/[gentoo]/xml/htdocs/proj/en/glep/glep-0027.html
Gentoo

Diff of /xml/htdocs/proj/en/glep/glep-0027.html

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.1 Revision 1.3
6PEP, see http://www.python.org/peps/pep-0001.html for instructions and links 6PEP, see http://www.python.org/peps/pep-0001.html for instructions and links
7to templates. DO NOT USE THIS HTML FILE AS YOUR TEMPLATE! 7to templates. DO NOT USE THIS HTML FILE AS YOUR TEMPLATE!
8--> 8-->
9<head> 9<head>
10 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> 10 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
11 <meta name="generator" content="Docutils 0.3.0: http://docutils.sourceforge.net/" /> 11 <meta name="generator" content="Docutils 0.3.9: http://docutils.sourceforge.net/" />
12 <title>GLEP 27 -- Portage Management of UIDs/GIDs</title> 12 <title>GLEP 27 -- Portage Management of UIDs/GIDs</title>
13 <link rel="stylesheet" href="tools/glep.css" type="text/css" /> 13 <link rel="stylesheet" href="tools/glep.css" type="text/css" />
14</head> 14</head>
15<body bgcolor="white"> 15<body bgcolor="white">
16<table class="navigation" cellpadding="0" cellspacing="0" 16<table class="navigation" cellpadding="0" cellspacing="0"
20<img src="http://www.gentoo.org/images/gentoo-new.gif" alt="[Gentoo]" 20<img src="http://www.gentoo.org/images/gentoo-new.gif" alt="[Gentoo]"
21 border="0" width="150" height="35" /></a></td> 21 border="0" width="150" height="35" /></a></td>
22<td class="textlinks" align="left"> 22<td class="textlinks" align="left">
23[<b><a href="http://www.gentoo.org/">Gentoo Linux Home</a></b>] 23[<b><a href="http://www.gentoo.org/">Gentoo Linux Home</a></b>]
24[<b><a href="http://www.gentoo.org/proj/en/glep">GLEP Index</a></b>] 24[<b><a href="http://www.gentoo.org/proj/en/glep">GLEP Index</a></b>]
25[<b><a href="http://www.gentoo.org/proj/en/glep/glep-0027.txt">GLEP Source</a></b>] 25[<b><a href="./glep-0027.txt">GLEP Source</a></b>]
26</td></tr></table> 26</td></tr></table>
27<div class="document">
28<table class="rfc2822 field-list" frame="void" rules="none"> 27<table class="rfc2822 docutils field-list" frame="void" rules="none">
29<col class="field-name" /> 28<col class="field-name" />
30<col class="field-body" /> 29<col class="field-body" />
31<tbody valign="top"> 30<tbody valign="top">
32<tr class="field"><th class="field-name">GLEP:</th><td class="field-body">27</td> 31<tr class="field"><th class="field-name">GLEP:</th><td class="field-body">27</td>
33</tr> 32</tr>
34<tr class="field"><th class="field-name">Title:</th><td class="field-body">Portage Management of UIDs/GIDs</td> 33<tr class="field"><th class="field-name">Title:</th><td class="field-body">Portage Management of UIDs/GIDs</td>
35</tr> 34</tr>
36<tr class="field"><th class="field-name">Version:</th><td class="field-body">1.1</td> 35<tr class="field"><th class="field-name">Version:</th><td class="field-body">1.3</td>
37</tr> 36</tr>
38<tr class="field"><th class="field-name">Last-Modified:</th><td class="field-body"><a class="reference" href="http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/proj/en/glep/glep-0027.txt?cvsroot=gentoo">2004/05/29 14:31:58</a></td> 37<tr class="field"><th class="field-name">Last-Modified:</th><td class="field-body"><a class="reference" href="http://www.gentoo.org/cgi-bin/viewcvs/xml/htdocs/proj/en/glep/glep-0027.txt?cvsroot=gentoo">2004/07/20 18:19:27</a></td>
39</tr> 38</tr>
40<tr class="field"><th class="field-name">Author:</th><td class="field-body">Mike Frysinger &lt;vapier&#32;&#97;t&#32;gentoo.org&gt;</td> 39<tr class="field"><th class="field-name">Author:</th><td class="field-body">Mike Frysinger &lt;vapier&#32;&#97;t&#32;gentoo.org&gt;</td>
41</tr> 40</tr>
42<tr class="field"><th class="field-name">Status:</th><td class="field-body">Draft</td> 41<tr class="field"><th class="field-name">Status:</th><td class="field-body">Draft</td>
43</tr> 42</tr>
44<tr class="field"><th class="field-name">Type:</th><td class="field-body">Standards Track</td> 43<tr class="field"><th class="field-name">Type:</th><td class="field-body">Standards Track</td>
45</tr> 44</tr>
46<tr class="field"><th class="field-name">Content-Type:</th><td class="field-body"><a class="reference" href="glep-0002.html">text/x-rst</a></td> 45<tr class="field"><th class="field-name">Content-Type:</th><td class="field-body"><a class="reference" href="http://www.python.org/peps/glep-0012.html">text/x-rst</a></td>
47</tr> 46</tr>
48<tr class="field"><th class="field-name">Created:</th><td class="field-body">29 May 2004</td> 47<tr class="field"><th class="field-name">Created:</th><td class="field-body">29 May 2004</td>
49</tr> 48</tr>
50<tr class="field"><th class="field-name">Post-History:</th><td class="field-body">29-May-2004</td> 49<tr class="field"><th class="field-name">Post-History:</th><td class="field-body">29-May-2004, 20-Jul-2004</td>
51</tr> 50</tr>
52</tbody> 51</tbody>
53</table> 52</table>
54<hr /> 53<hr />
55<div class="contents topic" id="contents"> 54<div class="contents topic" id="contents">
56<p class="topic-title"><a name="contents">Contents</a></p> 55<p class="topic-title first"><a name="contents">Contents</a></p>
57<ul class="simple"> 56<ul class="simple">
57<li><a class="reference" href="#status" id="id2" name="id2">Status</a></li>
58<li><a class="reference" href="#abstract" id="id2" name="id2">Abstract</a></li> 58<li><a class="reference" href="#abstract" id="id3" name="id3">Abstract</a></li>
59<li><a class="reference" href="#motivation" id="id3" name="id3">Motivation</a></li> 59<li><a class="reference" href="#motivation" id="id4" name="id4">Motivation</a></li>
60<li><a class="reference" href="#specification" id="id4" name="id4">Specification</a><ul> 60<li><a class="reference" href="#specification" id="id5" name="id5">Specification</a><ul>
61<li><a class="reference" href="#portage-structure" id="id5" name="id5">Portage Structure</a><ul> 61<li><a class="reference" href="#portage-structure" id="id6" name="id6">Portage Structure</a><ul>
62<li><a class="reference" href="#defining-accounts" id="id6" name="id6">Defining Accounts</a></li> 62<li><a class="reference" href="#defining-accounts" id="id7" name="id7">Defining Accounts</a></li>
63<li><a class="reference" href="#local-overrides" id="id7" name="id7">Local Overrides</a></li> 63<li><a class="reference" href="#local-overrides" id="id8" name="id8">Local Overrides</a></li>
64</ul>
65</li> 64</ul>
65</li>
66<li><a class="reference" href="#developer-interface" id="id8" name="id8">Developer Interface</a><ul> 66<li><a class="reference" href="#developer-interface" id="id9" name="id9">Developer Interface</a><ul>
67<li><a class="reference" href="#eusers-egroups" id="id9" name="id9">EUSERS + EGROUPS</a></li> 67<li><a class="reference" href="#eusers-egroups" id="id10" name="id10">EUSERS + EGROUPS</a></li>
68<li><a class="reference" href="#id1" id="id10" name="id10">Defining Accounts</a></li> 68<li><a class="reference" href="#id1" id="id11" name="id11">Defining Accounts</a></li>
69</ul>
70</li> 69</ul>
70</li>
71<li><a class="reference" href="#user-interface" id="id11" name="id11">User Interface</a><ul> 71<li><a class="reference" href="#user-interface" id="id12" name="id12">User Interface</a><ul>
72<li><a class="reference" href="#users-update" id="id12" name="id12">users-update</a></li> 72<li><a class="reference" href="#users-update" id="id13" name="id13">users-update</a></li>
73<li><a class="reference" href="#features-noautoaccts" id="id13" name="id13">FEATURES=noautoaccts</a></li> 73<li><a class="reference" href="#features-noautoaccts" id="id14" name="id14">FEATURES=noautoaccts</a></li>
74</ul>
75</li> 74</ul>
76</ul> 75</li>
77</li> 76</ul>
77</li>
78<li><a class="reference" href="#rationale" id="id14" name="id14">Rationale</a></li> 78<li><a class="reference" href="#rationale" id="id15" name="id15">Rationale</a></li>
79<li><a class="reference" href="#backwards-compatibility" id="id15" name="id15">Backwards Compatibility</a></li> 79<li><a class="reference" href="#backwards-compatibility" id="id16" name="id16">Backwards Compatibility</a></li>
80<li><a class="reference" href="#references" id="id16" name="id16">References</a></li> 80<li><a class="reference" href="#references" id="id17" name="id17">References</a></li>
81<li><a class="reference" href="#copyright" id="id17" name="id17">Copyright</a></li> 81<li><a class="reference" href="#copyright" id="id18" name="id18">Copyright</a></li>
82</ul> 82</ul>
83</div>
84<div class="section" id="status">
85<h1><a class="toc-backref" href="#id2" name="status">Status</a></h1>
86<p>This GLEP was approved as-is on 14-Jun-2004.</p>
83</div> 87</div>
84<div class="section" id="abstract"> 88<div class="section" id="abstract">
85<h1><a class="toc-backref" href="#id2" name="abstract">Abstract</a></h1> 89<h1><a class="toc-backref" href="#id3" name="abstract">Abstract</a></h1>
86<p>The current handling of users and groups in the portage system lacks 90<p>The current handling of users and groups in the portage system lacks
87policy and a decent API. We need an API that is both simple for 91policy and a decent API. We need an API that is both simple for
88developers and end users.</p> 92developers and end users.</p>
89</div> 93</div>
90<div class="section" id="motivation"> 94<div class="section" id="motivation">
91<h1><a class="toc-backref" href="#id3" name="motivation">Motivation</a></h1> 95<h1><a class="toc-backref" href="#id4" name="motivation">Motivation</a></h1>
92<p>Currently the policy is left up to respective ebuild maintainers to 96<p>Currently the policy is left up to respective ebuild maintainers to
93choose the username, id, shell settings, etc... and to have them added 97choose the username, id, shell settings, etc... and to have them added
94in the right place at the right time in the right way. When the 98in the right place at the right time in the right way. When the
95addition of users was found to often times have broken logic, the 99addition of users was found to often times have broken logic, the
96enewuser and enewgroup functions were designed to remove all the 100enewuser and enewgroup functions were designed to remove all the
101systems and not friendly to cross compiling or other exotic setups. 105systems and not friendly to cross compiling or other exotic setups.
102There are other reasons, but these listed few are enough to warrant 106There are other reasons, but these listed few are enough to warrant
103change.</p> 107change.</p>
104</div> 108</div>
105<div class="section" id="specification"> 109<div class="section" id="specification">
106<h1><a class="toc-backref" href="#id4" name="specification">Specification</a></h1> 110<h1><a class="toc-backref" href="#id5" name="specification">Specification</a></h1>
107<div class="section" id="portage-structure"> 111<div class="section" id="portage-structure">
108<h2><a class="toc-backref" href="#id5" name="portage-structure">Portage Structure</a></h2> 112<h2><a class="toc-backref" href="#id6" name="portage-structure">Portage Structure</a></h2>
109<div class="section" id="defining-accounts"> 113<div class="section" id="defining-accounts">
110<h3><a class="toc-backref" href="#id6" name="defining-accounts">Defining Accounts</a></h3> 114<h3><a class="toc-backref" href="#id7" name="defining-accounts">Defining Accounts</a></h3>
111<p>A new directory will need to be added to the rsync tree to store the 115<p>New directories will need to be added to the rsync tree to store the files
112files that define the default values for new accounts.</p> 116that define the default values for new accounts. They will be stored on a
117per-profile basis, that way sub-profiles may easily override parent profiles.
118The default location will be the base profile since all other profiles inherit
119from there.</p>
113<pre class="literal-block"> 120<pre class="literal-block">
114portage/profiles/accounts/ 121portage/profiles/base/accounts/
115 user/&lt;username&gt;.xml 122 user/&lt;username&gt;
116 group/&lt;groupname&gt;.xml 123 group/&lt;groupname&gt;
117 accounts.xml 124 accounts
118</pre> 125</pre>
119<p>The files are named with the respective user/group name since they need 126<p>The files are named with the respective user/group name since they need
120to be unique in their respective domains. For example, the file 127to be unique in their respective domains. For example, the file
121detailing the ntp user would be located accounts/user/ntp.xml. Each 128detailing the ntp user would be located accounts/user/ntp. Each
122username.xml file will detail the required information about each user. 129username file will detail the required information about each user.
123Certain account features that exist on one class of systems (Linux) but 130Certain account features that exist on one class of systems (Linux) but
124not on others (*BSD) can be tagged as such. Each groupname.xml will 131not on others (*BSD) can be redefined in their respective subprofiles. Each
125follow similar guidelines. The accounts.xml will be used to describe 132groupname will follow similar guidelines. The accounts file will be used to
126global account defaults such as the default range of 'valid system' ids. 133describe global account defaults such as the default range of 'valid system'
127For example, if the UID 123 is already used on a system, but the ntp 134ids. For example, if the UID 123 is already used on a system, but the ntp
128user defaults to '123', we obviously cannot just duplicate it. So we 135user defaults to '123', we obviously cannot just duplicate it. So we
129would select the next available UID on the system based upon the range 136would select the next available UID on the system based upon the range
130defined here.</p> 137defined here.</p>
131</div> 138</div>
132<div class="section" id="local-overrides"> 139<div class="section" id="local-overrides">
133<h3><a class="toc-backref" href="#id7" name="local-overrides">Local Overrides</a></h3> 140<h3><a class="toc-backref" href="#id8" name="local-overrides">Local Overrides</a></h3>
134<p>Following the tried and true style of custom local portage files being 141<p>Following the tried and true style of custom local portage files being
135found in /etc/portage, this new system will follow the same. Users can 142found in /etc/portage, this new system will follow the same. Users can
136setup their own directory heirarchy in /etc/portage/accounts/ that mimics 143setup their own directory heirarchy in /etc/portage/profile/accounts/ that
137the heirarchy found in the portage tree. When portage attempts to add a 144mimics the heirarchy found in the portage tree. When portage attempts to add
138new user, it will first check /etc/portage/accounts/user/&lt;username&gt;.xml. 145a new user, it will first check /etc/portage/profile/accounts/user/&lt;username&gt;.
139If it does not exist, it will simply use the default definition in the 146If it does not exist, it will simply use the default definition in the
140portage tree.</p> 147portage tree.</p>
141</div> 148</div>
142</div> 149</div>
143<div class="section" id="developer-interface"> 150<div class="section" id="developer-interface">
144<h2><a class="toc-backref" href="#id8" name="developer-interface">Developer Interface</a></h2> 151<h2><a class="toc-backref" href="#id9" name="developer-interface">Developer Interface</a></h2>
145<div class="section" id="eusers-egroups"> 152<div class="section" id="eusers-egroups">
146<h3><a class="toc-backref" href="#id9" name="eusers-egroups">EUSERS + EGROUPS</a></h3> 153<h3><a class="toc-backref" href="#id10" name="eusers-egroups">EUSERS + EGROUPS</a></h3>
147<p>Ebuilds that wish to add users or groups to the system must set these 154<p>Ebuilds that wish to add users or groups to the system must set these
148variables. They are both space delimited lists that tells portage what 155variables. They are both space delimited lists that tells portage what
149users/groups must be added to the system before emerging the ebuild. The 156users/groups must be added to the system before emerging the ebuild. The
150maintainer of the ebuild can assume the users/groups they have listed 157maintainer of the ebuild can assume the users/groups they have listed
151exist before the functions in the ebuild (pkg_setup, src_install, etc...) 158exist before the functions in the ebuild (pkg_setup, src_install, etc...)
152are ever run.</p> 159are ever run.</p>
153</div> 160</div>
154<div class="section" id="id1"> 161<div class="section" id="id1">
155<h3><a class="toc-backref" href="#id10" name="id1">Defining Accounts</a></h3> 162<h3><a class="toc-backref" href="#id11" name="id1">Defining Accounts</a></h3>
156<p>Any developer is free to add users/groups in their ebuilds provided they 163<p>Any developer is free to add users/groups in their ebuilds provided they
157create the required account definition files.</p> 164create the required account definition files.</p>
158</div> 165</div>
159</div> 166</div>
160<div class="section" id="user-interface"> 167<div class="section" id="user-interface">
161<h2><a class="toc-backref" href="#id11" name="user-interface">User Interface</a></h2> 168<h2><a class="toc-backref" href="#id12" name="user-interface">User Interface</a></h2>
162<div class="section" id="users-update"> 169<div class="section" id="users-update">
163<h3><a class="toc-backref" href="#id12" name="users-update">users-update</a></h3> 170<h3><a class="toc-backref" href="#id13" name="users-update">users-update</a></h3>
164<p>When this script is run, all the users/groups that have been added by 171<p>When this script is run, all the users/groups that have been added by
165portage to the system will be shown along with the packages that have 172portage to the system will be shown along with the packages that have
166added said users/groups. Here they can delete accounts that are no longer 173added said users/groups. Here they can delete accounts that are no longer
167required by the currently installed packages (and optionally run a 174required by the currently installed packages (and optionally run a
168script that will try to locate all files on the system that may still be 175script that will try to locate all files on the system that may still be
169owned by the account).</p> 176owned by the account).</p>
170</div> 177</div>
171<div class="section" id="features-noautoaccts"> 178<div class="section" id="features-noautoaccts">
172<h3><a class="toc-backref" href="#id13" name="features-noautoaccts">FEATURES=noautoaccts</a></h3> 179<h3><a class="toc-backref" href="#id14" name="features-noautoaccts">FEATURES=noautoaccts</a></h3>
173<p>This is for the people who never want portage creating accounts for them. 180<p>This is for the people who never want portage creating accounts for them.
174When portage needs to add an account to the system but &quot;noautoaccts&quot; is 181When portage needs to add an account to the system but &quot;noautoaccts&quot; is
175in FEATURES, portage will abort with a message instructing the user to 182in FEATURES, portage will abort with a message instructing the user to
176add the accounts that are listed in EUSERS and EGROUPS. This is 183add the accounts that are listed in EUSERS and EGROUPS. This is
177obviously a required step before the package will be emerged.</p> 184obviously a required step before the package will be emerged.</p>
178</div> 185</div>
179</div> 186</div>
180</div> 187</div>
181<div class="section" id="rationale"> 188<div class="section" id="rationale">
182<h1><a class="toc-backref" href="#id14" name="rationale">Rationale</a></h1> 189<h1><a class="toc-backref" href="#id15" name="rationale">Rationale</a></h1>
183<p>Developers no longer have to worry about how to properly add users/groups 190<p>Developers no longer have to worry about how to properly add users/groups
184to systems and worry about whether or not their code will work on all 191to systems and worry about whether or not their code will work on all
185systems (LDAP vs local shadow vs cross compile vs etc...). Users can 192systems (LDAP vs local shadow vs cross compile vs etc...). Users can
186easily override the defaults Gentoo has before dictated. The default 193easily override the defaults Gentoo has before dictated. The default
187passwd and group database can once again be trimmed down to the barest of 194passwd and group database can once again be trimmed down to the barest of
188accounts.</p> 195accounts.</p>
189</div> 196</div>
190<div class="section" id="backwards-compatibility"> 197<div class="section" id="backwards-compatibility">
191<h1><a class="toc-backref" href="#id15" name="backwards-compatibility">Backwards Compatibility</a></h1> 198<h1><a class="toc-backref" href="#id16" name="backwards-compatibility">Backwards Compatibility</a></h1>
192<p>Handled in similar fashion as other portage rollouts. When using the new 199<p>Handled in similar fashion as other portage rollouts. When using the new
193account system, add a DEPEND for the required version of portage to the 200account system, add a DEPEND for the required version of portage to the
194ebuild.</p> 201ebuild.</p>
195</div> 202</div>
196<div class="section" id="references"> 203<div class="section" id="references">
197<h1><a class="toc-backref" href="#id16" name="references">References</a></h1> 204<h1><a class="toc-backref" href="#id17" name="references">References</a></h1>
198<table class="footnote" frame="void" id="apibug" rules="none"> 205<table class="docutils footnote" frame="void" id="apibug" rules="none">
199<colgroup><col class="label" /><col /></colgroup> 206<colgroup><col class="label" /><col /></colgroup>
200<tbody valign="top"> 207<tbody valign="top">
201<tr><td class="label"><a name="apibug">[1]</a></td><td><a class="reference" href="http://bugs.gentoo.org/show_bug.cgi?id=8634">http://bugs.gentoo.org/show_bug.cgi?id=8634</a></td></tr> 208<tr><td class="label"><a name="apibug">[1]</a></td><td><a class="reference" href="http://bugs.gentoo.org/show_bug.cgi?id=8634">http://bugs.gentoo.org/show_bug.cgi?id=8634</a></td></tr>
202</tbody> 209</tbody>
203</table> 210</table>
204</div> 211</div>
205<div class="section" id="copyright"> 212<div class="section" id="copyright">
206<h1><a class="toc-backref" href="#id17" name="copyright">Copyright</a></h1> 213<h1><a class="toc-backref" href="#id18" name="copyright">Copyright</a></h1>
207<p>This document has been placed in the public domain.</p> 214<p>This document has been placed in the public domain.</p>
208</div> 215</div>
209</div>
210 216
211<hr class="footer"/> 217</div>
212<div class="footer"> 218<div class="footer">
219<hr class="footer" />
213<a class="reference" href="glep-0027.txt">View document source</a>. 220<a class="reference" href="glep-0027.txt">View document source</a>.
214Generated on: 2004-05-29 14:47 UTC. 221Generated on: 2005-09-15 02:39 UTC.
215Generated by <a class="reference" href="http://docutils.sourceforge.net/">Docutils</a> from <a class="reference" href="http://docutils.sourceforge.net/rst.html">reStructuredText</a> source. 222Generated by <a class="reference" href="http://docutils.sourceforge.net/">Docutils</a> from <a class="reference" href="http://docutils.sourceforge.net/rst.html">reStructuredText</a> source.
223
216</div> 224</div>
217</body> 225</body>
218</html> 226</html>
219 227

Legend:
Removed from v.1.1  
changed lines
  Added in v.1.3

  ViewVC Help
Powered by ViewVC 1.1.20