Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 7 Dec 2011 20:09:40 +0000
From:      Chris Rees <utisoft@gmail.com>
To:        Brooks Davis <brooks@freebsd.org>
Cc:        ports@freebsd.org
Subject:   Re: Creation of users in ports
Message-ID:  <CADLo83--VFdMvJrcsgrqJ5SRFvRX8KkDTB-zEvRzpLjnJ4eYRA@mail.gmail.com>
In-Reply-To: <20111207200624.GA49137@lor.one-eyed-alien.net>
References:  <CADLo8397bb09XhHW1cuMonXDCtkUaj1c%2BsOA9e6zBEio=X=EjA@mail.gmail.com> <20111207200624.GA49137@lor.one-eyed-alien.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On 7 December 2011 20:06, Brooks Davis <brooks@freebsd.org> wrote:
> On Wed, Dec 07, 2011 at 07:54:07PM +0000, Chris Rees wrote:
>> Hi all,
>>
>> I'm at a loss as to how to restore functionality for creating (or
>> using) customised users in ports. =A0For example, using the old method
>> (pkg-install scripts) many ports allowed the user to change the
>> username used for the port.
>>
>> With the new functionality, if the username isn't found in
>> /usr/ports/UIDs it's rejected, and the port can't use it.
>>
>> Can anyone explain to me why it would be a bad idea to include the
>> system's passwd and group files in the search? This would allow the
>> ports system to accept any user that already exists, as well as
>> creating the correct code in the plist.
>>
>> For example; someone wants to install postgresql as username Fred, so
>> s/he sets PG_USER=3DFred in /etc/make.conf. =A0Currently this causes an
>> error on build, because Fred is not in /usr/ports/UIDs. =A0Were
>> /etc/master.passwd and /etc/group searched too, that wouldn't cause a
>> problem.
>>
>> Any obvious oversights?
>
> It seems like a better (but more complicatd) solution would use "getent
> passwd ${USER}" to check for existing users. =A0(You need to check
> explicitly rather than treating the output without /etc/passwd because
> some nss modules don't enumerate to avoid listing the thousands or tens
> of thousands of users in a corporate AD or LDAP installation).

Oops, there's the obvious problem :) Thanks.

Hm, getent will need some sed magic to change to master.passwd style,
or we could change UIDs to use passwd style....

Chris



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADLo83--VFdMvJrcsgrqJ5SRFvRX8KkDTB-zEvRzpLjnJ4eYRA>