[systemd-devel] sysusers and login.defs checks

[Colin Guthrie]

'Twas brillig, and Lennart Poettering at 21/07/14 23:28 did gyre and gimble:
> On Mon, 21.07.14 15:43, Lennart Poettering (lennart at poettering.net) wrote:
> 
>>> While I appreciate sysusers is intended primarily for bootstrapping
>>> /etc, I guess the general consensus is to move package pre/post scripts
>>> over to use sysusers instead anyway. Thus the tool should really check
>>> /etc/login.defs at runtime if it's present before falling back to its
>>> defaults. Those defaults could be set from a compile time check of
>>> login.defs too.
>>
>> I am pretty strongly against this. Making this administrator
>> configurable apepars very wrong, this really should be a decision for
>> the distribution vendor, and that's it.  We shouldn't design a system
>> that comes to completely different results if you boot it up with and
>> without /etc populated...
> 
> Here's another idea: maybe we can bind this to the "users" group. Many
> distributions (not all...) have this group and add regular users to
> it. Maybe that's what we should use on top of the numeric UID boundary
> check: if some user is either >= 1000 or is a member of the "users"
> group we will consider him or her a regular user instead of a system
> user. In many cases this should magically make things work. And even where
> this isn't sufficient we at least have a nice solution to tell people:
> make your user a member of "users" and it will properly be recognised as
> regular user.
> 
> Happy to add a patch for this!

And I guess this heuristic would be easy enough to add to
accountsservice too.

I guess it's OK to do this kind of user lookup stuff from the journal
code (i.e. server_fix_perms())?

Col


-- 

Colin Guthrie
gmane(at)colin.guthr.ie
http://colin.guthr.ie/

Day Job:
  Tribalogic Limited http://www.tribalogic.net/
Open Source:
  Mageia Contributor http://www.mageia.org/
  PulseAudio Hacker http://www.pulseaudio.org/
  Trac Hacker http://trac.edgewall.org/