[gentoo-dev] Re: [PATCH 00/19] Add acct-group packages for udev-related groups
On Sat, Jul 27, 2019 at 10:24 AM Mike Gilbert wrote: > > The systemd and udev ebuilds create three groups: input, kvm, and > render. These are used by udev rules to control access to hardware. > > There are several other groups referenced by udev rules, so it makes > sense to explicitly depend on them as well. Since the situation with baselayout is a bit unclear, I will probably start with just the input, kvm, and render groups initially. Opinions and rationale on whether it makes sense to move users/groups out of baselayout long-term would be welcome.
[gentoo-dev] [PATCH 12/19] acct-group/tty: new group (5)
Package-Manager: Portage-2.3.69_p3, Repoman-2.3.16_p12 Signed-off-by: Mike Gilbert --- acct-group/tty/metadata.xml | 7 +++ acct-group/tty/tty-0.ebuild | 8 2 files changed, 15 insertions(+) create mode 100644 acct-group/tty/metadata.xml create mode 100644 acct-group/tty/tty-0.ebuild diff --git a/acct-group/tty/metadata.xml b/acct-group/tty/metadata.xml new file mode 100644 index ..8e7007e5a467 --- /dev/null +++ b/acct-group/tty/metadata.xml @@ -0,0 +1,7 @@ + +http://www.gentoo.org/dtd/metadata.dtd";> + + + syst...@gentoo.org + + diff --git a/acct-group/tty/tty-0.ebuild b/acct-group/tty/tty-0.ebuild new file mode 100644 index ..20e8d2a8d5e3 --- /dev/null +++ b/acct-group/tty/tty-0.ebuild @@ -0,0 +1,8 @@ +# Copyright 2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit acct-group + +ACCT_GROUP_ID=5 -- 2.22.0
[gentoo-dev] [PATCH 11/19] acct-group/kmem: new group (9)
Package-Manager: Portage-2.3.69_p3, Repoman-2.3.16_p12 Signed-off-by: Mike Gilbert --- acct-group/kmem/kmem-0.ebuild | 8 acct-group/kmem/metadata.xml | 7 +++ 2 files changed, 15 insertions(+) create mode 100644 acct-group/kmem/kmem-0.ebuild create mode 100644 acct-group/kmem/metadata.xml diff --git a/acct-group/kmem/kmem-0.ebuild b/acct-group/kmem/kmem-0.ebuild new file mode 100644 index ..e2ed3f22a662 --- /dev/null +++ b/acct-group/kmem/kmem-0.ebuild @@ -0,0 +1,8 @@ +# Copyright 2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit acct-group + +ACCT_GROUP_ID=9 diff --git a/acct-group/kmem/metadata.xml b/acct-group/kmem/metadata.xml new file mode 100644 index ..8e7007e5a467 --- /dev/null +++ b/acct-group/kmem/metadata.xml @@ -0,0 +1,7 @@ + +http://www.gentoo.org/dtd/metadata.dtd";> + + + syst...@gentoo.org + + -- 2.22.0
[gentoo-dev] [PATCH 09/19] acct-group/tape: new group (26)
Package-Manager: Portage-2.3.69_p3, Repoman-2.3.16_p12 Signed-off-by: Mike Gilbert --- acct-group/tape/metadata.xml | 7 +++ acct-group/tape/tape-0.ebuild | 8 2 files changed, 15 insertions(+) create mode 100644 acct-group/tape/metadata.xml create mode 100644 acct-group/tape/tape-0.ebuild diff --git a/acct-group/tape/metadata.xml b/acct-group/tape/metadata.xml new file mode 100644 index ..8e7007e5a467 --- /dev/null +++ b/acct-group/tape/metadata.xml @@ -0,0 +1,7 @@ + +http://www.gentoo.org/dtd/metadata.dtd";> + + + syst...@gentoo.org + + diff --git a/acct-group/tape/tape-0.ebuild b/acct-group/tape/tape-0.ebuild new file mode 100644 index ..62f494997b09 --- /dev/null +++ b/acct-group/tape/tape-0.ebuild @@ -0,0 +1,8 @@ +# Copyright 2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit acct-group + +ACCT_GROUP_ID=26 -- 2.22.0
[gentoo-dev] [PATCH 08/19] acct-group/render: new group (28)
Package-Manager: Portage-2.3.69_p3, Repoman-2.3.16_p12 Signed-off-by: Mike Gilbert --- acct-group/render/metadata.xml| 7 +++ acct-group/render/render-0.ebuild | 8 2 files changed, 15 insertions(+) create mode 100644 acct-group/render/metadata.xml create mode 100644 acct-group/render/render-0.ebuild diff --git a/acct-group/render/metadata.xml b/acct-group/render/metadata.xml new file mode 100644 index ..8e7007e5a467 --- /dev/null +++ b/acct-group/render/metadata.xml @@ -0,0 +1,7 @@ + +http://www.gentoo.org/dtd/metadata.dtd";> + + + syst...@gentoo.org + + diff --git a/acct-group/render/render-0.ebuild b/acct-group/render/render-0.ebuild new file mode 100644 index ..0a33c1c5b96c --- /dev/null +++ b/acct-group/render/render-0.ebuild @@ -0,0 +1,8 @@ +# Copyright 2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit acct-group + +ACCT_GROUP_ID=28 -- 2.22.0
[gentoo-dev] [PATCH 10/19] acct-group/video: new group (27)
Package-Manager: Portage-2.3.69_p3, Repoman-2.3.16_p12 Signed-off-by: Mike Gilbert --- acct-group/video/metadata.xml | 7 +++ acct-group/video/video-0.ebuild | 8 2 files changed, 15 insertions(+) create mode 100644 acct-group/video/metadata.xml create mode 100644 acct-group/video/video-0.ebuild diff --git a/acct-group/video/metadata.xml b/acct-group/video/metadata.xml new file mode 100644 index ..8e7007e5a467 --- /dev/null +++ b/acct-group/video/metadata.xml @@ -0,0 +1,7 @@ + +http://www.gentoo.org/dtd/metadata.dtd";> + + + syst...@gentoo.org + + diff --git a/acct-group/video/video-0.ebuild b/acct-group/video/video-0.ebuild new file mode 100644 index ..cb416ccecf48 --- /dev/null +++ b/acct-group/video/video-0.ebuild @@ -0,0 +1,8 @@ +# Copyright 2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit acct-group + +ACCT_GROUP_ID=27 -- 2.22.0
[gentoo-dev] [PATCH 07/19] acct-group/lp: new group (7)
Package-Manager: Portage-2.3.69_p3, Repoman-2.3.16_p12 Signed-off-by: Mike Gilbert --- acct-group/lp/lp-0.ebuild | 8 acct-group/lp/metadata.xml | 7 +++ 2 files changed, 15 insertions(+) create mode 100644 acct-group/lp/lp-0.ebuild create mode 100644 acct-group/lp/metadata.xml diff --git a/acct-group/lp/lp-0.ebuild b/acct-group/lp/lp-0.ebuild new file mode 100644 index ..1b9b1de7bb37 --- /dev/null +++ b/acct-group/lp/lp-0.ebuild @@ -0,0 +1,8 @@ +# Copyright 2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit acct-group + +ACCT_GROUP_ID=7 diff --git a/acct-group/lp/metadata.xml b/acct-group/lp/metadata.xml new file mode 100644 index ..8e7007e5a467 --- /dev/null +++ b/acct-group/lp/metadata.xml @@ -0,0 +1,7 @@ + +http://www.gentoo.org/dtd/metadata.dtd";> + + + syst...@gentoo.org + + -- 2.22.0
[gentoo-dev] [PATCH 05/19] acct-group/input: new group (97)
Package-Manager: Portage-2.3.69_p3, Repoman-2.3.16_p12 Signed-off-by: Mike Gilbert --- acct-group/input/input-0.ebuild | 8 acct-group/input/metadata.xml | 7 +++ 2 files changed, 15 insertions(+) create mode 100644 acct-group/input/input-0.ebuild create mode 100644 acct-group/input/metadata.xml diff --git a/acct-group/input/input-0.ebuild b/acct-group/input/input-0.ebuild new file mode 100644 index ..e0c891b35d44 --- /dev/null +++ b/acct-group/input/input-0.ebuild @@ -0,0 +1,8 @@ +# Copyright 2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit acct-group + +ACCT_GROUP_ID=97 diff --git a/acct-group/input/metadata.xml b/acct-group/input/metadata.xml new file mode 100644 index ..8e7007e5a467 --- /dev/null +++ b/acct-group/input/metadata.xml @@ -0,0 +1,7 @@ + +http://www.gentoo.org/dtd/metadata.dtd";> + + + syst...@gentoo.org + + -- 2.22.0
[gentoo-dev] [PATCH 06/19] acct-group/kvm: new group (78)
Package-Manager: Portage-2.3.69_p3, Repoman-2.3.16_p12 Signed-off-by: Mike Gilbert --- acct-group/kvm/kvm-0.ebuild | 8 acct-group/kvm/metadata.xml | 7 +++ 2 files changed, 15 insertions(+) create mode 100644 acct-group/kvm/kvm-0.ebuild create mode 100644 acct-group/kvm/metadata.xml diff --git a/acct-group/kvm/kvm-0.ebuild b/acct-group/kvm/kvm-0.ebuild new file mode 100644 index ..3a7f134539c9 --- /dev/null +++ b/acct-group/kvm/kvm-0.ebuild @@ -0,0 +1,8 @@ +# Copyright 2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit acct-group + +ACCT_GROUP_ID=78 diff --git a/acct-group/kvm/metadata.xml b/acct-group/kvm/metadata.xml new file mode 100644 index ..8e7007e5a467 --- /dev/null +++ b/acct-group/kvm/metadata.xml @@ -0,0 +1,7 @@ + +http://www.gentoo.org/dtd/metadata.dtd";> + + + syst...@gentoo.org + + -- 2.22.0
[gentoo-dev] [PATCH 04/19] acct-group/disk: new group (6)
Package-Manager: Portage-2.3.69_p3, Repoman-2.3.16_p12 Signed-off-by: Mike Gilbert --- acct-group/disk/disk-0.ebuild | 8 acct-group/disk/metadata.xml | 7 +++ 2 files changed, 15 insertions(+) create mode 100644 acct-group/disk/disk-0.ebuild create mode 100644 acct-group/disk/metadata.xml diff --git a/acct-group/disk/disk-0.ebuild b/acct-group/disk/disk-0.ebuild new file mode 100644 index ..71b5fa1ed034 --- /dev/null +++ b/acct-group/disk/disk-0.ebuild @@ -0,0 +1,8 @@ +# Copyright 2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit acct-group + +ACCT_GROUP_ID=6 diff --git a/acct-group/disk/metadata.xml b/acct-group/disk/metadata.xml new file mode 100644 index ..8e7007e5a467 --- /dev/null +++ b/acct-group/disk/metadata.xml @@ -0,0 +1,7 @@ + +http://www.gentoo.org/dtd/metadata.dtd";> + + + syst...@gentoo.org + + -- 2.22.0
[gentoo-dev] [PATCH 01/19] acct-group/audio: new group (18)
Package-Manager: Portage-2.3.69_p3, Repoman-2.3.16_p12 Signed-off-by: Mike Gilbert --- acct-group/audio/audio-0.ebuild | 8 acct-group/audio/metadata.xml | 7 +++ 2 files changed, 15 insertions(+) create mode 100644 acct-group/audio/audio-0.ebuild create mode 100644 acct-group/audio/metadata.xml diff --git a/acct-group/audio/audio-0.ebuild b/acct-group/audio/audio-0.ebuild new file mode 100644 index ..97c0d8e0148b --- /dev/null +++ b/acct-group/audio/audio-0.ebuild @@ -0,0 +1,8 @@ +# Copyright 2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit acct-group + +ACCT_GROUP_ID=18 diff --git a/acct-group/audio/metadata.xml b/acct-group/audio/metadata.xml new file mode 100644 index ..8e7007e5a467 --- /dev/null +++ b/acct-group/audio/metadata.xml @@ -0,0 +1,7 @@ + +http://www.gentoo.org/dtd/metadata.dtd";> + + + syst...@gentoo.org + + -- 2.22.0
[gentoo-dev] [PATCH 03/19] acct-group/dialout: new group (20)
Package-Manager: Portage-2.3.69_p3, Repoman-2.3.16_p12 Signed-off-by: Mike Gilbert --- acct-group/dialout/dialout-0.ebuild | 8 acct-group/dialout/metadata.xml | 7 +++ 2 files changed, 15 insertions(+) create mode 100644 acct-group/dialout/dialout-0.ebuild create mode 100644 acct-group/dialout/metadata.xml diff --git a/acct-group/dialout/dialout-0.ebuild b/acct-group/dialout/dialout-0.ebuild new file mode 100644 index ..324e00d81fa2 --- /dev/null +++ b/acct-group/dialout/dialout-0.ebuild @@ -0,0 +1,8 @@ +# Copyright 2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit acct-group + +ACCT_GROUP_ID=20 diff --git a/acct-group/dialout/metadata.xml b/acct-group/dialout/metadata.xml new file mode 100644 index ..8e7007e5a467 --- /dev/null +++ b/acct-group/dialout/metadata.xml @@ -0,0 +1,7 @@ + +http://www.gentoo.org/dtd/metadata.dtd";> + + + syst...@gentoo.org + + -- 2.22.0
[gentoo-dev] [PATCH 02/19] acct-group/cdrom: new group (19)
Package-Manager: Portage-2.3.69_p3, Repoman-2.3.16_p12 Signed-off-by: Mike Gilbert --- acct-group/cdrom/cdrom-0.ebuild | 8 acct-group/cdrom/metadata.xml | 7 +++ 2 files changed, 15 insertions(+) create mode 100644 acct-group/cdrom/cdrom-0.ebuild create mode 100644 acct-group/cdrom/metadata.xml diff --git a/acct-group/cdrom/cdrom-0.ebuild b/acct-group/cdrom/cdrom-0.ebuild new file mode 100644 index ..855d641a7f0f --- /dev/null +++ b/acct-group/cdrom/cdrom-0.ebuild @@ -0,0 +1,8 @@ +# Copyright 2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit acct-group + +ACCT_GROUP_ID=19 diff --git a/acct-group/cdrom/metadata.xml b/acct-group/cdrom/metadata.xml new file mode 100644 index ..8e7007e5a467 --- /dev/null +++ b/acct-group/cdrom/metadata.xml @@ -0,0 +1,7 @@ + +http://www.gentoo.org/dtd/metadata.dtd";> + + + syst...@gentoo.org + + -- 2.22.0
[gentoo-dev] [PATCH 00/19] Add acct-group packages for udev-related groups
The systemd and udev ebuilds create three groups: input, kvm, and render. These are used by udev rules to control access to hardware. There are several other groups referenced by udev rules, so it makes sense to explicitly depend on them as well. The group ids are sourced from sys-apps/baselayout. Where there is a conflict, I favor the id used on Linux over BSD. One exception: the 'render' group has never been assigned a static group id, so I picked id 28 to put it next to the 'video' group. I also include a few groups used by systemd tmpfiles snippets: adm and wheel are assigned permissions on /var/log/journal, and the utmp group is assigned permissions on several files in /var/log. I'm marking syst...@gentoo.org as the maintainer for now. The base-system and udev projects should feel free to add themselves if so desired. Reference: https://github.com/systemd/systemd/blob/v242/README#L227 https://github.com/systemd/systemd/blob/v242/sysusers.d/basic.conf.in Mike Gilbert (19): acct-group/audio: new group (18) acct-group/cdrom: new group (19) acct-group/dialout: new group (20) acct-group/disk: new group (6) acct-group/input: new group (97) acct-group/kvm: new group (78) acct-group/lp: new group (7) acct-group/render: new group (28) acct-group/tape: new group (26) acct-group/video: new group (27) acct-group/kmem: new group (9) acct-group/tty: new group (5) acct-group/adm: new group (4) acct-group/wheel: new group (10) acct-group/utmp: new group (406) sys-apps/systemd: use more acct-group packages sys-apps/systemd: drop patch to replace 'dialout' with 'uucp' sys-fs/udev: use acct-group packages sys-fs/udev: drop patch to replace 'dialout' with 'uucp' acct-group/adm/adm-0.ebuild| 8 acct-group/adm/metadata.xml| 7 +++ acct-group/audio/audio-0.ebuild| 8 acct-group/audio/metadata.xml | 7 +++ acct-group/cdrom/cdrom-0.ebuild| 8 acct-group/cdrom/metadata.xml | 7 +++ acct-group/dialout/dialout-0.ebuild| 8 acct-group/dialout/metadata.xml| 7 +++ acct-group/disk/disk-0.ebuild | 8 acct-group/disk/metadata.xml | 7 +++ acct-group/input/input-0.ebuild| 8 acct-group/input/metadata.xml | 7 +++ acct-group/kmem/kmem-0.ebuild | 8 acct-group/kmem/metadata.xml | 7 +++ acct-group/kvm/kvm-0.ebuild| 8 acct-group/kvm/metadata.xml| 7 +++ acct-group/lp/lp-0.ebuild | 8 acct-group/lp/metadata.xml | 7 +++ acct-group/render/metadata.xml | 7 +++ acct-group/render/render-0.ebuild | 8 acct-group/tape/metadata.xml | 7 +++ acct-group/tape/tape-0.ebuild | 8 acct-group/tty/metadata.xml| 7 +++ acct-group/tty/tty-0.ebuild| 8 acct-group/utmp/metadata.xml | 7 +++ acct-group/utmp/utmp-0.ebuild | 8 acct-group/video/metadata.xml | 7 +++ acct-group/video/video-0.ebuild| 8 acct-group/wheel/metadata.xml | 7 +++ acct-group/wheel/wheel-0.ebuild| 8 sys-apps/systemd/systemd-242-r6.ebuild | 21 +++-- sys-apps/systemd/systemd-.ebuild | 21 +++-- sys-fs/udev/udev-242.ebuild| 22 +- sys-fs/udev/udev-.ebuild | 20 +--- 34 files changed, 281 insertions(+), 28 deletions(-) create mode 100644 acct-group/adm/adm-0.ebuild create mode 100644 acct-group/adm/metadata.xml create mode 100644 acct-group/audio/audio-0.ebuild create mode 100644 acct-group/audio/metadata.xml create mode 100644 acct-group/cdrom/cdrom-0.ebuild create mode 100644 acct-group/cdrom/metadata.xml create mode 100644 acct-group/dialout/dialout-0.ebuild create mode 100644 acct-group/dialout/metadata.xml create mode 100644 acct-group/disk/disk-0.ebuild create mode 100644 acct-group/disk/metadata.xml create mode 100644 acct-group/input/input-0.ebuild create mode 100644 acct-group/input/metadata.xml create mode 100644 acct-group/kmem/kmem-0.ebuild create mode 100644 acct-group/kmem/metadata.xml create mode 100644 acct-group/kvm/kvm-0.ebuild create mode 100644 acct-group/kvm/metadata.xml create mode 100644 acct-group/lp/lp-0.ebuild create mode 100644 acct-group/lp/metadata.xml create mode 100644 acct-group/render/metadata.xml create mode 100644 acct-group/render/render-0.ebuild create mode 100644 acct-group/tape/metadata.xml create mode 100644 acct-group/tape/tape-0.ebuild create mode 100644 acct-group/tty/metadata.xml create mode 100644 acct-group/tty/tty-0.ebuild create mode 100644 acct-group/utmp/metadata.xml create mode 100644 acct-group/utmp/utmp-0.ebuild create mode 100644 acct-group/video/metadata.xml
Re: [gentoo-dev] [RFC] New QA policy: Packages must not disable installing manpages via USE flags
On Thu, 25 Jul 2019 23:56:33 -0400 desultory wrote: > Since when is anyone proposing extirpating man pages on the whole? I am > simply making the rather simple suggestion that pulling in more packages > to support presently optional documentation as newly mandated > documentation when such documentation is neither expected nor desired by > the users of systems onto which it would be installed is not a net > benefit to anyone. Mostly because all things that provide texinfo files have to depend on texinfo, and use texinfo tools to compile their info files. And because presently, the required ubiquitous dependency is causing problems, due to the dependency graph going pear shaped. ( though we maaay have solved that, its hard to tell, we worked around it with bundled deps ... ) This leads to a situation where anything that uses texinfo, *may* want to provide a way to remove that dependency conditionally to avoid suffering, and it is reasonable to imagine somebody doing this. And this is already being done with a USE flag in many packages[1] But, policy as proposed makes the only way to do this to pre-build texinfo files yourself and hand-ship them. Which is amusing, because the info situation is unlike man in one specific way: That the majority of users probably don't want them. Yet, all the packages without a USE gating is making these users suffer problems in portage upgrades. Making developers hand-bundle prebuilt info files instead of depending on texinfo with a use flag? I think you'll just see more people actually opt to solve the dependency problem by nuking the texinfo generation of build cycle entirely, and hoping nobody notices. And unlike USE-gated dependencies that can yelled at by QA using simple static analysis tools, QA yelling at people for nuking man pages might be a little harder to implement tools for. ( But FTR, I don't personally care if texinfo gets shot in the process, it is nothing but pain for me ) > Even default on USE flags would be a better "fix" for > the purported problem then making maintainers generate, package, and > publish man pages themselves. On that I *kinda* agree, I think? But the reason they're not defaulting on, is because the complexity it creates can cause breakage, and for every 1 user that wants to read a man page, there are 10 who just need the program (or library) to just F-ing install already[2] so they can go back to focusing on the thing that they actually care about. So "generate man pages and make installs break for lots of people" is a bad default. 1: https://qa-reports.gentoo.org/output/genrdeps/dindex/sys-apps/texinfo 2: Lest there be confusion, this is not my rhetoric, this is just me channelling the average user who has to ask for help in #gentoo yet again to solve a problem that has had to be solved many dozens of times over, who is not a deity of package management quirks and struggles to make sense of portage errors or comprehend random build failures due to bad build-ordering. Sometimes gentoo is barely usable for even lesser deities, and we aught to be doing more to put the power in the users hands to make this crap just stop. pgpWXiHyTpbqX.pgp Description: OpenPGP digital signature
[gentoo-dev] [PATCH 2/3] acct-user/dnscrypt-proxy: new user (UID 353)
Package-Manager: Portage-2.3.69, Repoman-2.3.16 Signed-off-by: Georgy Yakovlev --- acct-user/dnscrypt-proxy/dnscrypt-proxy-0.ebuild | 12 acct-user/dnscrypt-proxy/metadata.xml| 8 2 files changed, 20 insertions(+) create mode 100644 acct-user/dnscrypt-proxy/dnscrypt-proxy-0.ebuild create mode 100644 acct-user/dnscrypt-proxy/metadata.xml diff --git a/acct-user/dnscrypt-proxy/dnscrypt-proxy-0.ebuild b/acct-user/dnscrypt-proxy/dnscrypt-proxy-0.ebuild new file mode 100644 index 000..fcce19b0688 --- /dev/null +++ b/acct-user/dnscrypt-proxy/dnscrypt-proxy-0.ebuild @@ -0,0 +1,12 @@ +# Copyright 2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit acct-user + +DESCRIPTION="User for net-dns/dnscrypt-proxy" +ACCT_USER_ID=353 +ACCT_USER_GROUPS=( dnscrypt-proxy ) + +acct-user_add_deps diff --git a/acct-user/dnscrypt-proxy/metadata.xml b/acct-user/dnscrypt-proxy/metadata.xml new file mode 100644 index 000..efcd58fe0b9 --- /dev/null +++ b/acct-user/dnscrypt-proxy/metadata.xml @@ -0,0 +1,8 @@ + +http://www.gentoo.org/dtd/metadata.dtd";> + + + gyakov...@gentoo.org + Georgy Yakovlev + + -- 2.22.0
[gentoo-dev] new UID/GID assignement for dnscrypt-proxy (353)
Second attempt, now using UID/GID 353
[gentoo-dev] [PATCH 1/3] acct-group/dnscrypt-proxy: new group (GID 353)
Package-Manager: Portage-2.3.69, Repoman-2.3.16 Signed-off-by: Georgy Yakovlev --- acct-group/dnscrypt-proxy/dnscrypt-proxy-0.ebuild | 9 + acct-group/dnscrypt-proxy/metadata.xml| 8 2 files changed, 17 insertions(+) create mode 100644 acct-group/dnscrypt-proxy/dnscrypt-proxy-0.ebuild create mode 100644 acct-group/dnscrypt-proxy/metadata.xml diff --git a/acct-group/dnscrypt-proxy/dnscrypt-proxy-0.ebuild b/acct-group/dnscrypt-proxy/dnscrypt-proxy-0.ebuild new file mode 100644 index 000..69c780fd796 --- /dev/null +++ b/acct-group/dnscrypt-proxy/dnscrypt-proxy-0.ebuild @@ -0,0 +1,9 @@ +# Copyright 2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit acct-group + +DESCRIPTION="Group for net-dns/dnscrypt-proxy" +ACCT_GROUP_ID=353 diff --git a/acct-group/dnscrypt-proxy/metadata.xml b/acct-group/dnscrypt-proxy/metadata.xml new file mode 100644 index 000..efcd58fe0b9 --- /dev/null +++ b/acct-group/dnscrypt-proxy/metadata.xml @@ -0,0 +1,8 @@ + +http://www.gentoo.org/dtd/metadata.dtd";> + + + gyakov...@gentoo.org + Georgy Yakovlev + + -- 2.22.0
[gentoo-dev] [PATCH 3/3] net-dns/dnscrypt-proxy: update live ebuild, use acct packages
Package-Manager: Portage-2.3.69, Repoman-2.3.16 Signed-off-by: Georgy Yakovlev --- net-dns/dnscrypt-proxy/dnscrypt-proxy-.ebuild | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/net-dns/dnscrypt-proxy/dnscrypt-proxy-.ebuild b/net-dns/dnscrypt-proxy/dnscrypt-proxy-.ebuild index 721259c1364..44a5c203f65 100644 --- a/net-dns/dnscrypt-proxy/dnscrypt-proxy-.ebuild +++ b/net-dns/dnscrypt-proxy/dnscrypt-proxy-.ebuild @@ -5,7 +5,7 @@ EAPI=7 EGO_PN="github.com/jedisct1/${PN}" -inherit fcaps golang-build systemd user +inherit fcaps golang-build systemd if [[ ${PV} == ]]; then inherit git-r3 @@ -24,14 +24,14 @@ IUSE="pie" DEPEND=">=dev-lang/go-1.12" +RDEPEND=" + acct-group/dnscrypt-proxy + acct-user/dnscrypt-proxy +" + FILECAPS=( cap_net_bind_service+ep usr/bin/dnscrypt-proxy ) PATCHES=( "${FILESDIR}"/config-full-paths-r10.patch ) -pkg_setup() { - enewgroup dnscrypt-proxy - enewuser dnscrypt-proxy -1 -1 /var/empty dnscrypt-proxy -} - src_prepare() { default # Create directory structure suitable for building -- 2.22.0
Re: [gentoo-dev] new UID/GID assignement for dnscrypt-proxy (553)
On Saturday, July 27, 2019 12:41:21 AM PDT you wrote: > Any specific reason for 553? > > I had previously suggested that we stay below 500 as long as there is > space. On the one hand it would match the LSB better, on the other hand > we might at some point want to do dynamic allocation counting from 999 > downwards, and keeping the fixed IDs below 500 would reduce the chance > of collisions. > > Ulrich Makes sense, I missed the part that range above 500 is reserved, thanks. No reason except I wanted it to be ?53, because it listens to :53 I can assign to 353, it's unused. -- Best regards, Georgy Yakovlev Gentoo Linux Developer signature.asc Description: This is a digitally signed message part.
Re: [gentoo-dev] [PATCH] user.eclass: Allocate next free UID or GID from 999 downwards.
On Sat, 2019-07-27 at 10:40 +0200, Ulrich Müller wrote: > Fixed UIDs and GIDs are mostly located in the low range, therefore > going downwards from 999 to 101 will minimise collisions between fixed > and dynamically allocated IDs. > > Note that on Linux and other targets using "groupadd -r" from > sys-apps/shadow, GIDs are already allocated that way implicitly. > > Signed-off-by: Ulrich Müller > --- > eclass/user.eclass | 8 > 1 file changed, 4 insertions(+), 4 deletions(-) > > diff --git a/eclass/user.eclass b/eclass/user.eclass > index fdf98caa6099..6563a03a1505 100644 > --- a/eclass/user.eclass > +++ b/eclass/user.eclass > @@ -157,10 +157,10 @@ enewuser() { > euid="next" > fi > if [[ ${euid} == "next" ]] ; then > - for ((euid = 101; euid <= 999; euid++)); do > + for ((euid = 999; euid >= 101; euid--)); do > [[ -z $(egetent passwd ${euid}) ]] && break > done > - [[ ${euid} -le 999 ]] || die "${FUNCNAME}: no free UID found" > + [[ ${euid} -ge 101 ]] || die "${FUNCNAME}: no free UID found" > fi > opts+=( -u ${euid} ) > einfo " - Userid: ${euid}" > @@ -318,10 +318,10 @@ enewgroup() { > _enewgroup_next_gid() { > if [[ ${egid} == *[!0-9]* ]] ; then > # Non numeric > - for ((egid = 101; egid <= 999; egid++)) ; do > + for ((egid = 999; egid >= 101; egid--)) ; do > [[ -z $(egetent group ${egid}) ]] && break > done > - [[ ${egid} -le 999 ]] || die "${FUNCNAME}: no free GID > found" > + [[ ${egid} -ge 101 ]] || die "${FUNCNAME}: no free GID > found" > fi > } > LGTM. -- Best regards, Michał Górny signature.asc Description: This is a digitally signed message part
[gentoo-dev] [PATCH] user.eclass: Allocate next free UID or GID from 999 downwards.
Fixed UIDs and GIDs are mostly located in the low range, therefore going downwards from 999 to 101 will minimise collisions between fixed and dynamically allocated IDs. Note that on Linux and other targets using "groupadd -r" from sys-apps/shadow, GIDs are already allocated that way implicitly. Signed-off-by: Ulrich Müller --- eclass/user.eclass | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/eclass/user.eclass b/eclass/user.eclass index fdf98caa6099..6563a03a1505 100644 --- a/eclass/user.eclass +++ b/eclass/user.eclass @@ -157,10 +157,10 @@ enewuser() { euid="next" fi if [[ ${euid} == "next" ]] ; then - for ((euid = 101; euid <= 999; euid++)); do + for ((euid = 999; euid >= 101; euid--)); do [[ -z $(egetent passwd ${euid}) ]] && break done - [[ ${euid} -le 999 ]] || die "${FUNCNAME}: no free UID found" + [[ ${euid} -ge 101 ]] || die "${FUNCNAME}: no free UID found" fi opts+=( -u ${euid} ) einfo " - Userid: ${euid}" @@ -318,10 +318,10 @@ enewgroup() { _enewgroup_next_gid() { if [[ ${egid} == *[!0-9]* ]] ; then # Non numeric - for ((egid = 101; egid <= 999; egid++)) ; do + for ((egid = 999; egid >= 101; egid--)) ; do [[ -z $(egetent group ${egid}) ]] && break done - [[ ${egid} -le 999 ]] || die "${FUNCNAME}: no free GID found" + [[ ${egid} -ge 101 ]] || die "${FUNCNAME}: no free GID found" fi } -- 2.22.0 signature.asc Description: PGP signature
Re: [gentoo-dev] new UID/GID assignement for dnscrypt-proxy (553)
Any specific reason for 553? I had previously suggested that we stay below 500 as long as there is space. On the one hand it would match the LSB better, on the other hand we might at some point want to do dynamic allocation counting from 999 downwards, and keeping the fixed IDs below 500 would reduce the chance of collisions. Ulrich signature.asc Description: PGP signature