cvs commit: doc/en_US.ISO8859-1/books/porters-handbook book.sgml

Thomas-Martin Seck tmseck-lists at netcologne.de
Mon Feb 23 16:00:30 PST 2004 

* Kris Kennaway (kris at obsecurity.org):

> On Mon, Feb 23, 2004 at 10:27:05PM +0000, Thomas-Martin Seck wrote:
> > 
> > I'm sorry, I did not obey this -- which uid/gid should I use instead?  I
> > do not need a fixed uid like qmail, just a starting point, pkg-install
> > will try to assign squid to the first free uid starting from there. The
> > same applies for the gid. It seems that I get slapped left and right
> > today for www/squid :(
> 
> Ports should always use fixed uids and gids.  Suppose that squid
> assigns itself one that is currently free on my machine, but is
> actually listed in the porters handbook as claimed by another port.
> Then later I try and install that port.  The results of this will be
> unpredictable, but not good.

Understood.

> You should choose a fixed uid and gid that is currently free, register
> it in the porter's handbook and use it.  Unfortunately since the 3128
> uid has already been deployed, you'll have to provide an upgrade path
> for people who have a squid installation from the port with files
> owned by that uid.  For example, a 'make upgrade' target that chowns
> the files to the new user, removes the old uid and gid and does
> whatever other transition work might be needed.  This would not be run
> by default, but pkg-message should suggest using it if the 3128 uid
> exists.

OK, I'd like to register the uid 100 then. I'll implement a uid
transition mechanism from 3128 to 100 and include it in the next
maintainer update.

> > btw: Is implementing something like WANT_UID/WANT_USER in bsd.port.mk
> > something worth pursuing? There are a lot of hand-made solutions of
> > varying quality in the ports system for this problem now.
> 
> What would that do?

It should create a pseudo-user with name=WANT_USER with uid=WANT_UID in
a unified way to reduce the chance of a maintainer doing something silly
in Makefile or pkg-install when hand-rolling this. The problem I see
with this proposal is that this is hard to implement this with make(1)
since ideally this should be something like 'makeuser(username, uid,
gid, homedir[, loginshell if we want to make this customizable])'. An
added bonus would be that the user/uid demand is clearly visible in the
Makefile (if that is of any value).

If implementing this in bsd.port.mk is not feasible, we should have at
least a known working reference for cut-and-pasting in the porters
handbook since there are at least three different implementations for
the problem of creating a user/group on the fly in the ports tree.

More information about the cvs-all mailing list