packaging
/
ostree
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

doc: adapting-existing: Update story on latest /usr/lib/passwd bits

This commit is contained in:
Colin Walters 2014-06-20 10:13:33 -04:00
parent 84c658a82e
commit fbd97b2ef2
1 changed files with 19 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
doc/adapting-existing.xml
View File

@ -163,17 +163,20 @@ d /run/media 0755 root root -
</chapter> </chapter>
<chapter id="lib-passwd"> <chapter id="lib-passwd">
<title>/lib/passwd</title> <title>/usr/lib/passwd</title>
<para> <para>
In order to ship an OS that contains both system users and users Unlike traditional package systems, OSTree trees contain
dynamically created on client machines, you will need to choose <emphasis>numeric</emphasis> uid and gids. Furthermore, it does
a solution for <filename>/etc/passwd</filename>. The core not have a <literal>%post</literal> type mechanism where
problem is that if you add a user to the system for a daemon, <filename>useradd</filename> could be invoked. In order to ship
the OSTree upgrade process for <filename an OS that contains both system users and users dynamically
class='directory'>/etc</filename> will simply notice that created on client machines, you will need to choose a solution
because <filename>/etc/passwd</filename> differs from the for <filename>/etc/passwd</filename>. The core problem is that
previous default, it will keep the modified config file, and if you add a user to the system for a daemon, the OSTree upgrade
your new OS user will not be visible. process for <filename class='directory'>/etc</filename> will
simply notice that because <filename>/etc/passwd</filename>
differs from the previous default, it will keep the modified
config file, and your new OS user will not be visible.
</para> </para>
<para> <para>
The solution chosen for the <ulink The solution chosen for the <ulink
@ -182,9 +185,12 @@ d /run/media 0755 root root -
<filename>/usr/lib/passwd</filename>, and to include a NSS <filename>/usr/lib/passwd</filename>, and to include a NSS
module <ulink module <ulink
url="https://github.com/aperezdc/nss-altfiles">nss-altfiles</ulink> url="https://github.com/aperezdc/nss-altfiles">nss-altfiles</ulink>
which instructs glibc to read from it. Then, the build system places which instructs glibc to read from it. Then, the build system
all system users there, freeing up <filename>/etc/passwd</filename> places all system users there, freeing up
to be purely a database of local users. <filename>/etc/passwd</filename> to be purely a database of
local users. See also a more recent effort from <ulink
url="http://0pointer.de/blog/projects/stateless.html">Systemd
stateless</ulink>.
</para> </para>
</chapter> </chapter>