/[gentoo]/xml/htdocs/proj/en/glep/glep-0027.html
Gentoo

Diff of /xml/htdocs/proj/en/glep/glep-0027.html

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.4 Revision 1.7
1<?xml version="1.0" encoding="utf-8" ?> 1<?xml version="1.0" encoding="utf-8" ?>
2<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 2<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> 3<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
4<!-- 4
5This HTML is auto-generated. DO NOT EDIT THIS FILE! If you are writing a new
6PEP, see http://www.python.org/peps/pep-0001.html for instructions and links
7to templates. DO NOT USE THIS HTML FILE AS YOUR TEMPLATE!
8-->
9<head> 5<head>
10 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> 6 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
11 <meta name="generator" content="Docutils 0.3.9: http://docutils.sourceforge.net/" /> 7 <meta name="generator" content="Docutils 0.4: http://docutils.sourceforge.net/" />
12 <title>GLEP 27 -- Portage Management of UIDs/GIDs</title> 8 <title>GLEP 27 -- Portage Management of UIDs/GIDs</title>
13 <link rel="stylesheet" href="tools/glep.css" type="text/css" /> 9 <link rel="stylesheet" href="tools/glep.css" type="text/css" />
14</head> 10</head>
15<body bgcolor="white"> 11<body bgcolor="white">
16<table class="navigation" cellpadding="0" cellspacing="0" 12<table class="navigation" cellpadding="0" cellspacing="0"
20<img src="http://www.gentoo.org/images/gentoo-new.gif" alt="[Gentoo]" 16<img src="http://www.gentoo.org/images/gentoo-new.gif" alt="[Gentoo]"
21 border="0" width="150" height="35" /></a></td> 17 border="0" width="150" height="35" /></a></td>
22<td class="textlinks" align="left"> 18<td class="textlinks" align="left">
23[<b><a href="http://www.gentoo.org/">Gentoo Linux Home</a></b>] 19[<b><a href="http://www.gentoo.org/">Gentoo Linux Home</a></b>]
24[<b><a href="http://www.gentoo.org/proj/en/glep">GLEP Index</a></b>] 20[<b><a href="http://www.gentoo.org/proj/en/glep">GLEP Index</a></b>]
25[<b><a href="./glep-0027.txt">GLEP Source</a></b>] 21[<b><a href="http://www.gentoo.org/proj/en/glep/glep-0027.txt">GLEP Source</a></b>]
26</td></tr></table> 22</td></tr></table>
27<table class="rfc2822 docutils field-list" frame="void" rules="none"> 23<table class="rfc2822 docutils field-list" frame="void" rules="none">
28<col class="field-name" /> 24<col class="field-name" />
29<col class="field-body" /> 25<col class="field-body" />
30<tbody valign="top"> 26<tbody valign="top">
31<tr class="field"><th class="field-name">GLEP:</th><td class="field-body">27</td> 27<tr class="field"><th class="field-name">GLEP:</th><td class="field-body">27</td>
32</tr> 28</tr>
33<tr class="field"><th class="field-name">Title:</th><td class="field-body">Portage Management of UIDs/GIDs</td> 29<tr class="field"><th class="field-name">Title:</th><td class="field-body">Portage Management of UIDs/GIDs</td>
34</tr> 30</tr>
35<tr class="field"><th class="field-name">Version:</th><td class="field-body">1.4</td> 31<tr class="field"><th class="field-name">Version:</th><td class="field-body">1.5</td>
36</tr> 32</tr>
37<tr class="field"><th class="field-name">Last-Modified:</th><td class="field-body"><a class="reference" href="http://www.gentoo.org/cgi-bin/viewcvs/xml/htdocs/proj/en/glep/glep-0027.txt?cvsroot=gentoo">2005/09/15 02:39:54</a></td> 33<tr class="field"><th class="field-name">Last-Modified:</th><td class="field-body"><a class="reference" href="http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/proj/en/glep/glep-0027.txt?cvsroot=gentoo">2005/09/18 20:48:23</a></td>
38</tr> 34</tr>
39<tr class="field"><th class="field-name">Author:</th><td class="field-body">Mike Frysinger &lt;vapier&#32;&#97;t&#32;gentoo.org&gt;</td> 35<tr class="field"><th class="field-name">Author:</th><td class="field-body">Mike Frysinger &lt;vapier&#32;&#97;t&#32;gentoo.org&gt;</td>
40</tr> 36</tr>
41<tr class="field"><th class="field-name">Status:</th><td class="field-body">Approved</td> 37<tr class="field"><th class="field-name">Status:</th><td class="field-body">Approved</td>
42</tr> 38</tr>
43<tr class="field"><th class="field-name">Type:</th><td class="field-body">Standards Track</td> 39<tr class="field"><th class="field-name">Type:</th><td class="field-body">Standards Track</td>
44</tr> 40</tr>
45<tr class="field"><th class="field-name">Content-Type:</th><td class="field-body"><a class="reference" href="http://www.python.org/peps/glep-0012.html">text/x-rst</a></td> 41<tr class="field"><th class="field-name">Content-Type:</th><td class="field-body"><a class="reference" href="glep-0002.html">text/x-rst</a></td>
46</tr> 42</tr>
47<tr class="field"><th class="field-name">Created:</th><td class="field-body">29 May 2004</td> 43<tr class="field"><th class="field-name">Created:</th><td class="field-body">29 May 2004</td>
48</tr> 44</tr>
49<tr class="field"><th class="field-name">Post-History:</th><td class="field-body">29-May-2004, 20-Jul-2004</td> 45<tr class="field"><th class="field-name">Post-History:</th><td class="field-body">29-May-2004, 20-Jul-2004</td>
50</tr> 46</tr>
51</tbody> 47</tbody>
52</table> 48</table>
53<hr /> 49<hr />
54<div class="contents topic" id="contents"> 50<div class="contents topic">
55<p class="topic-title first"><a name="contents">Contents</a></p> 51<p class="topic-title first"><a id="contents" name="contents">Contents</a></p>
56<ul class="simple"> 52<ul class="simple">
57<li><a class="reference" href="#status" id="id2" name="id2">Status</a></li> 53<li><a class="reference" href="#status" id="id2" name="id2">Status</a></li>
58<li><a class="reference" href="#abstract" id="id3" name="id3">Abstract</a></li> 54<li><a class="reference" href="#abstract" id="id3" name="id3">Abstract</a></li>
59<li><a class="reference" href="#motivation" id="id4" name="id4">Motivation</a></li> 55<li><a class="reference" href="#motivation" id="id4" name="id4">Motivation</a></li>
60<li><a class="reference" href="#specification" id="id5" name="id5">Specification</a><ul> 56<li><a class="reference" href="#specification" id="id5" name="id5">Specification</a><ul>
79<li><a class="reference" href="#backwards-compatibility" id="id16" name="id16">Backwards Compatibility</a></li> 75<li><a class="reference" href="#backwards-compatibility" id="id16" name="id16">Backwards Compatibility</a></li>
80<li><a class="reference" href="#references" id="id17" name="id17">References</a></li> 76<li><a class="reference" href="#references" id="id17" name="id17">References</a></li>
81<li><a class="reference" href="#copyright" id="id18" name="id18">Copyright</a></li> 77<li><a class="reference" href="#copyright" id="id18" name="id18">Copyright</a></li>
82</ul> 78</ul>
83</div> 79</div>
84<div class="section" id="status"> 80<div class="section">
85<h1><a class="toc-backref" href="#id2" name="status">Status</a></h1> 81<h1><a class="toc-backref" href="#id2" id="status" name="status">Status</a></h1>
86<p>This GLEP was approved as-is on 14-Jun-2004.</p> 82<p>This GLEP was approved as-is on 14-Jun-2004.</p>
87</div> 83</div>
88<div class="section" id="abstract"> 84<div class="section">
89<h1><a class="toc-backref" href="#id3" name="abstract">Abstract</a></h1> 85<h1><a class="toc-backref" href="#id3" id="abstract" name="abstract">Abstract</a></h1>
90<p>The current handling of users and groups in the portage system lacks 86<p>The current handling of users and groups in the portage system lacks
91policy and a decent API. We need an API that is both simple for 87policy and a decent API. We need an API that is both simple for
92developers and end users.</p> 88developers and end users.</p>
93</div> 89</div>
94<div class="section" id="motivation"> 90<div class="section">
95<h1><a class="toc-backref" href="#id4" name="motivation">Motivation</a></h1> 91<h1><a class="toc-backref" href="#id4" id="motivation" name="motivation">Motivation</a></h1>
96<p>Currently the policy is left up to respective ebuild maintainers to 92<p>Currently the policy is left up to respective ebuild maintainers to
97choose the username, id, shell settings, etc... and to have them added 93choose the username, id, shell settings, etc... and to have them added
98in the right place at the right time in the right way. When the 94in the right place at the right time in the right way. When the
99addition of users was found to often times have broken logic, the 95addition of users was found to often times have broken logic, the
100enewuser and enewgroup functions were designed to remove all the 96enewuser and enewgroup functions were designed to remove all the
101details. However, these functions still suffer from some fundamental 97details. However, these functions still suffer from some fundamental
102problems. First, there is no local customization. Second, maintainers 98problems. First, there is no local customization. Second, maintainers
103still use the functions improperly (binary packages have suffered the 99still use the functions improperly (binary packages have suffered the
104most thus far). Third, the functions are not portable across non-linux 100most thus far). Third, the functions are not portable across non-linux
105systems and not friendly to cross compiling or other exotic setups. 101systems and not friendly to cross compiling or other exotic setups.
106There are other reasons, but these listed few are enough to warrant 102There are other reasons, but these listed few are enough to warrant
107change.</p> 103change.</p>
108</div> 104</div>
109<div class="section" id="specification"> 105<div class="section">
110<h1><a class="toc-backref" href="#id5" name="specification">Specification</a></h1> 106<h1><a class="toc-backref" href="#id5" id="specification" name="specification">Specification</a></h1>
111<div class="section" id="portage-structure"> 107<div class="section">
112<h2><a class="toc-backref" href="#id6" name="portage-structure">Portage Structure</a></h2> 108<h2><a class="toc-backref" href="#id6" id="portage-structure" name="portage-structure">Portage Structure</a></h2>
113<div class="section" id="defining-accounts"> 109<div class="section">
114<h3><a class="toc-backref" href="#id7" name="defining-accounts">Defining Accounts</a></h3> 110<h3><a class="toc-backref" href="#id7" id="defining-accounts" name="defining-accounts">Defining Accounts</a></h3>
115<p>New directories will need to be added to the rsync tree to store the files 111<p>New directories will need to be added to the rsync tree to store the files
116that define the default values for new accounts. They will be stored on a 112that define the default values for new accounts. They will be stored on a
117per-profile basis, that way sub-profiles may easily override parent profiles. 113per-profile basis, that way sub-profiles may easily override parent profiles.
118The default location will be the base profile since all other profiles inherit 114The default location will be the base profile since all other profiles inherit
119from there.</p> 115from there.</p>
120<pre class="literal-block"> 116<pre class="literal-block">
121portage/profiles/base/accounts/ 117portage/profiles/base/accounts/
122 user/&lt;username&gt; 118 user/&lt;username&gt;
123 group/&lt;groupname&gt; 119 group/&lt;groupname&gt;
124 accounts 120 accounts
125</pre> 121</pre>
126<p>The files are named with the respective user/group name since they need 122<p>The files are named with the respective user/group name since they need
127to be unique in their respective domains. For example, the file 123to be unique in their respective domains. For example, the file
128detailing the ntp user would be located accounts/user/ntp. Each 124detailing the ntp user would be located accounts/user/ntp. Each
129username file will detail the required information about each user. 125username file will detail the required information about each user.
130Certain account features that exist on one class of systems (Linux) but 126Certain account features that exist on one class of systems (Linux) but
131not on others (*BSD) can be redefined in their respective subprofiles. Each 127not on others (*BSD) can be redefined in their respective subprofiles. Each
132groupname will follow similar guidelines. The accounts file will be used to 128groupname will follow similar guidelines. The accounts file will be used to
133describe global account defaults such as the default range of 'valid system' 129describe global account defaults such as the default range of 'valid system'
134ids. For example, if the UID 123 is already used on a system, but the ntp 130ids. For example, if the UID 123 is already used on a system, but the ntp
135user defaults to '123', we obviously cannot just duplicate it. So we 131user defaults to '123', we obviously cannot just duplicate it. So we
136would select the next available UID on the system based upon the range 132would select the next available UID on the system based upon the range
137defined here.</p> 133defined here.</p>
138</div> 134</div>
139<div class="section" id="local-overrides"> 135<div class="section">
140<h3><a class="toc-backref" href="#id8" name="local-overrides">Local Overrides</a></h3> 136<h3><a class="toc-backref" href="#id8" id="local-overrides" name="local-overrides">Local Overrides</a></h3>
141<p>Following the tried and true style of custom local portage files being 137<p>Following the tried and true style of custom local portage files being
142found in /etc/portage, this new system will follow the same. Users can 138found in /etc/portage, this new system will follow the same. Users can
143setup their own directory heirarchy in /etc/portage/profile/accounts/ that 139setup their own directory heirarchy in /etc/portage/profile/accounts/ that
144mimics the heirarchy found in the portage tree. When portage attempts to add 140mimics the heirarchy found in the portage tree. When portage attempts to add
145a new user, it will first check /etc/portage/profile/accounts/user/&lt;username&gt;. 141a new user, it will first check /etc/portage/profile/accounts/user/&lt;username&gt;.
146If it does not exist, it will simply use the default definition in the 142If it does not exist, it will simply use the default definition in the
147portage tree.</p> 143portage tree.</p>
148</div> 144</div>
149</div> 145</div>
150<div class="section" id="developer-interface"> 146<div class="section">
151<h2><a class="toc-backref" href="#id9" name="developer-interface">Developer Interface</a></h2> 147<h2><a class="toc-backref" href="#id9" id="developer-interface" name="developer-interface">Developer Interface</a></h2>
152<div class="section" id="eusers-egroups"> 148<div class="section">
153<h3><a class="toc-backref" href="#id10" name="eusers-egroups">EUSERS + EGROUPS</a></h3> 149<h3><a class="toc-backref" href="#id10" id="eusers-egroups" name="eusers-egroups">EUSERS + EGROUPS</a></h3>
154<p>Ebuilds that wish to add users or groups to the system must set these 150<p>Ebuilds that wish to add users or groups to the system must set these
155variables. They are both space delimited lists that tells portage what 151variables. They are both space delimited lists that tells portage what
156users/groups must be added to the system before emerging the ebuild. The 152users/groups must be added to the system before emerging the ebuild. The
157maintainer of the ebuild can assume the users/groups they have listed 153maintainer of the ebuild can assume the users/groups they have listed
158exist before the functions in the ebuild (pkg_setup, src_install, etc...) 154exist before the functions in the ebuild (pkg_setup, src_install, etc...)
159are ever run.</p> 155are ever run.</p>
160</div> 156</div>
161<div class="section" id="id1"> 157<div class="section">
162<h3><a class="toc-backref" href="#id11" name="id1">Defining Accounts</a></h3> 158<h3><a class="toc-backref" href="#id11" id="id1" name="id1">Defining Accounts</a></h3>
163<p>Any developer is free to add users/groups in their ebuilds provided they 159<p>Any developer is free to add users/groups in their ebuilds provided they
164create the required account definition files.</p> 160create the required account definition files.</p>
165</div> 161</div>
166</div> 162</div>
167<div class="section" id="user-interface"> 163<div class="section">
168<h2><a class="toc-backref" href="#id12" name="user-interface">User Interface</a></h2> 164<h2><a class="toc-backref" href="#id12" id="user-interface" name="user-interface">User Interface</a></h2>
169<div class="section" id="users-update"> 165<div class="section">
170<h3><a class="toc-backref" href="#id13" name="users-update">users-update</a></h3> 166<h3><a class="toc-backref" href="#id13" id="users-update" name="users-update">users-update</a></h3>
171<p>When this script is run, all the users/groups that have been added by 167<p>When this script is run, all the users/groups that have been added by
172portage to the system will be shown along with the packages that have 168portage to the system will be shown along with the packages that have
173added said users/groups. Here they can delete accounts that are no longer 169added said users/groups. Here they can delete accounts that are no longer
174required by the currently installed packages (and optionally run a 170required by the currently installed packages (and optionally run a
175script that will try to locate all files on the system that may still be 171script that will try to locate all files on the system that may still be
176owned by the account).</p> 172owned by the account).</p>
177</div> 173</div>
178<div class="section" id="features-noautoaccts"> 174<div class="section">
179<h3><a class="toc-backref" href="#id14" name="features-noautoaccts">FEATURES=noautoaccts</a></h3> 175<h3><a class="toc-backref" href="#id14" id="features-noautoaccts" name="features-noautoaccts">FEATURES=noautoaccts</a></h3>
180<p>This is for the people who never want portage creating accounts for them. 176<p>This is for the people who never want portage creating accounts for them.
181When portage needs to add an account to the system but &quot;noautoaccts&quot; is 177When portage needs to add an account to the system but &quot;noautoaccts&quot; is
182in FEATURES, portage will abort with a message instructing the user to 178in FEATURES, portage will abort with a message instructing the user to
183add the accounts that are listed in EUSERS and EGROUPS. This is 179add the accounts that are listed in EUSERS and EGROUPS. This is
184obviously a required step before the package will be emerged.</p> 180obviously a required step before the package will be emerged.</p>
185</div> 181</div>
186</div> 182</div>
187</div> 183</div>
188<div class="section" id="rationale"> 184<div class="section">
189<h1><a class="toc-backref" href="#id15" name="rationale">Rationale</a></h1> 185<h1><a class="toc-backref" href="#id15" id="rationale" name="rationale">Rationale</a></h1>
190<p>Developers no longer have to worry about how to properly add users/groups 186<p>Developers no longer have to worry about how to properly add users/groups
191to systems and worry about whether or not their code will work on all 187to systems and worry about whether or not their code will work on all
192systems (LDAP vs local shadow vs cross compile vs etc...). Users can 188systems (LDAP vs local shadow vs cross compile vs etc...). Users can
193easily override the defaults Gentoo has before dictated. The default 189easily override the defaults Gentoo has before dictated. The default
194passwd and group database can once again be trimmed down to the barest of 190passwd and group database can once again be trimmed down to the barest of
195accounts.</p> 191accounts.</p>
196</div> 192</div>
197<div class="section" id="backwards-compatibility"> 193<div class="section">
198<h1><a class="toc-backref" href="#id16" name="backwards-compatibility">Backwards Compatibility</a></h1> 194<h1><a class="toc-backref" href="#id16" id="backwards-compatibility" name="backwards-compatibility">Backwards Compatibility</a></h1>
199<p>Handled in similar fashion as other portage rollouts. When using the new 195<p>Handled in similar fashion as other portage rollouts. When using the new
200account system, add a DEPEND for the required version of portage to the 196account system, add a DEPEND for the required version of portage to the
201ebuild.</p> 197ebuild.</p>
202</div> 198</div>
203<div class="section" id="references"> 199<div class="section">
204<h1><a class="toc-backref" href="#id17" name="references">References</a></h1> 200<h1><a class="toc-backref" href="#id17" id="references" name="references">References</a></h1>
205<table class="docutils footnote" frame="void" id="apibug" rules="none"> 201<table class="docutils footnote" frame="void" id="apibug" rules="none">
206<colgroup><col class="label" /><col /></colgroup> 202<colgroup><col class="label" /><col /></colgroup>
207<tbody valign="top"> 203<tbody valign="top">
208<tr><td class="label"><a name="apibug">[1]</a></td><td><a class="reference" href="http://bugs.gentoo.org/show_bug.cgi?id=8634">http://bugs.gentoo.org/show_bug.cgi?id=8634</a></td></tr> 204<tr><td class="label"><a name="apibug">[1]</a></td><td><a class="reference" href="http://bugs.gentoo.org/show_bug.cgi?id=8634">http://bugs.gentoo.org/show_bug.cgi?id=8634</a></td></tr>
209</tbody> 205</tbody>
210</table> 206</table>
211</div> 207</div>
212<div class="section" id="copyright"> 208<div class="section">
213<h1><a class="toc-backref" href="#id18" name="copyright">Copyright</a></h1> 209<h1><a class="toc-backref" href="#id18" id="copyright" name="copyright">Copyright</a></h1>
214<p>This document has been placed in the public domain.</p> 210<p>This document has been placed in the public domain.</p>
215</div> 211</div>
216 212
217</div> 213</div>
218<div class="footer"> 214<div class="footer">
219<hr class="footer" /> 215<hr class="footer" />
220<a class="reference" href="glep-0027.txt">View document source</a>. 216<a class="reference" href="glep-0027.txt">View document source</a>.
221Generated on: 2005-09-18 20:48 UTC. 217Generated on: 2007-10-13 13:39 UTC.
222Generated by <a class="reference" href="http://docutils.sourceforge.net/">Docutils</a> from <a class="reference" href="http://docutils.sourceforge.net/rst.html">reStructuredText</a> source. 218Generated by <a class="reference" href="http://docutils.sourceforge.net/">Docutils</a> from <a class="reference" href="http://docutils.sourceforge.net/rst.html">reStructuredText</a> source.
223 219
224</div> 220</div>
225</body> 221</body>
226</html> 222</html>

Legend:
Removed from v.1.4  
changed lines
  Added in v.1.7

  ViewVC Help
Powered by ViewVC 1.1.20