Merged #2503 into master.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2503#event-9717885388
You are receiving this because you are subscribed to this thread.
Message ID:
___
Rpm-maint
Okay no further comments from anybody...
This needs to go into the beta to give us a chance to react if it turns out to
be a disaster.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2503#issuecomment-1619641327
You are receiving this
Typo + poor function name addressed in the last push, plus rebased.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2503#issuecomment-1609327146
You are receiving this because you are subscribed to this thread.
Message ID:
@pmatilai commented on this pull request.
> @@ -1454,9 +1454,9 @@ RPMDB_INIT
runroot rpmbuild -bb --quiet --define "pkg user" --define "provs %{add_sysuser
u myuser 876 - /home/myuser /bin/sh}"\
/data/SPECS/deptest.spec
-runroot rpm -U /build/RPMS/noarch/deptest-user-1.0-1.noarch.rpm 2>
@pmatilai commented on this pull request.
> +return rc;
+}
+
+static int lookup_num(const char *path, const char *val, int vcol, int rcol,
+ long *ret)
+{
+char *buf = NULL;
+int rc = lookup_field(path, val, vcol, rcol, );
+if (rc == 0) {
+ rc =
@pmatilai pushed 3 commits.
6dd0c895c4d2d47844166067ff5c553026ef66e6 Make user/group info reliable
operation across chroot
b7eeb75a6a9b1b8639ed949d114b4c4c4fa6d2d6 Simplify rpmug caching
7406f0bd790a7b82f9ae4fda0c9b6d6b97e63391 Test user-creation + verify in a
--root operation
--
View it
Apart from the inline comments I made, the change itself looks good!
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2503#issuecomment-1604564230
You are receiving this because you are subscribed to this thread.
Message ID:
@dmnks commented on this pull request.
> @@ -1454,9 +1454,9 @@ RPMDB_INIT
runroot rpmbuild -bb --quiet --define "pkg user" --define "provs %{add_sysuser
u myuser 876 - /home/myuser /bin/sh}"\
/data/SPECS/deptest.spec
-runroot rpm -U /build/RPMS/noarch/deptest-user-1.0-1.noarch.rpm 2>
@dmnks commented on this pull request.
> @@ -1454,9 +1454,9 @@ RPMDB_INIT
runroot rpmbuild -bb --quiet --define "pkg user" --define "provs %{add_sysuser
u myuser 876 - /home/myuser /bin/sh}"\
/data/SPECS/deptest.spec
-runroot rpm -U /build/RPMS/noarch/deptest-user-1.0-1.noarch.rpm 2>
@dmnks commented on this pull request.
> @@ -1454,9 +1454,9 @@ RPMDB_INIT
runroot rpmbuild -bb --quiet --define "pkg user" --define "provs %{add_sysuser
u myuser 876 - /home/myuser /bin/sh}"\
/data/SPECS/deptest.spec
-runroot rpm -U /build/RPMS/noarch/deptest-user-1.0-1.noarch.rpm 2>
@dmnks commented on this pull request.
> @@ -1454,9 +1454,9 @@ RPMDB_INIT
runroot rpmbuild -bb --quiet --define "pkg user" --define "provs %{add_sysuser
u myuser 876 - /home/myuser /bin/sh}"\
/data/SPECS/deptest.spec
-runroot rpm -U /build/RPMS/noarch/deptest-user-1.0-1.noarch.rpm 2>
@dmnks commented on this pull request.
> @@ -132,6 +132,10 @@
%_keyringpath %{_dbpath}/pubkeys/
+# Location of passwd(d) and group(5)
Typo here! Should be `passwd(5)` :smile:
--
Reply to this email directly or view it on GitHub:
@dmnks commented on this pull request.
> +return rc;
+}
+
+static int lookup_num(const char *path, const char *val, int vcol, int rcol,
+ long *ret)
+{
+char *buf = NULL;
+int rc = lookup_field(path, val, vcol, rcol, );
+if (rc == 0) {
+ rc =
@pmatilai pushed 3 commits.
8700097c0956fe23db3d1b02105a34ccabe769dd Make user/group info reliable
operation across chroot
058b2d0636d90e12b40ad7abfb334d94dea137cc Simplify rpmug caching
0dcdfcbf79f69463d5b2b9f9adc701a9d53e1e9b Test user-creation + verify in a
--root operation
--
View it
Elaborated a bit on the intentional NSS exclusion in the commit message.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2503#issuecomment-1571671625
You are receiving this because you are subscribed to this thread.
Message ID:
@pmatilai commented on this pull request.
> #include
#include
#include "lib/misc.h"
#include "lib/rpmug.h"
#include "debug.h"
+#define PWFILE "/etc/passwd"
+#define GRPFILE "/etc/group"
Configuration macros added now.
--
Reply to this email directly or view it on GitHub:
@pmatilai pushed 3 commits.
d7c7e068c68622ce3dd5c8c65985cbafb304013f Make user/group info reliable
operation across chroot
2f763fe982b3aa14e7410cb3238d570fc39f8ad8 Simplify rpmug caching
b08619370fe818dcf3175583979cc907257cb81b Test user-creation + verify in a
--root operation
--
View it
Should also fix #1789 for real
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2503#issuecomment-1568057810
You are receiving this because you are subscribed to this thread.
Message ID: ___
One possibility is to (perhaps optionally) fall back to NSS if local lookup
fails, for the non-chroot case.
That said, I'd rather leave that fallback out initially and only add later if
it turns out unavoidable. The thing is, NSS in a chroot is a lost cause because
doing the first lookup
@pmatilai commented on this pull request.
> + }
+ }
+}
+
+fclose(f);
+
+return rc;
+}
+
+static int lookup_num(const char *path, const char *val, int vcol, int rcol,
+ long *ret)
+{
+char *buf = NULL;
+int rc = lookup_field(path, val,
@pmatilai pushed 3 commits.
3e92bd977fb8d218dccf7ebab46595e5943b3fbf Make user/group info reliable
operation across chroot
21e5ac089749f55c4ca51dae73739a47bcccf58a Simplify rpmug caching
1cd4bbeded7006314f2d9b4a3716851795ed9732 Test user-creation + verify in a
--root operation
--
View it
@pmatilai commented on this pull request.
> + long *ret)
+{
+char *buf = NULL;
+int rc = lookup_field(path, val, vcol, rcol, );
+if (rc == 0) {
+ long num = atol(buf);
+ *ret = num;
+ free(buf);
+}
+return rc;
+}
+
+static int
@pmatilai pushed 3 commits.
1cb3c0605c9ad64dee038234a2618c20cdac8c3a Make user/group info reliable
operation across chroot
98495025b8c7ab36bfc93823b6ddd60382f33e89 Simplify rpmug caching
831db8eb47829b8dae7f8cf66d9b9129c5aa577e Test user-creation + verify in a
--root operation
--
View it
@pmatilai commented on this pull request.
> + long *ret)
+{
+char *buf = NULL;
+int rc = lookup_field(path, val, vcol, rcol, );
+if (rc == 0) {
+ long num = atol(buf);
+ *ret = num;
+ free(buf);
+}
+return rc;
+}
+
+static int
@dcantrell commented on this pull request.
> + long *ret)
+{
+char *buf = NULL;
+int rc = lookup_field(path, val, vcol, rcol, );
+if (rc == 0) {
+ long num = atol(buf);
+ *ret = num;
+ free(buf);
+}
+return rc;
+}
+
+static int
@dcantrell commented on this pull request.
> + }
+ }
+}
+
+fclose(f);
+
+return rc;
+}
+
+static int lookup_num(const char *path, const char *val, int vcol, int rcol,
+ long *ret)
+{
+char *buf = NULL;
+int rc = lookup_field(path, val,
@dcantrell commented on this pull request.
> #include
#include
#include "lib/misc.h"
#include "lib/rpmug.h"
#include "debug.h"
+#define PWFILE "/etc/passwd"
+#define GRPFILE "/etc/group"
I would say testing is the most relevant use here to define these paths in a
config file. In
Doing one thing for a chroot and another for the host seems inconsistent to me.
Assuming we accept that rpm needs to honor NSS then doing a local parse for the
chroot is just different kind of buggy, because the chroot may just as well be
configured for something else. I'm inclined to agree
@pmatilai commented on this pull request.
> + long *ret)
+{
+char *buf = NULL;
+int rc = lookup_field(path, val, vcol, rcol, );
+if (rc == 0) {
+ long num = atol(buf);
+ *ret = num;
+ free(buf);
+}
+return rc;
+}
+
+static int
I would be more happy if it does the local parsing only in the chroot case,
like with my old patch.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2503#issuecomment-1540219256
You are receiving this because you are subscribed to this
@nwalfield commented on this pull request.
> + long *ret)
+{
+char *buf = NULL;
+int rc = lookup_field(path, val, vcol, rcol, );
+if (rc == 0) {
+ long num = atol(buf);
+ *ret = num;
+ free(buf);
+}
+return rc;
+}
+
+static int
@pmatilai commented on this pull request.
> #include
#include
#include "lib/misc.h"
#include "lib/rpmug.h"
#include "debug.h"
+#define PWFILE "/etc/passwd"
+#define GRPFILE "/etc/group"
I wondered about this too. If there's a remotely relevant OS that has those
files in some other
@pmatilai commented on this pull request.
> + long *ret)
+{
+char *buf = NULL;
+int rc = lookup_field(path, val, vcol, rcol, );
+if (rc == 0) {
+ long num = atol(buf);
+ *ret = num;
+ free(buf);
+}
+return rc;
+}
+
+static int
@pmatilai commented on this pull request.
> + }
+ }
+}
+
+fclose(f);
+
+return rc;
+}
+
+static int lookup_num(const char *path, const char *val, int vcol, int rcol,
+ long *ret)
+{
+char *buf = NULL;
+int rc = lookup_field(path, val,
@dcantrell commented on this pull request.
Added some comments and questions.
> #include
#include
#include "lib/misc.h"
#include "lib/rpmug.h"
#include "debug.h"
+#define PWFILE "/etc/passwd"
+#define GRPFILE "/etc/group"
I'm not aware of another system that would put passwd and
Ignoring users from network services is quite intentional. That's mentioned in
the commit message but perhaps it deserves to be expanded. see the discussion
in #882.
--
Reply to this email directly or view it on GitHub:
What about users and groups that are not in `/etc/passwd` or `/etc/group`?
Those won’t work with this design.
IMO the only way to get everything right is to either reimplement glibc
nsswitch (yuck) or to fork/exec a subprocess and have _that_ chroot before it
makes any user or group lookups.
@pmatilai pushed 1 commit.
8c86ddbe9347593de2f617d5b2b4d46ebd244213 Test user-creation + verify in a
--root operation
--
View it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2503/files/7801ccb640d32c218ea9033fd22a4f5cee9ca88a..8c86ddbe9347593de2f617d5b2b4d46ebd244213
You are
@pmatilai pushed 1 commit.
7801ccb640d32c218ea9033fd22a4f5cee9ca88a Simplify rpmug caching
--
View it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2503/files/5fef48bbd86228364f841198de3c58ec009efa8c..7801ccb640d32c218ea9033fd22a4f5cee9ca88a
You are receiving this because you
Theres no telling what sort of caching getpwnam() and friends perform
behind the scenes, and worse, theres no way to explicitly reset those
caches. This can lead to chrooted operations using user/group data from the
host, which is simply wrong.
Do our own parsing of /etc/passwd and /etc/group
40 matches
Mail list logo
