From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id BCFD013826A for ; Tue, 24 May 2016 19:00:39 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 9E03221C04D; Tue, 24 May 2016 19:00:28 +0000 (UTC) Received: from nm28-vm2.bullet.mail.ir2.yahoo.com (nm28-vm2.bullet.mail.ir2.yahoo.com [212.82.97.62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 7FD3D21C01D for ; Tue, 24 May 2016 19:00:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.fr; s=s2048; t=1464116425; bh=ry252ItAurXKbpMBh1BNNU0NiL8i0PExHxxOWZRHhXk=; h=Date:From:Reply-To:To:Subject:References:From:Subject; b=dKx+xjVtq/Mh26N7GIedaATtbimYEhqrUz3Nr06c9opz2AQCiakrdsj0Oi9UElPFT9V4/GKVoM9jIP42eecZixpwVy3GZp8NGhNFcsbHd8H/IT0LTiUOyTaV2UzCMZhyPozgRaTSSFyUBCjQ0Gn8iNIdnrHo9cNkyqNwFN5YaIdwzTcUtHvxQaEetHLje6NQikwaSq4JpvlDfn8lPNpTFI6xY6Av7ivW2YseT3J1Cw9NprcqLWrJDHKJ7CP/0xhYTfxKZa+0CSnb/7dsZGYLnwVc5V1vcc2uf6N2upkLTWey0aBQra/Bog9uGQiT32J1IA1iNesvmXW024OoG24lig== Received: from [212.82.98.54] by nm28.bullet.mail.ir2.yahoo.com with NNFMP; 24 May 2016 19:00:25 -0000 Received: from [212.82.98.90] by tm7.bullet.mail.ir2.yahoo.com with NNFMP; 24 May 2016 19:00:25 -0000 Received: from [127.0.0.1] by omp1027.mail.ir2.yahoo.com with NNFMP; 24 May 2016 19:00:25 -0000 X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 933812.25908.bm@omp1027.mail.ir2.yahoo.com X-YMail-OSG: 98S3V4oVM1nnSenW.bnVdMRjFgXTiTaMQqie7zljl.50vqpBaJK4RkwR.BeIm1v bGkUXYgXleabxAWvRzpCwQqZLwybbOg_GDzy3yjiZmcY1qd0KSmmsvAo8Yrvddi1rcXKI6OHr0Ly YsrPsW5NeMFT0uIgUWt21s64FoYTVKXDJi5ROEUgXWV3kwMPEb_lQiMItdAukzExXWF41fSqiGvb ieBfhtDpoVeu9E4lQBuIzSUwWgj_G4X6PjVzpeAvIGtHPVyvFG5rEGH574SXcdPd.8xUHTfS1EVY .U4E7wWXZ5FhUTCm_Z7cirzLdX1aHX268iJ84eXb7FeLniKXPpC1gYpUcPpU8HvKDNftzy.pNvPd EQHLsg7LloXexgp_Zih.jFLTkqqnA5hJjPU6H9uRLgvXUxcFuHxe.GomVYDBaVLQ8s0AKsWzZw78 gI4Xqg_UwAA_2Oav.qcxWEYpct0C8hqHZG.BDvnW1iRq6rKJdmO6kb0LVJbXbX3Mioy_tlbRjY_g ScJTHoA-- Received: from jws11184.mail.ir2.yahoo.com by sendmailws109.mail.ir2.yahoo.com; Tue, 24 May 2016 19:00:25 +0000; 1464116425.492 Date: Tue, 24 May 2016 19:00:25 +0000 (UTC) From: Farid BENAMROUCHE To: Message-ID: <1187243158.3442649.1464116425074.JavaMail.yahoo@mail.yahoo.com> Subject: [gentoo-dev] Modification proposal for user/group creation when ROOT!="/" Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit References: <1187243158.3442649.1464116425074.JavaMail.yahoo.ref@mail.yahoo.com> X-Archives-Salt: 2c5c3f83-3566-42c5-af0f-1e4b7b2f9e5d X-Archives-Hash: 9f32356ff260fda80b0f474b4c7d6bfd Hi all, Currently there is an old known limitation when using ROOT= option to install a package in a folder: user/groups are created in the host filesystem, not the target root filesystem. So I've pushed some modifications to the upstream shadow repo. Basically, I've added a --prefix option to user{add,mod,del} and group{add,mod,del} This option does the same as --root option, but whithout a chroot (so compatible when cross compiling) You can see more details (and the limitation of my implementation) in the shadow github repo: https://github.com/shadow-maint/shadow/issues/18 Now, for the gentoo part, I do have a working solution that I've pushed in the following bugzilla: https://bugs.gentoo.org/show_bug.cgi?id=541406 A new user.eclass file with modified enewuser,enewgroup and egetent that all supports ${ROOT} option via --prefix in shadow utilities. For now I've only added this option for linux. However, I've encountered some unexpected issues: some ebuilds are using direct calls to chown and fowners. Both are not compatible with ${ROOT}... To solve this, I've created 2 new calls in user.eclass: echown and efowners. The only thing the new functions are doing is to get the uid/gid from the correct passwd/group files from ${ROOT} using the modified egetent function and pass that to the native chown/fowners... For example, in sys-power/nut we can find: chown nut:nut ${ROOT}/var/lib/nut This should be changed to echown nut:nut ${ROOT}/var/lib/nut Same to fowners. If the modification is not done, either the ebuild will fail because the nut user does not exists in the host, or the incorrect uid will be user in ${ROOT} The solution is not perfect, but at least better than what we have today, and totally usable I believe. I've uploaded the patches for lighttpd and nut, plus my patch for user.eclass for review in this bug... we do have time until upstream shadow team reviews and commits my modifications (at least). Side note: it's a bit complicated to know when to add ${ROOT} and when not in a ebuild... For example, chown needs ${ROOT} but fowners must not!... Side note 2: maybe I should add a verification to check if useradd/groupadd supports my new --prefix solution, and fallback to original behavior if not? Tests: I've compiled a full working system with my above solution, and it works. (cross compilation in a dedicated target root path) Regards, Farid