On Thu, 23 Jan 2025 at 20:52, Zbigniew Jędrzejewski-Szmek <zbyszek@xxxxxxxxx> wrote:
Hi!
In accordance with https://docs.fedoraproject.org/en-US/fesco/Mass_package_changes/,
I plan to do a "mass package change" to add sysusers.d config files for all packages
which currently call 'useradd' and 'groupadd' and drop the calls to
getent/id/useradd/groupadd/usermod/gpasswd.
Is there a list of those packages?
This is part of https://fedoraproject.org/wiki/Changes/RPMSuportForSystemdSysusers.
Latest build of rpm will autocreate users and groups for all packages that
contain a sysusers.d config file. This means that, for those packages, we can drop
the scriptlets that do that. In fact, rpm will do this unconditionally, so the
scriptlets which are executed later are now noops and having them in the spec file
is unnecessary and confusing.
Once we have sysusers.d config and the metadata generated by rpm on packages, we want
to again enable generation of hard dependencies in rpm for users and groups used by
the rpm payloads. (A package which has a file or dir owned by a user or group,
specified via %attr, gets Requires:user(…) or Requires:group(…) autogenerated during
build.) This will allow rpm to order packages so that accounts are created before we
try to unpack files owned by those accounts and we don't get unexpected ownership.
For now this is a draft, I'm soliciting feedback. In fact, I didn't rebuild most of
the packages with the changes, so bugs may be lurking. After discussion is done, I
plan to open pull requests with the proposed changes.
The first batch:
https://in.waw.pl/~zbyszek/fedora/sysusers_mass_spec_change_v1.diff.html
Example change (without Release and %changelog boilerplate):
===================&<============================================================
diff --git znc/znc.spec znc/znc.spec.tmp
index f27442daf7..c6e08444cc 100644
--- znc/znc.spec
+++ znc/znc.spec.tmp
@@ -54,3 +54,2 @@ Obsoletes: znc-extra <= %{version}-%{release}
-Requires(pre): shadow-utils
BuildRequires: systemd
@@ -131,2 +130,7 @@ sed -ie 's!/usr/local/!/usr/!' man/znc.1
+# Create a sysusers.d config file
+cat >znc.sysusers.conf <<EOF
+u znc - 'Account for ZNC to run as' /var/lib/znc -
+EOF
+
%build
@@ -161,8 +165,5 @@ install -d "%{buildroot}%{_sharedstatedir}/znc"
+install -m0644 -D znc.sysusers.conf %{buildroot}%{_sysusersdir}/znc.conf
+
-%pre
-getent group znc >/dev/null || groupadd -r znc
-getent passwd znc >/dev/null || \
- useradd -r -g znc -d /var/lib/znc -s /sbin/nologin \
- -c "Account for ZNC to run as" znc
@@ -203,2 +204,3 @@ getent passwd znc >/dev/null || \
%attr(-,znc,znc) %{_sharedstatedir}/znc/
+%{_sysusersdir}/znc.conf
===================>&============================================================
Let me know what you think…
Zbyszek
--
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
-- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
