From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1RXKGC-0004ya-Qj for garchives@archives.gentoo.org; Sun, 04 Dec 2011 22:10:13 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id BDFF321C0AD; Sun, 4 Dec 2011 22:10:03 +0000 (UTC) Received: from mail-vw0-f61.google.com (mail-vw0-f61.google.com [209.85.212.61]) by pigeon.gentoo.org (Postfix) with ESMTP id D532521C045 for ; Sun, 4 Dec 2011 22:08:51 +0000 (UTC) Received: by vbbfs19 with SMTP id fs19so4789554vbb.16 for ; Sun, 04 Dec 2011 14:08:51 -0800 (PST) Received: by 10.52.95.174 with SMTP id dl14mr2127650vdb.11.1323036531099; Sun, 04 Dec 2011 14:08:51 -0800 (PST) Path: glegroupsg2000goo.googlegroups.com!not-for-mail Newsgroups: linux.gentoo.dev Date: Sun, 4 Dec 2011 14:08:50 -0800 (PST) In-Reply-To: Complaints-To: groups-abuse@google.com Injection-Info: glegroupsg2000goo.googlegroups.com; posting-host=90.190.167.138; posting-account=m_uFKxAAAAA6XrrK4JGBpeJAGAdNhqIk NNTP-Posting-Host: 90.190.167.138 References: User-Agent: G2/1.0 X-Google-Web-Client: true Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Message-ID: <32665736.247.1323036530975.JavaMail.geo-discussion-forums@vbko11> Subject: Re: [gentoo-dev] user management mitigation From: Leho Kraav To: linux.gentoo.dev@googlegroups.com Cc: gentoo-dev@lists.gentoo.org Content-Type: text/plain; charset=ISO-8859-1 X-Archives-Salt: bfaf60e7-431e-4fc9-9531-cf1e41886a84 X-Archives-Hash: cfcdec01c6cd91c271c7539a5af9ef4d On Sunday, December 4, 2011 4:50:02 PM UTC+2, Leho Kraav wrote: > > * fork my own user.eclass from v1.17, modify it to use --root $ROOT when calling shadow stuff So first thing I'm running into is replacing getent with something that supports chrooting. Only immediate thought for users is using passwd --status. For groups I'm not even seeing anything obvious to use. Any thoughts?