a></td>
265     <td class="textlinks" align="left">
266     [<b><a href="http://www.gentoo.org/">Gentoo Linux Home</a></b>]
267 g2boojum 1.5 [<b><a href="http://www.gentoo.org/peps">GLEP Index</a></b>]
268     [<b><a href="http://www.gentoo.org/proj/en/glep/glep-0027.txt">GLEP Source</a></b>]
269 g2boojum 1.1 </td></tr></table>
270 vapier 1.3 <table class="rfc2822 docutils field-list" frame="void" rules="none">
271 g2boojum 1.1 <col class="field-name" />
272     <col class="field-body" />
273     <tbody valign="top">
274     <tr class="field"><th class="field-name">GLEP:</th><td class="field-body">27</td>
275     </tr>
276     <tr class="field"><th class="field-name">Title:</th><td class="field-body">Portage Management of UIDs/GIDs</td>
277     </tr>
278 g2boojum 1.5 <tr class="field"><th class="field-name">Version:</th><td class="field-body">1.5</td>
279 g2boojum 1.1 </tr>
280 g2boojum 1.5 <tr class="field"><th class="field-name">Last-Modified:</th><td class="field-body"><a class="reference" href="http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/proj/en/glep/glep-0027.txt?cvsroot=gentoo">2005/09/18 20:48:23</a></td>
281 g2boojum 1.1 </tr>
282     <tr class="field"><th class="field-name">Author:</th><td class="field-body">Mike Frysinger &lt;vapier&#32;&#97;t&#32;gentoo.org&gt;</td>
283     </tr>
284 vapier 1.4 <tr class="field"><th class="field-name">Status:</th><td class="field-body">Approved</td>
285 g2boojum 1.1 </tr>
286     <tr class="field"><th class="field-name">Type:</th><td class="field-body">Standards Track</td>
287     </tr>
288 g2boojum 1.5 <tr class="field"><th class="field-name">Content-Type:</th><td class="field-body"><a class="reference" href="glep-0002.html">text/x-rst</a></td>
289 g2boojum 1.1 </tr>
290     <tr class="field"><th class="field-name">Created:</th><td class="field-body">29 May 2004</td>
291     </tr>
292 g2boojum 1.2 <tr class="field"><th class="field-name">Post-History:</th><td class="field-body">29-May-2004, 20-Jul-2004</td>
293 g2boojum 1.1 </tr>
294     </tbody>
295     </table>
296     <hr />
297 g2boojum 1.5 <div class="contents topic">
298     <p class="topic-title first"><a id="contents" name="contents">Contents</a></p>
299 g2boojum 1.1 <ul class="simple">
300 g2boojum 1.2 <li><a class="reference" href="#status" id="id2" name="id2">Status</a></li>
301     <li><a class="reference" href="#abstract" id="id3" name="id3">Abstract</a></li>
302     <li><a class="reference" href="#motivation" id="id4" name="id4">Motivation</a></li>
303     <li><a class="reference" href="#specification" id="id5" name="id5">Specification</a><ul>
304     <li><a class="reference" href="#portage-structure" id="id6" name="id6">Portage Structure</a><ul>
305     <li><a class="reference" href="#defining-accounts" id="id7" name="id7">Defining Accounts</a></li>
306     <li><a class="reference" href="#local-overrides" id="id8" name="id8">Local Overrides</a></li>
307 g2boojum 1.1 </ul>
308     </li>
309 g2boojum 1.2 <li><a class="reference" href="#developer-interface" id="id9" name="id9">Developer Interface</a><ul>
310     <li><a class="reference" href="#eusers-egroups" id="id10" name="id10">EUSERS + EGROUPS</a></li>
311     <li><a class="reference" href="#id1" id="id11" name="id11">Defining Accounts</a></li>
312 g2boojum 1.1 </ul>
313     </li>
314 g2boojum 1.2 <li><a class="reference" href="#user-interface" id="id12" name="id12">User Interface</a><ul>
315     <li><a class="reference" href="#users-update" id="id13" name="id13">users-update</a></li>
316     <li><a class="reference" href="#features-noautoaccts" id="id14" name="id14">FEATURES=noautoaccts</a></li>
317 g2boojum 1.1 </ul>
318     </li>
319     </ul>
320     </li>
321 g2boojum 1.2 <li><a class="reference" href="#rationale" id="id15" name="id15">Rationale</a></li>
322     <li><a class="reference" href="#backwards-compatibility" id="id16" name="id16">Backwards Compatibility</a></li>
323     <li><a class="reference" href="#references" id="id17" name="id17">References</a></li>
324     <li><a class="reference" href="#copyright" id="id18" name="id18">Copyright</a></li>
325 g2boojum 1.1 </ul>
326     </div>
327 g2boojum 1.5 <div class="section">
328     <h1><a class="toc-backref" href="#id2" id="status" name="status">Status</a></h1>
329 g2boojum 1.2 <p>This GLEP was approved as-is on 14-Jun-2004.</p>
330     </div>
331 g2boojum 1.5 <div class="section">
332     <h1><a class="toc-backref" href="#id3" id="abstract" name="abstract">Abstract</a></h1>
333     <p>The current handling of users and groups in the portage system lacks
334     policy and a decent API. We need an API that is both simple for
335 g2boojum 1.1 developers and end users.</p>
336     </div>
337 g2boojum 1.5 <div class="section">
338     <h1><a class="toc-backref" href="#id4" id="motivation" name="motivation">Motivation</a></h1>
339     <p>Currently the policy is left up to respective ebuild maintainers to
340     choose the username, id, shell settings, etc... and to have them added
341     in the right place at the right time in the right way. When the
342     addition of users was found to often times have broken logic, the
343     enewuser and enewgroup functions were designed to remove all the
344     details. However, these functions still suffer from some fundamental
345     problems. First, there is no local customization. Second, maintainers
346     still use the functions improperly (binary packages have suffered the
347     most thus far). Third, the functions are not portable across non-linux
348     systems and not friendly to cross compiling or other exotic setups.
349     There are other reasons, but these listed few are enough to warrant
350 g2boojum 1.1 change.</p>
351     </div>
352 g2boojum 1.5 <div class="section">
353     <h1><a class="toc-backref" href="#id5" id="specification" name="specification">Specification</a></h1>
354     <div class="section">
355     <h2><a class="toc-backref" href="#id6" id="portage-structure" name="portage-structure">Portage Structure</a></h2>
356     <div class="section">
357     <h3><a class="toc-backref" href="#id7" id="defining-accounts" name="defining-accounts">Defining Accounts</a></h3>
358     <p>New directories will need to be added to the rsync tree to store the files
359     that define the default values for new accounts. They will be stored on a
360     per-profile basis, that way sub-profiles may easily override parent profiles.
361     The default location will be the base profile since all other profiles inherit
362 vapier 1.3 from there.</p>
363 g2boojum 1.1 <pre class="literal-block">
364 vapier 1.3 portage/profiles/base/accounts/
365     user/&lt;username&gt;
366     group/&lt;groupname&gt;
367     accounts
368 g2boojum 1.1 </pre>
369 g2boojum 1.5 <p>The files are named with the respective user/group name since they need
370     to be unique in their respective domains. For example, the file
371     detailing the ntp user would be located accounts/user/ntp. Each
372     username file will detail the required information about each user.
373     Certain account features that exist on one class of systems (Linux) but
374     not on others (*BSD) can be redefined in their respective subprofiles. Each
375     groupname will follow similar guidelines. The accounts file will be used to
376     describe global account defaults such as the default range of 'valid system'
377     ids. For example, if the UID 123 is already used on a system, but the ntp
378     user defaults to '123', we obviously cannot just duplicate it. So we
379     would select the next available UID on the system based upon the range
380 g2boojum 1.1 defined here.</p>
381     </div>
382 g2boojum 1.5 <div class="section">
383     <h3><a class="toc-backref" href="#id8" id="local-overrides" name="local-overrides">Local Overrides</a></h3>
384     <p>Following the tried and true style of custom local portage files being
385     found in /etc/portage, this new system will follow the same. Users can
386     setup their own directory heirarchy in /etc/portage/profile/accounts/ that
387     mimics the heirarchy found in the portage tree. When portage attempts to add
388     a new user, it will first check /etc/portage/profile/accounts/user/&lt;username&gt;.
389     If it does not exist, it will simply use the default definition in the
390 g2boojum 1.1 portage tree.</p>
391     </div>
392     </div>
393 g2boojum 1.5 <div class="section">
394     <h2><a class="toc-backref" href="#id9" id="developer-interface" name="developer-interface">Developer Interface</a></h2>
395     <div class="section">
396     <h3><a class="toc-backref" href="#id10" id="eusers-egroups" name="eusers-egroups">EUSERS + EGROUPS</a></h3>
397     <p>Ebuilds that wish to add users or groups to the system must set these
398     variables. They are both space delimited lists that tells portage what
399     users/groups must be added to the system before emerging the ebuild. The
400     maintainer of the ebuild can assume the users/groups they have listed
401     exist before the functions in the ebuild (pkg_setup, src_install, etc...)
402 g2boojum 1.1 are ever run.</p>
403     </div>
404 g2boojum 1.5 <div class="section">
405     <h3><a class="toc-backref" href="#id11" id="id1" name="id1">Defining Accounts</a></h3>
406     <p>Any developer is free to add users/groups in their ebuilds provided they
407 g2boojum 1.1 create the required account definition files.</p>
408     </div>
409     </div>
410 g2boojum 1.5 <div class="section">
411     <h2><a class="toc-backref" href="#id12" id="user-interface" name="user-interface">User Interface</a></h2>
412     <div class="section">
413     <h3><a class="toc-backref" href="#id13" id="users-update" name="users-update">users-update</a></h3>
414     <p>When this script is run, all the users/groups that have been added by
415     portage to the system will be shown along with the packages that have
416     added said users/groups. Here they can delete accounts that are no longer
417     required by the currently installed packages (and optionally run a
418     script that will try to locate all files on the system that may still be
419 g2boojum 1.1 owned by the account).</p>
420     </div>
421 g2boojum 1.5 <div class="section">
422     <h3><a class="toc-backref" href="#id14" id="features-noautoaccts" name="features-noautoaccts">FEATURES=noautoaccts</a></h3>
423     <p>This is for the people who never want portage creating accounts for them.
424     When portage needs to add an account to the system but &quot;noautoaccts&quot; is
425     in FEATURES, portage will abort with a message instructing the user to
426     add the accounts that are listed in EUSERS and EGROUPS. This is
427 g2boojum 1.1 obviously a required step before the package will be emerged.</p>
428     </div>
429     </div>
430     </div>
431 g2boojum 1.5 <div class="section">
432     <h1><a class="toc-backref" href="#id15" id="rationale" name="rationale">Rationale</a></h1>
433     <p>Developers no longer have to worry about how to properly add users/groups
434     to systems and worry about whether or not their code will work on all
435     systems (LDAP vs local shadow vs cross compile vs etc...). Users can
436     easily override the defaults Gentoo has before dictated. The default
437     passwd and group database can once again be trimmed down to the barest of
438 g2boojum 1.1 accounts.</p>
439     </div>
440 g2boojum 1.5 <div class="section">
441     <h1><a class="toc-backref" href="#id16" id="backwards-compatibility" name="backwards-compatibility">Backwards Compatibility</a></h1>
442     <p>Handled in similar fashion as other portage rollouts. When using the new
443     account system, add a DEPEND for the required version of portage to the
444 g2boojum 1.1 ebuild.</p>
445     </div>
446 g2boojum 1.5 <div class="section">
447     <h1><a class="toc-backref" href="#id17" id="references" name="references">References</a></h1>
448 vapier 1.3 <table class="docutils footnote" frame="void" id="apibug" rules="none">
449 g2boojum 1.1 <colgroup><col class="label" /><col /></colgroup>
450     <tbody valign="top">
451     <tr><td class="label"><a name="apibug">[1]</a></td><td><a class="reference" href="http://bugs.gentoo.org/show_bug.cgi?id=8634">http://bugs.gentoo.org/show_bug.cgi?id=8634</a></td></tr>
452     </tbody>
453     </table>
454     </div>
455 g2boojum 1.5 <div class="section">
456     <h1><a class="toc-backref" href="#id18" id="copyright" name="copyright">Copyright</a></h1>
457 g2boojum 1.1 <p>This document has been placed in the public domain.</p>
458     </div>
459 vapier 1.3
460 g2boojum 1.1 </div>
461 vapier 1.3 <div class="footer">
462 g2boojum 1.2 <hr class="footer" />
463 g2boojum 1.1 <a class="reference" href="glep-0027.txt">View document source</a>.
464 g2boojum 1.5 Generated on: 2006-10-10 20:23 UTC.
465 g2boojum 1.1 Generated by <a class="reference" href="http://docutils.sourceforge.net/">Docutils</a> from <a class="reference" href="http://docutils.sourceforge.net/rst.html">reStructuredText</a> source.
466 vapier 1.3
467 g2boojum 1.1 </div>
468     </body>
469     </html>

  ViewVC Help
Powered by ViewVC 1.1.20