Hi! In accordance with https://docs.fedoraproject.org/en-US/fesco/Mass_package_changes/, I plan to do a "mass package change" to add sysusers.d config files for all packages which currently call 'useradd' and 'groupadd' and drop the calls to getent/id/useradd/groupadd/usermod/gpasswd.
This is part of https://fedoraproject.org/wiki/Changes/RPMSuportForSystemdSysusers. Latest build of rpm will autocreate users and groups for all packages that contain a sysusers.d config file. This means that, for those packages, we can drop the scriptlets that do that. In fact, rpm will do this unconditionally, so the scriptlets which are executed later are now noops and having them in the spec file is unnecessary and confusing. Once we have sysusers.d config and the metadata generated by rpm on packages, we want to again enable generation of hard dependencies in rpm for users and groups used by the rpm payloads. (A package which has a file or dir owned by a user or group, specified via %attr, gets Requires:user(…) or Requires:group(…) autogenerated during build.) This will allow rpm to order packages so that accounts are created before we try to unpack files owned by those accounts and we don't get unexpected ownership. For now this is a draft, I'm soliciting feedback. In fact, I didn't rebuild most of the packages with the changes, so bugs may be lurking. After discussion is done, I plan to open pull requests with the proposed changes. The first batch: https://in.waw.pl/~zbyszek/fedora/sysusers_mass_spec_change_v1.diff.html Example change (without Release and %changelog boilerplate): ===================&<============================================================ diff --git znc/znc.spec znc/znc.spec.tmp index f27442daf7..c6e08444cc 100644 --- znc/znc.spec +++ znc/znc.spec.tmp @@ -54,3 +54,2 @@ Obsoletes: znc-extra <= %{version}-%{release} -Requires(pre): shadow-utils BuildRequires: systemd @@ -131,2 +130,7 @@ sed -ie 's!/usr/local/!/usr/!' man/znc.1 +# Create a sysusers.d config file +cat >znc.sysusers.conf <<EOF +u znc - 'Account for ZNC to run as' /var/lib/znc - +EOF + %build @@ -161,8 +165,5 @@ install -d "%{buildroot}%{_sharedstatedir}/znc" +install -m0644 -D znc.sysusers.conf %{buildroot}%{_sysusersdir}/znc.conf + -%pre -getent group znc >/dev/null || groupadd -r znc -getent passwd znc >/dev/null || \ - useradd -r -g znc -d /var/lib/znc -s /sbin/nologin \ - -c "Account for ZNC to run as" znc @@ -203,2 +204,3 @@ getent passwd znc >/dev/null || \ %attr(-,znc,znc) %{_sharedstatedir}/znc/ +%{_sysusersdir}/znc.conf ===================>&============================================================ Let me know what you think… Zbyszek -- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
