[arch-general] Groups and GIDs in PKGBUILDs
Hi guys, Is there a policy with regards to GIDs in packages? Here's my scenario: When creating a PKGBUILD, I want certain files to belong to the http group. However, if http might have a different GID on other systems, I'll need to chgrp the files in the .install file, rather than the PKGBUILD, to ensure correct behaviour. On the other hand, if the http group is considered a standard group belonging to the base system, it may be safe to perform the chgrp in the PKGBUILD, and I can be sure that it will map to the correct group when it's upacked on another system. The Mediawiki PKGBUILD in ABS performs a chown to http in the PKGBUILD. I wonder if there's an official list of "safe" groups somewhere? Cheers, Paul
On Wed, May 30, 2012 at 11:06 AM, Paul Gideon Dann <pdgiddie@gmail.com> wrote:
Hi guys,
Is there a policy with regards to GIDs in packages? Here's my scenario:
When creating a PKGBUILD, I want certain files to belong to the http group. However, if http might have a different GID on other systems, I'll need to chgrp the files in the .install file, rather than the PKGBUILD, to ensure correct behaviour. On the other hand, if the http group is considered a standard group belonging to the base system, it may be safe to perform the chgrp in the PKGBUILD, and I can be sure that it will map to the correct group when it's upacked on another system.
The Mediawiki PKGBUILD in ABS performs a chown to http in the PKGBUILD. I wonder if there's an official list of "safe" groups somewhere?
yes: https://wiki.archlinux.org/index.php/DeveloperWiki:UID_/_GID_Database
Cheers, Paul
On Wednesday 30 May 2012 11:23:28 Eric Bélanger wrote:
yes: https://wiki.archlinux.org/index.php/DeveloperWiki:UID_/_GID_Database
Awesome; thank you. Paul
On Wed, May 30, 2012 at 04:33:42PM +0100, Paul Gideon Dann wrote:
On Wednesday 30 May 2012 11:23:28 Eric Bélanger wrote:
yes: https://wiki.archlinux.org/index.php/DeveloperWiki:UID_/_GID_Database
Awesome; thank you.
Paul
Usually you will install to $pkgdir using install(1)'s -g in conjunction of the -m and, at your option, -D flags. Preservance of file metadata in that context is, as far as I understand given through makepkg's fakeroot environment. Please correct me should I be mistaken. cheers! mar77i
On Wednesday 30 May 2012 20:50:38 Martti Kühne wrote:
Usually you will install to $pkgdir using install(1)'s -g in conjunction of the -m and, at your option, -D flags. Preservance of file metadata in that context is, as far as I understand given through makepkg's fakeroot environment.
I think it's a bit more complex than that because groups are stored in archives by their GID, not their name. If I'm using a non-standard group, e.g. "mygroup", the .install file will need to create the "mygroup" group on install, and the system will give it the next available GID. In the binary package, once it's built, a file may have a GID corresponding to "mygroup". If it just so happens that "mygroup" on the packager's computer has a different GID to "mygroup" on the installer's computer, you'll end up with files installed with an unrecognised GID, or (worse) mapped to a different group entirely. In my case, I'm working on a new AUR package for Foswiki, and need to install files assigned to "http". Since this is a standard group (according to the list on the Wiki), I know I can safely chown in the PKGBUILD, because the GID for http will be the same on everyone's system. I hope this makes the problem clearer. Paul
On Thu, May 31, 2012 at 10:26 AM, Paul Gideon Dann <pdgiddie@gmail.com> wrote:
I think it's a bit more complex than that because groups are stored in archives by their GID, not their name. AFAIK makepkg doesn't call bsdtar with numeric-owner. You can check user/group are also stored in package archive.
-- Sébastien Luttringer www.seblu.net
On Thursday 31 May 2012 22:55:51 Seblu wrote:
On Thu, May 31, 2012 at 10:26 AM, Paul Gideon Dann <pdgiddie@gmail.com> wrote:
I think it's a bit more complex than that because groups are stored in archives by their GID, not their name.
AFAIK makepkg doesn't call bsdtar with numeric-owner. You can check user/group are also stored in package archive.
Huh; you're right. It seems to unpack correctly using the the name of the group, rather than the GID when I perform a simple test. I think what must have lead me to this wrong conclusion was that in my case, the group would only be created by the .install script *after* the package was already unpacked. Since the group didn't yet exist, bsdtar would presumably fall back to the GID. So in practice, files still need to be chowned in the .install script if they'll belong to non-standard groups, but not quite for the reason I thought. Thanks for highlighting this. Paul
participants (4)
-
Eric Bélanger
-
Martti Kühne
-
Paul Gideon Dann
-
Seblu