FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Development

 
 
LinkBack Thread Tools
 
Old 08-06-2008, 10:14 PM
Axel Thimm
 
Default static uids/gids and (not) using fedora-usermgmt

Hi,

On Thu, Aug 07, 2008 at 09:44:35AM +1200, Martin Langhoff wrote:
> 2008/8/7 Axel Thimm <Axel.Thimm@atrpms.net>:
> > I would strongly recommend against it. IIRC correctly the tool was
> > even banned from EPEL
>
> Thanks for the heads up.
>
> > I think the right way to do this is to see the different needs between
> > the general Fedora space and OLPC: Fedora wants to reserve as few as
> > possible *static* uids/gids (e.g. officially stamped onto every Fedora
> > system) because this resource is rather sparse.
>
> That is ok with me - I was hoping to find a listing of static uids
> without grepping cvs manually, aiming to find a safe gap below 500
> that OLPC could use for its deployments.
>
> As much as possible I want to have static IDs on OLPC XS deployments
> to have max consistency across XSs in the same region. A minor
> package-installation-order difference should not lead to different
> IDs.

The best way to deal with this is to preload the uid/gids in place
before any package gets installed. The current official guidelines are
written with this in mind, see also

https://fedoraproject.org/wiki/Packaging/UsersAndGroups

where this is briefly discussed. E.g. maybe OLPC only needs an
extended setup package (the package's name is indeed "setup") where
some key uids/gids are set and thus globally the same even if Fedora
as upstream may be assigning them dynamically.

You would only run into trouble if Fedora ever decides to statically
assign any of the uids/gids itself to a different uid/gid, which is
rather unlikely.

In a nutshell: the guidelines (that are not yet followed by all
packages, there is always a lead-time to let a guideline sink in)
ensure that you can have both dynamic assignment and a preset static
one with the same package, even w/o having to rebuild the package.

> Now, that practice will make OLPC packages unacceptable to Fedora
> proper - this is more important to me. However, using fedora-usermgmt
> seemed like a way to satisfy both. If it's blackballed from Fedora,
> then I'm back to square one.

Actually the long flamewars on it has led to a stale situation -
fedora-usermgmt was never accepted into the Fedora canon as a packaging
guideline, but also not officially banned either.

But the URL I gave you above is the official vote to a guideline from
the FPC, ATM it doesn't get any more official.
--
Axel.Thimm at ATrpms.net
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 08-06-2008, 11:10 PM
Toshio Kuratomi
 
Default static uids/gids and (not) using fedora-usermgmt

Martin Langhoff wrote:

2008/8/7 Axel Thimm <Axel.Thimm@atrpms.net>:

I would strongly recommend against it. IIRC correctly the tool was
even banned from EPEL


Thanks for the heads up.


I think the right way to do this is to see the different needs between
the general Fedora space and OLPC: Fedora wants to reserve as few as
possible *static* uids/gids (e.g. officially stamped onto every Fedora
system) because this resource is rather sparse.


That is ok with me - I was hoping to find a listing of static uids
without grepping cvs manually, aiming to find a safe gap below 500
that OLPC could use for its deployments.

As much as possible I want to have static IDs on OLPC XS deployments
to have max consistency across XSs in the same region. A minor
package-installation-order difference should not lead to different
IDs.

Now, that practice will make OLPC packages unacceptable to Fedora
proper - this is more important to me. However, using fedora-usermgmt
seemed like a way to satisfy both. If it's blackballed from Fedora,
then I'm back to square one.

I don't think either fedora-usermgmt or
https://fedoraproject.org/wiki/Packaging/UsersAndGroups are what you
want. You want a truly static uid/gid rather than a site-specified
mapping. I think that has traditionally fallen to the owner of the
setup package to decide. I don't know if we want to change that...
comments anyone?


-Toshio

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 08-06-2008, 11:41 PM
"Martin Langhoff"
 
Default static uids/gids and (not) using fedora-usermgmt

2008/8/7 Axel Thimm <Axel.Thimm@atrpms.net>:
> where this is briefly discussed. E.g. maybe OLPC only needs an
> extended setup package (the package's name is indeed "setup") where
> some key uids/gids are set and thus globally the same even if Fedora
> as upstream may be assigning them dynamically.

Ah, that's a trick I had not thought about - an early-install package
that creates a list of accts on preset ids. And if that is
complemented with each packaging creating its accounts if they are
missing (in %pre) as outlined in the wikipage you linked to.

Now, I had read the wikipage before, but not caught the full meaning
of the phrase that mentions "setup" in it -- well placed at the end of
a long paragraph, perhaps my confusion comes from not being a
dedicated enough reader :-)

In-te-res-ting.

Now what I need to learn are tricks to ensure an early install of my
custom setup pkg.


m
--
martin.langhoff@gmail.com
martin@laptop.org -- School Server Architect
- ask interesting questions
- don't get distracted with shiny stuff - working code first
- http://wiki.laptop.org/go/User:Martinlanghoff

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 08-07-2008, 12:48 AM
Axel Thimm
 
Default static uids/gids and (not) using fedora-usermgmt

On Thu, Aug 07, 2008 at 11:41:46AM +1200, Martin Langhoff wrote:
> 2008/8/7 Axel Thimm <Axel.Thimm@atrpms.net>:
> > where this is briefly discussed. E.g. maybe OLPC only needs an
> > extended setup package (the package's name is indeed "setup") where
> > some key uids/gids are set and thus globally the same even if Fedora
> > as upstream may be assigning them dynamically.
>
> Ah, that's a trick I had not thought about - an early-install package
> that creates a list of accts on preset ids. And if that is
> complemented with each packaging creating its accounts if they are
> missing (in %pre) as outlined in the wikipage you linked to.
>
> Now, I had read the wikipage before, but not caught the full meaning
> of the phrase that mentions "setup" in it -- well placed at the end of
> a long paragraph, perhaps my confusion comes from not being a
> dedicated enough reader :-)

That's why I explicitely mentioned that "setup" is a package.

> In-te-res-ting.
>
> Now what I need to learn are tricks to ensure an early install of my
> custom setup pkg.

Setup is probably the very first package that gets installed, other
packages like "filesystem" or "basesystem" depend on it, so it's
guaranteed that it will be before any other package with uid/gid
necessities.

E.g. for a spin or PXE install or even a plain Fedora install with an
additional repo configured (during Fedora install you can enable any
custom repo you like containing your own "setup" rpm) you are already
done.
--
Axel.Thimm at ATrpms.net
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 

Thread Tools




All times are GMT. The time now is 04:22 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org