[arch-general] Arch pkg user and group IDs?

Leonid Isaev leonid.isaev at jila.colorado.edu
Mon Nov 28 03:03:32 UTC 2016 

On Sun, Nov 27, 2016 at 09:50:22PM -0500, Eli Schwartz via arch-general wrote:
> On 11/27/2016 09:16 PM, Leonid Isaev wrote:
> > There is no such think as "arch expects". It is a default setting in
> > /etc/login.defs that is being used by systemd because it is likely that a devs
> > don't change login.defs before building systemd...
> 
> Well, packages can have files that need to have a specific system user
> ownership. That is why the UID/GID database exists, right? Because the
> UID baked into the *.pkg.tar.xz has to match /etc/passwd, and
> systemd-sysusers can't inherently do anything that repetitive useradd +
> getent scripting wasn't always capable of.

For example, dnsmasq ships /usr/lib/sysusers.d/dnsmasq.conf which contains 'u
dnsmasq - "dnsmasq daemon" /' and on my system the user dnsmasq has
(randomly-generated) ID = 997. Such packages won't have any files owned by a
non-root user because they don't know the UID.

> 
> > I strongly suspect that the above wikipage is deprecated. Most likely all arch
> > packages will move to sysuser.d sooner or later.
> 
> I don't see why, again, systemd-sysusers was designed as a declarative
> alternative to `useradd -r` and the Wikipage was never deprecated by
> useradd...

Maybe, but currently most config snippets in /usr/lib/sysusers.d/ do not
specify UID (except qemu.conf shipped with qemu). So I assume those get
assigned randomly.

> 
> > BTW, have you read the manpage of sysuser.d? You can override those "default"
> > IDs by specifying your own, just need to change a few files (on our NIS master
> > there are only snippets supplied with systemd)...
> 
> Do you mean, by manually specifying a hardcoded UID for each user???

Yes, why not? You can override files in /usr/lib/sysusers.d with files in
/etc/sysusers.d having identical names, no? For example, on my workstation,
there are only 23 lines in total where UID need to be changed below 500.

Of course, this needs to be done for all Arch machines. That is why I think
that changing ownership in NFS share is a better idea...

Cheers,
-- 
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6  20DF 9291 EE8A 043C B8C4
                  C0DF 20D0 C075 C3F1 E1BE  775A A7AE F6CB 164B 5A6D

More information about the arch-general mailing list