On Thu, 13.03.14 15:37, Brandon Philips (bran...@ifup.co) wrote: > Also, in commit aca07 my Debian Wheezy container broke because > /usr/bin/getent doesn't understand initgroups. Is there a way to > workaround this?
Oh yikes. I assumed getent with all its verb had been around since a long time. Hmm, so to resolve UIDs and GIDs properly we need some way in the container to do NSS queries, from a binary that links against the container's libc. "getent" is quite good for that as it has parsable output, and given that it is component of glibc we can pretty much assume that it is installed on any interesting container guest... Now, I am not sure how else we can correctly resolve the auxiliary gids list, other than with "getent initgroups". I don't think there's any other nice command for that with parsable output that is ubiquitously installed... Or is there? ideas? IIUC then the the first part of the user transition works correctly though, i.e. the "getent passwd" part? If so, maybe we can try the initgroups part and if it fails simply print a wrning and proceed without setting the auxiliary groups. Would that be enough for you? Lennart -- Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
