[Exherbo-dev] Magic accounts

Ciaran McCreesh ciaran.mccreesh at googlemail.com
Thu Jan 22 15:07:01 GMT 2009


http://github.com/ciaranm/paludis-ciaranm/tree/accounts

Experimental magic accounts support. To use it, you need two
repositories:

    /etc/paludis/repositories/accounts.conf:
        format = accounts

    /etc/paludis/repositories/installed-accounts.conf:
        format = installed-accounts
        handler = passwd

Then, in your tree of choice, you do the following (all keys are
optional, and empty files are ok, although you should probably at least
specify gecos for users):

    metadata/accounts/users/foo.conf:
        gecos = Some foo user
        preferred_uid = 234
        default_group = foo
        extra_groups = bar baz
        home = /dev/null
        shell = /bin/bash

    metadata/accounts/groups/foo.conf:
        preferred_gid = 345

Packages can now depend (build+run, presumably) upon user/foo and
group/foo.

Note that users automatically depend upon their groups, so you need to
have accounts listings for any groups you use.

An account can be specified in more than one repository, in which case
the definition from the most important repository is used. We probably
don't want to rely upon this too much where possible until we have
working support for PackageID to PackageDepSpec conversions...

So how does this look to a user?

If an account is already present on a system, Paludis currently treats
it as installed from a transient source, and not uninstallable. If it
is not present, Paludis treats it as installable. Thus, an account ID
will be either installed or installable, never both.

At some point we'll want to be able to uninstall accounts. That's a bit
more work though, and I'd rather not do that until we're sure the basic
idea is sound.

Note that 'account' refers to a user or group that has been named by at
least one repository; users and groups that aren't used by a tree are
ignored entirely.

Is this enough to merge accounts to master and start using it? What
other features, if any, are needed before we can have a usably working
implementation?

-- 
Ciaran McCreesh
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.exherbo.org/pipermail/exherbo-dev/attachments/20090122/ad2bc705/attachment.pgp>


More information about the Exherbo-dev mailing list