Please correct me if I got something wrong. My understanding is the following:
- rpmbuild will generate `Provides: user(foo) = <hash>` and `Provides:
group(foo) = <hash>` (??, see below) for packages which have sysusers.d files
- rpmbuild will generate `Requires: {user,group}(foo)` or `Recommends:
{user,group}(foo)` for packages which carry files owned by user or group `foo`
(depending on `%_use_weak_usergroup_deps`)
- rpm carries `/usr/lib/rpm/sysusers.sh` and will invoke it when installing
packages which have the appropriate Provides.
- `sysusers.sh` is in bash (provided by `bash.rpm`) and calls `useradd`,
`groupadd`, `usermod`, `groupmod` (provided by `shadow-utils.rpm`), `touch`,
`cut`, `mkdir` (provided by `coreutils.rpm`), and `grep` (provided by
`grep.rpm`).
- `rpm.rpm` declares dependency on `bash` and `coreutils`, but **not** `grep`
or `shadow-utils`
- `sysusers.sh` implements `u`, `g`, and `m`, but **not** `r`
- `sysusers.sh` knows about `/usr/lib/sysusers.d`, `/run/sysusers.d`, and
`/etc/sysusers.d`, but **not** about `/usr/local/lib/sysusers.d`.
- `sysusers.sh` also doesn't know about specifiers
The lack of dependencies seems to be a problem. A package may have `Requires:
user(foo)`, which will pull in some package that has `Provides: user(foo)`, but
this is not enough. Something else needs to pull in both `rpm` and
`shadow-utils` and `grep`.
Those tool dependencies are a problem: `rpm` is a very big dependency. It is
strange to install it in images just to create users. Maybe it should be split
out to `rpm-sysusers-impl` (name TBD), so it can be installed without the rest
of the stack? Also, that package should probably get dependencies on the
appropriate tools.
Packages which are supposed to provide a user should get a Requires or
Recommends dependency on the implementing tool (depending on
`%_use_weak_usergroup_deps`).
I understand the decision to move away from `systemd-sysusers` as the
implementation, but it would be great if it was still allowed as an option. In
fact, systemd provides two implementations: one in `systemd.rpm` and the second
one in `systemd-standalone-sysusers`. The latter has dependencies only on
`glibc`, `libcap`, `libgcc`, `libselinux`, and `libgcrypt`, and is much smaller
than `shadow-utils`.
For example, packages that have `Provides: {user,group}(…)`, could have a
dependency on `rpm-sysusers-impl | systemd-sysusers`, and `rpm` should attempt
to call both `systemd-sysusers` and `sysusers.sh`.
Please explain how this is all supposed to be integrated by a distro…
---
I was testing this with `dbus` package, and I noticed the following:
- `dbus-common` has `Provides: user(dbus) =
dSBkYnVzIDgxICJTeXN0ZW0gTWVzc2FnZSBCdXMiIC0gLQAA` but `Provides: group(dbus)`,
with no `= …`. Looking at the code, this provides will be ignored. Is this
intentional?
- I can't get this to work at all. After calling `sudo dnf5 install
--use-host-config --installroot=/var/tmp/inst5
noarch/dbus-common-1.14.10-1.fc40.noarch.rpm` I get no dbus in
`/var/tmp/inst5/etc/{group,passwd}`. I tried installing `rpm`, `grep`,
`shadow-utils` and part of the same transaction, or in an earlier transaction,
and the result is the same.
/cc @DaanDeMeyer
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/2697
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/issues/2...@github.com>
_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint