diff mbox series

[2/2] macros: Add macro to apply sysusers based users/groups inside the jail

Message ID 20230330125230.11184-2-stefan.schantl@ipfire.org
State New
Headers
Series [1/2] macros: Add macro to automatically install all systemd sysusers files |

Commit Message

Stefan Schantl March 30, 2023, 12:52 p.m. UTC 
  This macro can be called inside a build file and easily allows to apply
any kind of users/groups specified in a sysusers file.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
 macros/systemd.macro | 11 +++++++++++
 1 file changed, 11 insertions(+)

Comments

Michael Tremer March 30, 2023, 3:48 p.m. UTC | #1 
Hello Stefan,

Didn’t we decide on the phone call again doing this?

The downside is that this won’t work for any sysuser files that are in the tarball. So there is still the need to manually apply those?

It would be less consistent and potentially confusing?

-Michael

> On 30 Mar 2023, at 07:52, Stefan Schantl <stefan.schantl@ipfire.org> wrote:
> 
> This macro can be called inside a build file and easily allows to apply
> any kind of users/groups specified in a sysusers file.
> 
> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
> ---
> macros/systemd.macro | 11 +++++++++++
> 1 file changed, 11 insertions(+)
> 
> diff --git a/macros/systemd.macro b/macros/systemd.macro
> index 1453db95..27231094 100644
> --- a/macros/systemd.macro
> +++ b/macros/systemd.macro
> @@ -2,6 +2,17 @@
> SYSTEMD_TMPFILES_DIR = /usr/lib/tmpfiles.d
> SYSTEMD_SYSUSERS_DIR = /usr/lib/sysusers.d
> 
> +MACRO_APPLY_SYSTEMD_SYSUSERS
> + mkdir -pv %{SYSTEMD_SYSUSERS_DIR}
> +
> + for file in %{DIR_SOURCE}/*.sysusers; do
> + [ -e "${file}" ] || continue
> + cat ${file} | \
> + systemd-sysusers --replace=%{SYSTEMD_SYSUSERS_DIR}/$(basename ${file%*.sysusers}).conf -
> + done
> + unset file
> +end
> +
> MACRO_INSTALL_SYSTEMD_FILES
> for file in %{DIR_SOURCE}/systemd/*; do
> [ -e "${file}" ] || continue
> -- 
> 2.30.2
>
Stefan Schantl March 31, 2023, 11:51 a.m. UTC | #2 
Hello Michael,

yes I absolutely can remain our talk on the phone.

Please let me explain why I still sent this patch.

During development on the packages, which used the old %{create_users}
declaraion and getent / adduser / addgroup stuff and replacing them by
the corresponding systemd sysusers call and the sysusers file I
stumbled accross that all of those look the same. They allways call the
same binary, have the same filename layout, create the same directories
etc.

So I thought about that fact a bit, that it would be very unpopular to
copy the same code over and over again into multiple build files. It
would be much more handy and of corse intuitive when reviewing or
modifying them if there is something which can be called by a single
"one-liner" and doing all the magic.

This avoids as already mentioned a lot of code duplication / dead code,
reduces copy and paste mistakes and in my personal opinions is simple a
bit more shiny.

So I decided to write the code for adding sysusers which are downstream
(part of our git) once and simple call this macro and let it do it's
job.


> Hello Stefan,
> 
> Didn’t we decide on the phone call again doing this?
> 
> The downside is that this won’t work for any sysuser files that are
> in the tarball. So there is still the need to manually apply those?

You are absolutely right, if we do not want to use a downstream or self
written sysusers file, because the project vendor added one into their
source tarballs. In this case of course the macro from above cannot be
used and the sysusers stuff has to be done by hand based on how the
vendors have placed the files and handles them.

> 
> It would be less consistent and potentially confusing?

I do not think that this is confusing people. It may be more confusing
to research how to code / do such a simple task like adding
users/groups.

In such a case the macro would be an easy to use mechanism, which
should do the job in a plenty of cases.

- Stefan

> 
> -Michael
> 
> > On 30 Mar 2023, at 07:52, Stefan Schantl
> > <stefan.schantl@ipfire.org> wrote:
> > 
> > This macro can be called inside a build file and easily allows to
> > apply
> > any kind of users/groups specified in a sysusers file.
> > 
> > Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
> > ---
> > macros/systemd.macro | 11 +++++++++++
> > 1 file changed, 11 insertions(+)
> > 
> > diff --git a/macros/systemd.macro b/macros/systemd.macro
> > index 1453db95..27231094 100644
> > --- a/macros/systemd.macro
> > +++ b/macros/systemd.macro
> > @@ -2,6 +2,17 @@
> > SYSTEMD_TMPFILES_DIR = /usr/lib/tmpfiles.d
> > SYSTEMD_SYSUSERS_DIR = /usr/lib/sysusers.d
> > 
> > +MACRO_APPLY_SYSTEMD_SYSUSERS
> > + mkdir -pv %{SYSTEMD_SYSUSERS_DIR}
> > +
> > + for file in %{DIR_SOURCE}/*.sysusers; do
> > + [ -e "${file}" ] || continue
> > + cat ${file} | \
> > + systemd-sysusers --replace=%{SYSTEMD_SYSUSERS_DIR}/$(basename
> > ${file%*.sysusers}).conf -
> > + done
> > + unset file
> > +end
> > +
> > MACRO_INSTALL_SYSTEMD_FILES
> > for file in %{DIR_SOURCE}/systemd/*; do
> > [ -e "${file}" ] || continue
> > -- 
> > 2.30.2
> > 
>
diff mbox series

Patch

diff --git a/macros/systemd.macro b/macros/systemd.macro
index 1453db95..27231094 100644
--- a/macros/systemd.macro
+++ b/macros/systemd.macro
@@ -2,6 +2,17 @@ 
 SYSTEMD_TMPFILES_DIR = /usr/lib/tmpfiles.d
 SYSTEMD_SYSUSERS_DIR = /usr/lib/sysusers.d
 
+MACRO_APPLY_SYSTEMD_SYSUSERS
+	mkdir -pv %{SYSTEMD_SYSUSERS_DIR}
+
+	for file in %{DIR_SOURCE}/*.sysusers; do
+		[ -e "${file}" ] || continue
+		cat ${file} | \
+			systemd-sysusers --replace=%{SYSTEMD_SYSUSERS_DIR}/$(basename ${file%*.sysusers}).conf -
+	done
+	unset file
+end
+
 MACRO_INSTALL_SYSTEMD_FILES
 	for file in %{DIR_SOURCE}/systemd/*; do
 		[ -e "${file}" ] || continue