Hello,
Here's another major iteration of user/group package implementation
proposal. There were some major design changes, so probably best
to review from scratch.
Notable changes in user.eclass:
- Darwin support has been removed. It is unused and has been broken
for a long time.
- Support for *BSD remains as it is working and we can test those
platforms easily (it's needed for Gentoo/FBSD).
- esetshell counterpart to egetshell has been added.
- egetusername and egetgroupname utility functions for UID/GID→name
conversion have been added.
- egetcomment and esetcomment functions for passwd comment field
have been added.
- egetgroups and esetgroups functions for getting and altering group
membership have been added.
Notable changes common to both acct-* eclasses:
- ACCT_*_NAME internal variables has been added for readability
and possible future extension (to avoid using PN to mean user/group
name).
- Detecting UID/GID mismatch or conflict for ACCT_*_ENFORCE_ID has been
fixed to work correctly. It no longer fails if the user/group
exists already with the correct UID/GID, and now fails if it exists
with another UID/GID.
Notable changes in acct-user.eclass:
- ACCT_USER_GROUPS is now obligatory. After all, there is no
well-defined concept of user without a primary group.
- Account locking (on removal) and unlocking (on reinstall) is now
supported. On Linux and FreeBSD it uses both password locking (which
should lock the account if sysadmin set any password for it)
and expiration (which locks access completely). Also shell is forced
to nologin for locked accounts.
- Account home directory, shell and group memberships are now updated
on install. This is needed for unlocking but will also help clean up
bad previous designs (see: 'git' user).
- The comment for newly created accounts is now set from DESCRIPTION,
making it possible to properly describe account purposes. On removal,
the removal date is appended to the comment.
Please review. I'll send a GLEP update too shortly.
--
Best regards,
Michał Górny
Michał Górny (19):
user.eclass: Remove dead/broken Darwin support
user.eclass: NetBSD has 'getent'
user.eclass: Do not create user-group automatically
user.eclass: Prevent automated home creation in useradd
user.eclass: Support disabling home directory creation
user.eclass: Support forcing specified UID/GID
user.eclass: Die if no free UID/GID is found
user.eclass: Factor out finding nologin into separate function
user.eclass: Introduce esetshell
user.eclass: Introduce eget{user,group}name
user.eclass: Also permit using functions in pkg_*rm phases
user.eclass: Support getting & setting comment field
user.eclass: Introduce e{get,set}groups
acct-group.eclass: A new eclass to maintain group accounts
acct-user.eclass: A new eclass to maintain user accounts
acct-user.eclass: Supporting locking & unlocking accounts
acct-group/ftp: Add 'ftp' group (GID 21)
acct-user/ftp: Add 'ftp' user (UID 21)
net-ftp/ftpbase: Utilize {group,user}/ftp
acct-group/ftp/ftp-0.ebuild | 8 +
acct-group/ftp/metadata.xml | 5 +
acct-user/ftp/ftp-0.ebuild | 13 +
acct-user/ftp/metadata.xml | 5 +
eclass/acct-group.eclass | 124 ++++++++
eclass/acct-user.eclass | 376 ++++++++++++++++++++++++
eclass/user.eclass | 387 ++++++++++++++++++++-----
net-ftp/ftpbase/ftpbase-0.01-r3.ebuild | 39 +++
profiles/categories | 2 +
9 files changed, 890 insertions(+), 69 deletions(-)
create mode 100644 acct-group/ftp/ftp-0.ebuild
create mode 100644 acct-group/ftp/metadata.xml
create mode 100644 acct-user/ftp/ftp-0.ebuild
create mode 100644 acct-user/ftp/metadata.xml
create mode 100644 eclass/acct-group.eclass
create mode 100644 eclass/acct-user.eclass
create mode 100644 net-ftp/ftpbase/ftpbase-0.01-r3.ebuild
--
2.22.0.rc3
