/[gentoo]/xml/htdocs/proj/en/glep/glep-0027.html
Gentoo

Diff of /xml/htdocs/proj/en/glep/glep-0027.html

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.1 Revision 1.7
1<?xml version="1.0" encoding="utf-8" ?> 1<?xml version="1.0" encoding="utf-8" ?>
2<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 2<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> 3<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
4<!-- 4
5This HTML is auto-generated. DO NOT EDIT THIS FILE! If you are writing a new
6PEP, see http://www.python.org/peps/pep-0001.html for instructions and links
7to templates. DO NOT USE THIS HTML FILE AS YOUR TEMPLATE!
8-->
9<head> 5<head>
10 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> 6 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
11 <meta name="generator" content="Docutils 0.3.0: http://docutils.sourceforge.net/" /> 7 <meta name="generator" content="Docutils 0.4: http://docutils.sourceforge.net/" />
12 <title>GLEP 27 -- Portage Management of UIDs/GIDs</title> 8 <title>GLEP 27 -- Portage Management of UIDs/GIDs</title>
13 <link rel="stylesheet" href="tools/glep.css" type="text/css" /> 9 <link rel="stylesheet" href="tools/glep.css" type="text/css" />
14</head> 10</head>
15<body bgcolor="white"> 11<body bgcolor="white">
16<table class="navigation" cellpadding="0" cellspacing="0" 12<table class="navigation" cellpadding="0" cellspacing="0"
22<td class="textlinks" align="left"> 18<td class="textlinks" align="left">
23[<b><a href="http://www.gentoo.org/">Gentoo Linux Home</a></b>] 19[<b><a href="http://www.gentoo.org/">Gentoo Linux Home</a></b>]
24[<b><a href="http://www.gentoo.org/proj/en/glep">GLEP Index</a></b>] 20[<b><a href="http://www.gentoo.org/proj/en/glep">GLEP Index</a></b>]
25[<b><a href="http://www.gentoo.org/proj/en/glep/glep-0027.txt">GLEP Source</a></b>] 21[<b><a href="http://www.gentoo.org/proj/en/glep/glep-0027.txt">GLEP Source</a></b>]
26</td></tr></table> 22</td></tr></table>
27<div class="document">
28<table class="rfc2822 field-list" frame="void" rules="none"> 23<table class="rfc2822 docutils field-list" frame="void" rules="none">
29<col class="field-name" /> 24<col class="field-name" />
30<col class="field-body" /> 25<col class="field-body" />
31<tbody valign="top"> 26<tbody valign="top">
32<tr class="field"><th class="field-name">GLEP:</th><td class="field-body">27</td> 27<tr class="field"><th class="field-name">GLEP:</th><td class="field-body">27</td>
33</tr> 28</tr>
34<tr class="field"><th class="field-name">Title:</th><td class="field-body">Portage Management of UIDs/GIDs</td> 29<tr class="field"><th class="field-name">Title:</th><td class="field-body">Portage Management of UIDs/GIDs</td>
35</tr> 30</tr>
36<tr class="field"><th class="field-name">Version:</th><td class="field-body">1.1</td> 31<tr class="field"><th class="field-name">Version:</th><td class="field-body">1.5</td>
37</tr> 32</tr>
38<tr class="field"><th class="field-name">Last-Modified:</th><td class="field-body"><a class="reference" href="http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/proj/en/glep/glep-0027.txt?cvsroot=gentoo">2004/05/29 14:31:58</a></td> 33<tr class="field"><th class="field-name">Last-Modified:</th><td class="field-body"><a class="reference" href="http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/proj/en/glep/glep-0027.txt?cvsroot=gentoo">2005/09/18 20:48:23</a></td>
39</tr> 34</tr>
40<tr class="field"><th class="field-name">Author:</th><td class="field-body">Mike Frysinger &lt;vapier&#32;&#97;t&#32;gentoo.org&gt;</td> 35<tr class="field"><th class="field-name">Author:</th><td class="field-body">Mike Frysinger &lt;vapier&#32;&#97;t&#32;gentoo.org&gt;</td>
41</tr> 36</tr>
42<tr class="field"><th class="field-name">Status:</th><td class="field-body">Draft</td> 37<tr class="field"><th class="field-name">Status:</th><td class="field-body">Approved</td>
43</tr> 38</tr>
44<tr class="field"><th class="field-name">Type:</th><td class="field-body">Standards Track</td> 39<tr class="field"><th class="field-name">Type:</th><td class="field-body">Standards Track</td>
45</tr> 40</tr>
46<tr class="field"><th class="field-name">Content-Type:</th><td class="field-body"><a class="reference" href="glep-0002.html">text/x-rst</a></td> 41<tr class="field"><th class="field-name">Content-Type:</th><td class="field-body"><a class="reference" href="glep-0002.html">text/x-rst</a></td>
47</tr> 42</tr>
48<tr class="field"><th class="field-name">Created:</th><td class="field-body">29 May 2004</td> 43<tr class="field"><th class="field-name">Created:</th><td class="field-body">29 May 2004</td>
49</tr> 44</tr>
50<tr class="field"><th class="field-name">Post-History:</th><td class="field-body">29-May-2004</td> 45<tr class="field"><th class="field-name">Post-History:</th><td class="field-body">29-May-2004, 20-Jul-2004</td>
51</tr> 46</tr>
52</tbody> 47</tbody>
53</table> 48</table>
54<hr /> 49<hr />
55<div class="contents topic" id="contents"> 50<div class="contents topic">
56<p class="topic-title"><a name="contents">Contents</a></p> 51<p class="topic-title first"><a id="contents" name="contents">Contents</a></p>
57<ul class="simple"> 52<ul class="simple">
53<li><a class="reference" href="#status" id="id2" name="id2">Status</a></li>
58<li><a class="reference" href="#abstract" id="id2" name="id2">Abstract</a></li> 54<li><a class="reference" href="#abstract" id="id3" name="id3">Abstract</a></li>
59<li><a class="reference" href="#motivation" id="id3" name="id3">Motivation</a></li> 55<li><a class="reference" href="#motivation" id="id4" name="id4">Motivation</a></li>
60<li><a class="reference" href="#specification" id="id4" name="id4">Specification</a><ul> 56<li><a class="reference" href="#specification" id="id5" name="id5">Specification</a><ul>
61<li><a class="reference" href="#portage-structure" id="id5" name="id5">Portage Structure</a><ul> 57<li><a class="reference" href="#portage-structure" id="id6" name="id6">Portage Structure</a><ul>
62<li><a class="reference" href="#defining-accounts" id="id6" name="id6">Defining Accounts</a></li> 58<li><a class="reference" href="#defining-accounts" id="id7" name="id7">Defining Accounts</a></li>
63<li><a class="reference" href="#local-overrides" id="id7" name="id7">Local Overrides</a></li> 59<li><a class="reference" href="#local-overrides" id="id8" name="id8">Local Overrides</a></li>
64</ul>
65</li> 60</ul>
61</li>
66<li><a class="reference" href="#developer-interface" id="id8" name="id8">Developer Interface</a><ul> 62<li><a class="reference" href="#developer-interface" id="id9" name="id9">Developer Interface</a><ul>
67<li><a class="reference" href="#eusers-egroups" id="id9" name="id9">EUSERS + EGROUPS</a></li> 63<li><a class="reference" href="#eusers-egroups" id="id10" name="id10">EUSERS + EGROUPS</a></li>
68<li><a class="reference" href="#id1" id="id10" name="id10">Defining Accounts</a></li> 64<li><a class="reference" href="#id1" id="id11" name="id11">Defining Accounts</a></li>
69</ul>
70</li> 65</ul>
66</li>
71<li><a class="reference" href="#user-interface" id="id11" name="id11">User Interface</a><ul> 67<li><a class="reference" href="#user-interface" id="id12" name="id12">User Interface</a><ul>
72<li><a class="reference" href="#users-update" id="id12" name="id12">users-update</a></li> 68<li><a class="reference" href="#users-update" id="id13" name="id13">users-update</a></li>
73<li><a class="reference" href="#features-noautoaccts" id="id13" name="id13">FEATURES=noautoaccts</a></li> 69<li><a class="reference" href="#features-noautoaccts" id="id14" name="id14">FEATURES=noautoaccts</a></li>
74</ul>
75</li> 70</ul>
76</ul> 71</li>
77</li> 72</ul>
73</li>
78<li><a class="reference" href="#rationale" id="id14" name="id14">Rationale</a></li> 74<li><a class="reference" href="#rationale" id="id15" name="id15">Rationale</a></li>
79<li><a class="reference" href="#backwards-compatibility" id="id15" name="id15">Backwards Compatibility</a></li> 75<li><a class="reference" href="#backwards-compatibility" id="id16" name="id16">Backwards Compatibility</a></li>
80<li><a class="reference" href="#references" id="id16" name="id16">References</a></li> 76<li><a class="reference" href="#references" id="id17" name="id17">References</a></li>
81<li><a class="reference" href="#copyright" id="id17" name="id17">Copyright</a></li> 77<li><a class="reference" href="#copyright" id="id18" name="id18">Copyright</a></li>
82</ul> 78</ul>
83</div> 79</div>
84<div class="section" id="abstract"> 80<div class="section">
81<h1><a class="toc-backref" href="#id2" id="status" name="status">Status</a></h1>
82<p>This GLEP was approved as-is on 14-Jun-2004.</p>
83</div>
84<div class="section">
85<h1><a class="toc-backref" href="#id2" name="abstract">Abstract</a></h1> 85<h1><a class="toc-backref" href="#id3" id="abstract" name="abstract">Abstract</a></h1>
86<p>The current handling of users and groups in the portage system lacks 86<p>The current handling of users and groups in the portage system lacks
87policy and a decent API. We need an API that is both simple for 87policy and a decent API. We need an API that is both simple for
88developers and end users.</p> 88developers and end users.</p>
89</div> 89</div>
90<div class="section" id="motivation"> 90<div class="section">
91<h1><a class="toc-backref" href="#id3" name="motivation">Motivation</a></h1> 91<h1><a class="toc-backref" href="#id4" id="motivation" name="motivation">Motivation</a></h1>
92<p>Currently the policy is left up to respective ebuild maintainers to 92<p>Currently the policy is left up to respective ebuild maintainers to
93choose the username, id, shell settings, etc... and to have them added 93choose the username, id, shell settings, etc... and to have them added
94in the right place at the right time in the right way. When the 94in the right place at the right time in the right way. When the
95addition of users was found to often times have broken logic, the 95addition of users was found to often times have broken logic, the
96enewuser and enewgroup functions were designed to remove all the 96enewuser and enewgroup functions were designed to remove all the
97details. However, these functions still suffer from some fundamental 97details. However, these functions still suffer from some fundamental
98problems. First, there is no local customization. Second, maintainers 98problems. First, there is no local customization. Second, maintainers
99still use the functions improperly (binary packages have suffered the 99still use the functions improperly (binary packages have suffered the
100most thus far). Third, the functions are not portable across non-linux 100most thus far). Third, the functions are not portable across non-linux
101systems and not friendly to cross compiling or other exotic setups. 101systems and not friendly to cross compiling or other exotic setups.
102There are other reasons, but these listed few are enough to warrant 102There are other reasons, but these listed few are enough to warrant
103change.</p> 103change.</p>
104</div> 104</div>
105<div class="section" id="specification"> 105<div class="section">
106<h1><a class="toc-backref" href="#id4" name="specification">Specification</a></h1> 106<h1><a class="toc-backref" href="#id5" id="specification" name="specification">Specification</a></h1>
107<div class="section" id="portage-structure"> 107<div class="section">
108<h2><a class="toc-backref" href="#id5" name="portage-structure">Portage Structure</a></h2> 108<h2><a class="toc-backref" href="#id6" id="portage-structure" name="portage-structure">Portage Structure</a></h2>
109<div class="section" id="defining-accounts"> 109<div class="section">
110<h3><a class="toc-backref" href="#id6" name="defining-accounts">Defining Accounts</a></h3> 110<h3><a class="toc-backref" href="#id7" id="defining-accounts" name="defining-accounts">Defining Accounts</a></h3>
111<p>A new directory will need to be added to the rsync tree to store the 111<p>New directories will need to be added to the rsync tree to store the files
112files that define the default values for new accounts.</p> 112that define the default values for new accounts. They will be stored on a
113per-profile basis, that way sub-profiles may easily override parent profiles.
114The default location will be the base profile since all other profiles inherit
115from there.</p>
113<pre class="literal-block"> 116<pre class="literal-block">
114portage/profiles/accounts/ 117portage/profiles/base/accounts/
115 user/&lt;username&gt;.xml 118 user/&lt;username&gt;
116 group/&lt;groupname&gt;.xml 119 group/&lt;groupname&gt;
117 accounts.xml 120 accounts
118</pre> 121</pre>
119<p>The files are named with the respective user/group name since they need 122<p>The files are named with the respective user/group name since they need
120to be unique in their respective domains. For example, the file 123to be unique in their respective domains. For example, the file
121detailing the ntp user would be located accounts/user/ntp.xml. Each 124detailing the ntp user would be located accounts/user/ntp. Each
122username.xml file will detail the required information about each user. 125username file will detail the required information about each user.
123Certain account features that exist on one class of systems (Linux) but 126Certain account features that exist on one class of systems (Linux) but
124not on others (*BSD) can be tagged as such. Each groupname.xml will 127not on others (*BSD) can be redefined in their respective subprofiles. Each
125follow similar guidelines. The accounts.xml will be used to describe 128groupname will follow similar guidelines. The accounts file will be used to
126global account defaults such as the default range of 'valid system' ids. 129describe global account defaults such as the default range of 'valid system'
127For example, if the UID 123 is already used on a system, but the ntp 130ids. For example, if the UID 123 is already used on a system, but the ntp
128user defaults to '123', we obviously cannot just duplicate it. So we 131user defaults to '123', we obviously cannot just duplicate it. So we
129would select the next available UID on the system based upon the range 132would select the next available UID on the system based upon the range
130defined here.</p> 133defined here.</p>
131</div> 134</div>
132<div class="section" id="local-overrides"> 135<div class="section">
133<h3><a class="toc-backref" href="#id7" name="local-overrides">Local Overrides</a></h3> 136<h3><a class="toc-backref" href="#id8" id="local-overrides" name="local-overrides">Local Overrides</a></h3>
134<p>Following the tried and true style of custom local portage files being 137<p>Following the tried and true style of custom local portage files being
135found in /etc/portage, this new system will follow the same. Users can 138found in /etc/portage, this new system will follow the same. Users can
136setup their own directory heirarchy in /etc/portage/accounts/ that mimics 139setup their own directory heirarchy in /etc/portage/profile/accounts/ that
137the heirarchy found in the portage tree. When portage attempts to add a 140mimics the heirarchy found in the portage tree. When portage attempts to add
138new user, it will first check /etc/portage/accounts/user/&lt;username&gt;.xml. 141a new user, it will first check /etc/portage/profile/accounts/user/&lt;username&gt;.
139If it does not exist, it will simply use the default definition in the 142If it does not exist, it will simply use the default definition in the
140portage tree.</p> 143portage tree.</p>
141</div> 144</div>
142</div> 145</div>
143<div class="section" id="developer-interface"> 146<div class="section">
144<h2><a class="toc-backref" href="#id8" name="developer-interface">Developer Interface</a></h2> 147<h2><a class="toc-backref" href="#id9" id="developer-interface" name="developer-interface">Developer Interface</a></h2>
145<div class="section" id="eusers-egroups"> 148<div class="section">
146<h3><a class="toc-backref" href="#id9" name="eusers-egroups">EUSERS + EGROUPS</a></h3> 149<h3><a class="toc-backref" href="#id10" id="eusers-egroups" name="eusers-egroups">EUSERS + EGROUPS</a></h3>
147<p>Ebuilds that wish to add users or groups to the system must set these 150<p>Ebuilds that wish to add users or groups to the system must set these
148variables. They are both space delimited lists that tells portage what 151variables. They are both space delimited lists that tells portage what
149users/groups must be added to the system before emerging the ebuild. The 152users/groups must be added to the system before emerging the ebuild. The
150maintainer of the ebuild can assume the users/groups they have listed 153maintainer of the ebuild can assume the users/groups they have listed
151exist before the functions in the ebuild (pkg_setup, src_install, etc...) 154exist before the functions in the ebuild (pkg_setup, src_install, etc...)
152are ever run.</p> 155are ever run.</p>
153</div> 156</div>
154<div class="section" id="id1"> 157<div class="section">
155<h3><a class="toc-backref" href="#id10" name="id1">Defining Accounts</a></h3> 158<h3><a class="toc-backref" href="#id11" id="id1" name="id1">Defining Accounts</a></h3>
156<p>Any developer is free to add users/groups in their ebuilds provided they 159<p>Any developer is free to add users/groups in their ebuilds provided they
157create the required account definition files.</p> 160create the required account definition files.</p>
158</div> 161</div>
159</div> 162</div>
160<div class="section" id="user-interface"> 163<div class="section">
161<h2><a class="toc-backref" href="#id11" name="user-interface">User Interface</a></h2> 164<h2><a class="toc-backref" href="#id12" id="user-interface" name="user-interface">User Interface</a></h2>
162<div class="section" id="users-update"> 165<div class="section">
163<h3><a class="toc-backref" href="#id12" name="users-update">users-update</a></h3> 166<h3><a class="toc-backref" href="#id13" id="users-update" name="users-update">users-update</a></h3>
164<p>When this script is run, all the users/groups that have been added by 167<p>When this script is run, all the users/groups that have been added by
165portage to the system will be shown along with the packages that have 168portage to the system will be shown along with the packages that have
166added said users/groups. Here they can delete accounts that are no longer 169added said users/groups. Here they can delete accounts that are no longer
167required by the currently installed packages (and optionally run a 170required by the currently installed packages (and optionally run a
168script that will try to locate all files on the system that may still be 171script that will try to locate all files on the system that may still be
169owned by the account).</p> 172owned by the account).</p>
170</div> 173</div>
171<div class="section" id="features-noautoaccts"> 174<div class="section">
172<h3><a class="toc-backref" href="#id13" name="features-noautoaccts">FEATURES=noautoaccts</a></h3> 175<h3><a class="toc-backref" href="#id14" id="features-noautoaccts" name="features-noautoaccts">FEATURES=noautoaccts</a></h3>
173<p>This is for the people who never want portage creating accounts for them. 176<p>This is for the people who never want portage creating accounts for them.
174When portage needs to add an account to the system but &quot;noautoaccts&quot; is 177When portage needs to add an account to the system but &quot;noautoaccts&quot; is
175in FEATURES, portage will abort with a message instructing the user to 178in FEATURES, portage will abort with a message instructing the user to
176add the accounts that are listed in EUSERS and EGROUPS. This is 179add the accounts that are listed in EUSERS and EGROUPS. This is
177obviously a required step before the package will be emerged.</p> 180obviously a required step before the package will be emerged.</p>
178</div> 181</div>
179</div> 182</div>
180</div> 183</div>
181<div class="section" id="rationale"> 184<div class="section">
182<h1><a class="toc-backref" href="#id14" name="rationale">Rationale</a></h1> 185<h1><a class="toc-backref" href="#id15" id="rationale" name="rationale">Rationale</a></h1>
183<p>Developers no longer have to worry about how to properly add users/groups 186<p>Developers no longer have to worry about how to properly add users/groups
184to systems and worry about whether or not their code will work on all 187to systems and worry about whether or not their code will work on all
185systems (LDAP vs local shadow vs cross compile vs etc...). Users can 188systems (LDAP vs local shadow vs cross compile vs etc...). Users can
186easily override the defaults Gentoo has before dictated. The default 189easily override the defaults Gentoo has before dictated. The default
187passwd and group database can once again be trimmed down to the barest of 190passwd and group database can once again be trimmed down to the barest of
188accounts.</p> 191accounts.</p>
189</div> 192</div>
190<div class="section" id="backwards-compatibility"> 193<div class="section">
191<h1><a class="toc-backref" href="#id15" name="backwards-compatibility">Backwards Compatibility</a></h1> 194<h1><a class="toc-backref" href="#id16" id="backwards-compatibility" name="backwards-compatibility">Backwards Compatibility</a></h1>
192<p>Handled in similar fashion as other portage rollouts. When using the new 195<p>Handled in similar fashion as other portage rollouts. When using the new
193account system, add a DEPEND for the required version of portage to the 196account system, add a DEPEND for the required version of portage to the
194ebuild.</p> 197ebuild.</p>
195</div> 198</div>
196<div class="section" id="references"> 199<div class="section">
197<h1><a class="toc-backref" href="#id16" name="references">References</a></h1> 200<h1><a class="toc-backref" href="#id17" id="references" name="references">References</a></h1>
198<table class="footnote" frame="void" id="apibug" rules="none"> 201<table class="docutils footnote" frame="void" id="apibug" rules="none">
199<colgroup><col class="label" /><col /></colgroup> 202<colgroup><col class="label" /><col /></colgroup>
200<tbody valign="top"> 203<tbody valign="top">
201<tr><td class="label"><a name="apibug">[1]</a></td><td><a class="reference" href="http://bugs.gentoo.org/show_bug.cgi?id=8634">http://bugs.gentoo.org/show_bug.cgi?id=8634</a></td></tr> 204<tr><td class="label"><a name="apibug">[1]</a></td><td><a class="reference" href="http://bugs.gentoo.org/show_bug.cgi?id=8634">http://bugs.gentoo.org/show_bug.cgi?id=8634</a></td></tr>
202</tbody> 205</tbody>
203</table> 206</table>
204</div> 207</div>
205<div class="section" id="copyright"> 208<div class="section">
206<h1><a class="toc-backref" href="#id17" name="copyright">Copyright</a></h1> 209<h1><a class="toc-backref" href="#id18" id="copyright" name="copyright">Copyright</a></h1>
207<p>This document has been placed in the public domain.</p> 210<p>This document has been placed in the public domain.</p>
208</div> 211</div>
209</div>
210 212
211<hr class="footer"/> 213</div>
212<div class="footer"> 214<div class="footer">
215<hr class="footer" />
213<a class="reference" href="glep-0027.txt">View document source</a>. 216<a class="reference" href="glep-0027.txt">View document source</a>.
214Generated on: 2004-05-29 14:47 UTC. 217Generated on: 2007-10-13 13:39 UTC.
215Generated by <a class="reference" href="http://docutils.sourceforge.net/">Docutils</a> from <a class="reference" href="http://docutils.sourceforge.net/rst.html">reStructuredText</a> source. 218Generated by <a class="reference" href="http://docutils.sourceforge.net/">Docutils</a> from <a class="reference" href="http://docutils.sourceforge.net/rst.html">reStructuredText</a> source.
219
216</div> 220</div>
217</body> 221</body>
218</html> 222</html>
219 223

Legend:
Removed from v.1.1  
changed lines
  Added in v.1.7

  ViewVC Help
Powered by ViewVC 1.1.20