Contents of /xml/htdocs/proj/en/glep/glep-0027.html

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.2 - (hide annotations) (download) (as text)
Tue Jul 20 18:21:20 2004 UTC (14 years, 6 months ago) by g2boojum
Branch: MAIN
Changes since 1.1: +46 -41 lines
File MIME type: text/html
GLEP updates.

1 g2boojum 1.1 <?xml version="1.0" encoding="utf-8" ?>
2     <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3     <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
4     <!--
5     This HTML is auto-generated. DO NOT EDIT THIS FILE! If you are writing a new
6     PEP, see http://www.python.org/peps/pep-0001.html for instructions and links
8     -->
9     <head>
10     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
11 g2boojum 1.2 <meta name="generator" content="Docutils 0.3.3: http://docutils.sourceforge.net/" />
12 g2boojum 1.1 <title>GLEP 27 -- Portage Management of UIDs/GIDs</title>
13     <link rel="stylesheet" href="tools/glep.css" type="text/css" />
14     </head>
15     <body bgcolor="white">
16     <table class="navigation" cellpadding="0" cellspacing="0"
17     width="100%" border="0">
18     <tr><td class="navicon" width="150" height="35">
19     <a href="http://www.gentoo.org/" title="Gentoo Linux Home Page">
20     <img src="http://www.gentoo.org/images/gentoo-new.gif" alt="[Gentoo]"
21     border="0" width="150" height="35" /></a></td>
22     <td class="textlinks" align="left">
23     [<b><a href="http://www.gentoo.org/">Gentoo Linux Home</a></b>]
24     [<b><a href="http://www.gentoo.org/proj/en/glep">GLEP Index</a></b>]
25 g2boojum 1.2 [<b><a href="./glep-0027.txt">GLEP Source</a></b>]
26 g2boojum 1.1 </td></tr></table>
27     <div class="document">
28     <table class="rfc2822 field-list" frame="void" rules="none">
29     <col class="field-name" />
30     <col class="field-body" />
31     <tbody valign="top">
32     <tr class="field"><th class="field-name">GLEP:</th><td class="field-body">27</td>
33     </tr>
34     <tr class="field"><th class="field-name">Title:</th><td class="field-body">Portage Management of UIDs/GIDs</td>
35     </tr>
36 g2boojum 1.2 <tr class="field"><th class="field-name">Version:</th><td class="field-body">1.3</td>
37 g2boojum 1.1 </tr>
38 g2boojum 1.2 <tr class="field"><th class="field-name">Last-Modified:</th><td class="field-body"><a class="reference" href="http://www.gentoo.org/cgi-bin/viewcvs/xml/htdocs/proj/en/glep/glep-0027.txt?cvsroot=gentoo">2004/07/20 18:19:27</a></td>
39 g2boojum 1.1 </tr>
40     <tr class="field"><th class="field-name">Author:</th><td class="field-body">Mike Frysinger &lt;vapier&#32;&#97;t&#32;gentoo.org&gt;</td>
41     </tr>
42     <tr class="field"><th class="field-name">Status:</th><td class="field-body">Draft</td>
43     </tr>
44     <tr class="field"><th class="field-name">Type:</th><td class="field-body">Standards Track</td>
45     </tr>
46 g2boojum 1.2 <tr class="field"><th class="field-name">Content-Type:</th><td class="field-body"><a class="reference" href="glep-0012.html">text/x-rst</a></td>
47 g2boojum 1.1 </tr>
48     <tr class="field"><th class="field-name">Created:</th><td class="field-body">29 May 2004</td>
49     </tr>
50 g2boojum 1.2 <tr class="field"><th class="field-name">Post-History:</th><td class="field-body">29-May-2004, 20-Jul-2004</td>
51 g2boojum 1.1 </tr>
52     </tbody>
53     </table>
54     <hr />
55     <div class="contents topic" id="contents">
56 g2boojum 1.2 <p class="topic-title first"><a name="contents">Contents</a></p>
57 g2boojum 1.1 <ul class="simple">
58 g2boojum 1.2 <li><a class="reference" href="#status" id="id2" name="id2">Status</a></li>
59     <li><a class="reference" href="#abstract" id="id3" name="id3">Abstract</a></li>
60     <li><a class="reference" href="#motivation" id="id4" name="id4">Motivation</a></li>
61     <li><a class="reference" href="#specification" id="id5" name="id5">Specification</a><ul>
62     <li><a class="reference" href="#portage-structure" id="id6" name="id6">Portage Structure</a><ul>
63     <li><a class="reference" href="#defining-accounts" id="id7" name="id7">Defining Accounts</a></li>
64     <li><a class="reference" href="#local-overrides" id="id8" name="id8">Local Overrides</a></li>
65 g2boojum 1.1 </ul>
66     </li>
67 g2boojum 1.2 <li><a class="reference" href="#developer-interface" id="id9" name="id9">Developer Interface</a><ul>
68     <li><a class="reference" href="#eusers-egroups" id="id10" name="id10">EUSERS + EGROUPS</a></li>
69     <li><a class="reference" href="#id1" id="id11" name="id11">Defining Accounts</a></li>
70 g2boojum 1.1 </ul>
71     </li>
72 g2boojum 1.2 <li><a class="reference" href="#user-interface" id="id12" name="id12">User Interface</a><ul>
73     <li><a class="reference" href="#users-update" id="id13" name="id13">users-update</a></li>
74     <li><a class="reference" href="#features-noautoaccts" id="id14" name="id14">FEATURES=noautoaccts</a></li>
75 g2boojum 1.1 </ul>
76     </li>
77     </ul>
78     </li>
79 g2boojum 1.2 <li><a class="reference" href="#rationale" id="id15" name="id15">Rationale</a></li>
80     <li><a class="reference" href="#backwards-compatibility" id="id16" name="id16">Backwards Compatibility</a></li>
81     <li><a class="reference" href="#references" id="id17" name="id17">References</a></li>
82     <li><a class="reference" href="#copyright" id="id18" name="id18">Copyright</a></li>
83 g2boojum 1.1 </ul>
84     </div>
85 g2boojum 1.2 <div class="section" id="status">
86     <h1><a class="toc-backref" href="#id2" name="status">Status</a></h1>
87     <p>This GLEP was approved as-is on 14-Jun-2004.</p>
88     </div>
89 g2boojum 1.1 <div class="section" id="abstract">
90 g2boojum 1.2 <h1><a class="toc-backref" href="#id3" name="abstract">Abstract</a></h1>
91 g2boojum 1.1 <p>The current handling of users and groups in the portage system lacks
92     policy and a decent API. We need an API that is both simple for
93     developers and end users.</p>
94     </div>
95     <div class="section" id="motivation">
96 g2boojum 1.2 <h1><a class="toc-backref" href="#id4" name="motivation">Motivation</a></h1>
97 g2boojum 1.1 <p>Currently the policy is left up to respective ebuild maintainers to
98     choose the username, id, shell settings, etc... and to have them added
99     in the right place at the right time in the right way. When the
100     addition of users was found to often times have broken logic, the
101     enewuser and enewgroup functions were designed to remove all the
102     details. However, these functions still suffer from some fundamental
103     problems. First, there is no local customization. Second, maintainers
104     still use the functions improperly (binary packages have suffered the
105     most thus far). Third, the functions are not portable across non-linux
106     systems and not friendly to cross compiling or other exotic setups.
107     There are other reasons, but these listed few are enough to warrant
108     change.</p>
109     </div>
110     <div class="section" id="specification">
111 g2boojum 1.2 <h1><a class="toc-backref" href="#id5" name="specification">Specification</a></h1>
112 g2boojum 1.1 <div class="section" id="portage-structure">
113 g2boojum 1.2 <h2><a class="toc-backref" href="#id6" name="portage-structure">Portage Structure</a></h2>
114 g2boojum 1.1 <div class="section" id="defining-accounts">
115 g2boojum 1.2 <h3><a class="toc-backref" href="#id7" name="defining-accounts">Defining Accounts</a></h3>
116 g2boojum 1.1 <p>A new directory will need to be added to the rsync tree to store the
117     files that define the default values for new accounts.</p>
118     <pre class="literal-block">
119     portage/profiles/accounts/
120     user/&lt;username&gt;.xml
121     group/&lt;groupname&gt;.xml
122     accounts.xml
123     </pre>
124     <p>The files are named with the respective user/group name since they need
125     to be unique in their respective domains. For example, the file
126     detailing the ntp user would be located accounts/user/ntp.xml. Each
127     username.xml file will detail the required information about each user.
128     Certain account features that exist on one class of systems (Linux) but
129     not on others (*BSD) can be tagged as such. Each groupname.xml will
130     follow similar guidelines. The accounts.xml will be used to describe
131     global account defaults such as the default range of 'valid system' ids.
132     For example, if the UID 123 is already used on a system, but the ntp
133     user defaults to '123', we obviously cannot just duplicate it. So we
134     would select the next available UID on the system based upon the range
135     defined here.</p>
136     </div>
137     <div class="section" id="local-overrides">
138 g2boojum 1.2 <h3><a class="toc-backref" href="#id8" name="local-overrides">Local Overrides</a></h3>
139 g2boojum 1.1 <p>Following the tried and true style of custom local portage files being
140     found in /etc/portage, this new system will follow the same. Users can
141     setup their own directory heirarchy in /etc/portage/accounts/ that mimics
142     the heirarchy found in the portage tree. When portage attempts to add a
143     new user, it will first check /etc/portage/accounts/user/&lt;username&gt;.xml.
144     If it does not exist, it will simply use the default definition in the
145     portage tree.</p>
146     </div>
147     </div>
148     <div class="section" id="developer-interface">
149 g2boojum 1.2 <h2><a class="toc-backref" href="#id9" name="developer-interface">Developer Interface</a></h2>
150 g2boojum 1.1 <div class="section" id="eusers-egroups">
151 g2boojum 1.2 <h3><a class="toc-backref" href="#id10" name="eusers-egroups">EUSERS + EGROUPS</a></h3>
152 g2boojum 1.1 <p>Ebuilds that wish to add users or groups to the system must set these
153     variables. They are both space delimited lists that tells portage what
154     users/groups must be added to the system before emerging the ebuild. The
155     maintainer of the ebuild can assume the users/groups they have listed
156     exist before the functions in the ebuild (pkg_setup, src_install, etc...)
157     are ever run.</p>
158     </div>
159     <div class="section" id="id1">
160 g2boojum 1.2 <h3><a class="toc-backref" href="#id11" name="id1">Defining Accounts</a></h3>
161 g2boojum 1.1 <p>Any developer is free to add users/groups in their ebuilds provided they
162     create the required account definition files.</p>
163     </div>
164     </div>
165     <div class="section" id="user-interface">
166 g2boojum 1.2 <h2><a class="toc-backref" href="#id12" name="user-interface">User Interface</a></h2>
167 g2boojum 1.1 <div class="section" id="users-update">
168 g2boojum 1.2 <h3><a class="toc-backref" href="#id13" name="users-update">users-update</a></h3>
169 g2boojum 1.1 <p>When this script is run, all the users/groups that have been added by
170     portage to the system will be shown along with the packages that have
171     added said users/groups. Here they can delete accounts that are no longer
172     required by the currently installed packages (and optionally run a
173     script that will try to locate all files on the system that may still be
174     owned by the account).</p>
175     </div>
176     <div class="section" id="features-noautoaccts">
177 g2boojum 1.2 <h3><a class="toc-backref" href="#id14" name="features-noautoaccts">FEATURES=noautoaccts</a></h3>
178 g2boojum 1.1 <p>This is for the people who never want portage creating accounts for them.
179     When portage needs to add an account to the system but &quot;noautoaccts&quot; is
180     in FEATURES, portage will abort with a message instructing the user to
181     add the accounts that are listed in EUSERS and EGROUPS. This is
182     obviously a required step before the package will be emerged.</p>
183     </div>
184     </div>
185     </div>
186     <div class="section" id="rationale">
187 g2boojum 1.2 <h1><a class="toc-backref" href="#id15" name="rationale">Rationale</a></h1>
188 g2boojum 1.1 <p>Developers no longer have to worry about how to properly add users/groups
189     to systems and worry about whether or not their code will work on all
190     systems (LDAP vs local shadow vs cross compile vs etc...). Users can
191     easily override the defaults Gentoo has before dictated. The default
192     passwd and group database can once again be trimmed down to the barest of
193     accounts.</p>
194     </div>
195     <div class="section" id="backwards-compatibility">
196 g2boojum 1.2 <h1><a class="toc-backref" href="#id16" name="backwards-compatibility">Backwards Compatibility</a></h1>
197 g2boojum 1.1 <p>Handled in similar fashion as other portage rollouts. When using the new
198     account system, add a DEPEND for the required version of portage to the
199     ebuild.</p>
200     </div>
201     <div class="section" id="references">
202 g2boojum 1.2 <h1><a class="toc-backref" href="#id17" name="references">References</a></h1>
203 g2boojum 1.1 <table class="footnote" frame="void" id="apibug" rules="none">
204     <colgroup><col class="label" /><col /></colgroup>
205     <tbody valign="top">
206     <tr><td class="label"><a name="apibug">[1]</a></td><td><a class="reference" href="http://bugs.gentoo.org/show_bug.cgi?id=8634">http://bugs.gentoo.org/show_bug.cgi?id=8634</a></td></tr>
207     </tbody>
208     </table>
209     </div>
210     <div class="section" id="copyright">
211 g2boojum 1.2 <h1><a class="toc-backref" href="#id18" name="copyright">Copyright</a></h1>
212 g2boojum 1.1 <p>This document has been placed in the public domain.</p>
213     </div>
214     </div>
216 g2boojum 1.2 <hr class="footer" />
217 g2boojum 1.1 <div class="footer">
218     <a class="reference" href="glep-0027.txt">View document source</a>.
219 g2boojum 1.2 Generated on: 2004-07-20 18:19 UTC.
220 g2boojum 1.1 Generated by <a class="reference" href="http://docutils.sourceforge.net/">Docutils</a> from <a class="reference" href="http://docutils.sourceforge.net/rst.html">reStructuredText</a> source.
221     </div>
222     </body>
223     </html>

  ViewVC Help
Powered by ViewVC 1.1.20