Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 7 Dec 2011 14:06:24 -0600
From:      Brooks Davis <brooks@freebsd.org>
To:        Chris Rees <utisoft@gmail.com>
Cc:        ports@freebsd.org
Subject:   Re: Creation of users in ports
Message-ID:  <20111207200624.GA49137@lor.one-eyed-alien.net>
In-Reply-To: <CADLo8397bb09XhHW1cuMonXDCtkUaj1c%2BsOA9e6zBEio=X=EjA@mail.gmail.com>
References:  <CADLo8397bb09XhHW1cuMonXDCtkUaj1c%2BsOA9e6zBEio=X=EjA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

--k+w/mQv8wyuph6w0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Dec 07, 2011 at 07:54:07PM +0000, Chris Rees wrote:
> Hi all,
>=20
> I'm at a loss as to how to restore functionality for creating (or
> using) customised users in ports.  For example, using the old method
> (pkg-install scripts) many ports allowed the user to change the
> username used for the port.
>=20
> With the new functionality, if the username isn't found in
> /usr/ports/UIDs it's rejected, and the port can't use it.
>=20
> Can anyone explain to me why it would be a bad idea to include the
> system's passwd and group files in the search? This would allow the
> ports system to accept any user that already exists, as well as
> creating the correct code in the plist.
>=20
> For example; someone wants to install postgresql as username Fred, so
> s/he sets PG_USER=3DFred in /etc/make.conf.  Currently this causes an
> error on build, because Fred is not in /usr/ports/UIDs.  Were
> /etc/master.passwd and /etc/group searched too, that wouldn't cause a
> problem.
>=20
> Any obvious oversights?

It seems like a better (but more complicatd) solution would use "getent
passwd ${USER}" to check for existing users.  (You need to check
explicitly rather than treating the output without /etc/passwd because
some nss modules don't enumerate to avoid listing the thousands or tens
of thousands of users in a corporate AD or LDAP installation).

-- Brooks

--k+w/mQv8wyuph6w0
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (FreeBSD)

iD8DBQFO38c/XY6L6fI4GtQRAsP+AKCl5aoa8BRLH4hoVZOPKOj6B987IACggG3f
Cty7VoE7HUGtNNZ8X1LAPBs=
=4HRm
-----END PGP SIGNATURE-----

--k+w/mQv8wyuph6w0--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20111207200624.GA49137>