From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id F0BD3138334 for ; Tue, 3 Dec 2019 13:04:38 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 4B76CE082F; Tue, 3 Dec 2019 13:04:35 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id E2BFDE0824 for ; Tue, 3 Dec 2019 13:04:34 +0000 (UTC) Received: from [192.168.1.100] (c-98-218-46-55.hsd1.md.comcast.net [98.218.46.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: mjo) by smtp.gentoo.org (Postfix) with ESMTPSA id 6A3A034D4AF for ; Tue, 3 Dec 2019 13:04:33 +0000 (UTC) Subject: Re: [gentoo-dev] RFC: UID/GID rspamd To: gentoo-dev@lists.gentoo.org References: <20191202152322.GC3060@atlantis> <20191203104116.GA3062@atlantis> From: Michael Orlitzky Message-ID: Date: Tue, 3 Dec 2019 08:04:28 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.2.2 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 In-Reply-To: <20191203104116.GA3062@atlantis> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit X-Archives-Salt: 242fa9f1-7345-4385-9910-140e002e516c X-Archives-Hash: ce9b6d9a3fcb8f92de0e9eab77e1dfcd On 12/3/19 5:41 AM, Petr Vaněk wrote: > > Btw, I am just curios about the situation when there is a foo overlay > with acct-{user,group}/foo using UID/GID already set in main gentoo > overlay and later on we would like to move it to the main gentoo > overlay. It would be necessary to chose different UID/GID for > acct-{user,group}/foo. So, my question is, would it be technically > feasible to do the migration for users of the foo overlay? I can > imagine this scenario will occur once in the future and it is UID/GID > change. > The GLEP81 eclasses will reuse an existing account (with the "old" UID) if the name matches. When migrating from an overlay, things should keep working for the overlay users -- they just won't get the new UID. Regular users of ::gentoo won't notice anything out of the ordinary. What doesn't work is trying to fix the existing UID/GID to match the new one. To do that, you'd need to know every file on the system that's owned by the old UID, so that you can switch them to the new UID. There's no good way to do that, and definitely no secure way to chown them afterwards. So, we can't do it in the eclasses in the main tree. But, if you're working on something in an overlay and if you know how the software works and are comfortable finding/deleting all of its files and wiping its entry out of /etc/passwd, then in that specific case, you can even switch the UIDs. Just manually erase all traces of the user from your system, and then emerge the ebuild from ::gentoo.