| Message ID | 20230330125230.11184-2-stefan.schantl@ipfire.org |
|---|---|
| State | New |
| Headers |
Return-Path: <pakfire-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4PnNcW15b5z3xDG for <patchwork@web04.haj.ipfire.org>; Thu, 30 Mar 2023 12:52:43 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4PnNcV3FSfzv6; Thu, 30 Mar 2023 12:52:42 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4PnNcV15Qmz30Gq; Thu, 30 Mar 2023 12:52:42 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4PnNcS4FMrz2xnV for <pakfire@lists.ipfire.org>; Thu, 30 Mar 2023 12:52:40 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4PnNcS1qzgzcL; Thu, 30 Mar 2023 12:52:40 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1680180760; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=+jCFnaf7zncIJlMdIDBLTlJRnWK1/Hqh7zXvZmtUXeY=; b=Z8k7tow0Q6YulRuXpICwfqLt+E7WvxF6KEES/OxGkaKKbsagv8+97JiesUX6Ggt67gXtb7 1MCW/9UreZ2ooyBw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1680180760; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=+jCFnaf7zncIJlMdIDBLTlJRnWK1/Hqh7zXvZmtUXeY=; b=bjbToMCjDgASgd70A8yht8uT85D8BSz9S724ukIc/HQIBwO2kntkiPl3J0LrmnOCLztvN5 i2HPOo2OzU5m15lZsub8wIWUCzcSoWn6mzfplCc3i0CzhoweZ6PXNnQbqfGltEiXnkU2Sv KhRxJc6U8W/ZHbkgTJHLEHuZhfIZZpjijUcH1zbZfZ5WndwyDo2ymNy1k0LKoc9+wOMX1q OLs9p5Rg45Lblo3pa4aL9n7dNk8okUbwM8obGtiwvWQajdxuEi4gMiDePqJslIUq1iJd8C G/pRnHUzaMQ4jTt5SbsjWFCFQxecdvfUy+Izyh5NUTM3Nmac5KYWIlK0TBZ1hA== From: Stefan Schantl <stefan.schantl@ipfire.org> To: pakfire@lists.ipfire.org Subject: [PATCH 2/2] macros: Add macro to apply sysusers based users/groups inside the jail Date: Thu, 30 Mar 2023 14:52:30 +0200 Message-Id: <20230330125230.11184-2-stefan.schantl@ipfire.org> In-Reply-To: <20230330125230.11184-1-stefan.schantl@ipfire.org> References: <20230330125230.11184-1-stefan.schantl@ipfire.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: pakfire@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Mailinglist for the Pakfire Build System." <pakfire.lists.ipfire.org> List-Unsubscribe: <https://lists.ipfire.org/mailman/options/pakfire>, <mailto:pakfire-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <http://lists.ipfire.org/pipermail/pakfire/> List-Post: <mailto:pakfire@lists.ipfire.org> List-Help: <mailto:pakfire-request@lists.ipfire.org?subject=help> List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/pakfire>, <mailto:pakfire-request@lists.ipfire.org?subject=subscribe> Errors-To: pakfire-bounces@lists.ipfire.org Sender: "Pakfire" <pakfire-bounces@lists.ipfire.org> |
| Series |
[1/2] macros: Add macro to automatically install all systemd sysusers files
|
|
Commit Message
Stefan Schantl
March 30, 2023, 12:52 p.m. UTC
This macro can be called inside a build file and easily allows to apply
any kind of users/groups specified in a sysusers file.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
macros/systemd.macro | 11 +++++++++++
1 file changed, 11 insertions(+)
Comments
Hello Stefan, Didn’t we decide on the phone call again doing this? The downside is that this won’t work for any sysuser files that are in the tarball. So there is still the need to manually apply those? It would be less consistent and potentially confusing? -Michael > On 30 Mar 2023, at 07:52, Stefan Schantl <stefan.schantl@ipfire.org> wrote: > > This macro can be called inside a build file and easily allows to apply > any kind of users/groups specified in a sysusers file. > > Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> > --- > macros/systemd.macro | 11 +++++++++++ > 1 file changed, 11 insertions(+) > > diff --git a/macros/systemd.macro b/macros/systemd.macro > index 1453db95..27231094 100644 > --- a/macros/systemd.macro > +++ b/macros/systemd.macro > @@ -2,6 +2,17 @@ > SYSTEMD_TMPFILES_DIR = /usr/lib/tmpfiles.d > SYSTEMD_SYSUSERS_DIR = /usr/lib/sysusers.d > > +MACRO_APPLY_SYSTEMD_SYSUSERS > + mkdir -pv %{SYSTEMD_SYSUSERS_DIR} > + > + for file in %{DIR_SOURCE}/*.sysusers; do > + [ -e "${file}" ] || continue > + cat ${file} | \ > + systemd-sysusers --replace=%{SYSTEMD_SYSUSERS_DIR}/$(basename ${file%*.sysusers}).conf - > + done > + unset file > +end > + > MACRO_INSTALL_SYSTEMD_FILES > for file in %{DIR_SOURCE}/systemd/*; do > [ -e "${file}" ] || continue > -- > 2.30.2 >
Hello Michael,
yes I absolutely can remain our talk on the phone.
Please let me explain why I still sent this patch.
During development on the packages, which used the old %{create_users}
declaraion and getent / adduser / addgroup stuff and replacing them by
the corresponding systemd sysusers call and the sysusers file I
stumbled accross that all of those look the same. They allways call the
same binary, have the same filename layout, create the same directories
etc.
So I thought about that fact a bit, that it would be very unpopular to
copy the same code over and over again into multiple build files. It
would be much more handy and of corse intuitive when reviewing or
modifying them if there is something which can be called by a single
"one-liner" and doing all the magic.
This avoids as already mentioned a lot of code duplication / dead code,
reduces copy and paste mistakes and in my personal opinions is simple a
bit more shiny.
So I decided to write the code for adding sysusers which are downstream
(part of our git) once and simple call this macro and let it do it's
job.
> Hello Stefan,
>
> Didn’t we decide on the phone call again doing this?
>
> The downside is that this won’t work for any sysuser files that are
> in the tarball. So there is still the need to manually apply those?
You are absolutely right, if we do not want to use a downstream or self
written sysusers file, because the project vendor added one into their
source tarballs. In this case of course the macro from above cannot be
used and the sysusers stuff has to be done by hand based on how the
vendors have placed the files and handles them.
>
> It would be less consistent and potentially confusing?
I do not think that this is confusing people. It may be more confusing
to research how to code / do such a simple task like adding
users/groups.
In such a case the macro would be an easy to use mechanism, which
should do the job in a plenty of cases.
- Stefan
>
> -Michael
>
> > On 30 Mar 2023, at 07:52, Stefan Schantl
> > <stefan.schantl@ipfire.org> wrote:
> >
> > This macro can be called inside a build file and easily allows to
> > apply
> > any kind of users/groups specified in a sysusers file.
> >
> > Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
> > ---
> > macros/systemd.macro | 11 +++++++++++
> > 1 file changed, 11 insertions(+)
> >
> > diff --git a/macros/systemd.macro b/macros/systemd.macro
> > index 1453db95..27231094 100644
> > --- a/macros/systemd.macro
> > +++ b/macros/systemd.macro
> > @@ -2,6 +2,17 @@
> > SYSTEMD_TMPFILES_DIR = /usr/lib/tmpfiles.d
> > SYSTEMD_SYSUSERS_DIR = /usr/lib/sysusers.d
> >
> > +MACRO_APPLY_SYSTEMD_SYSUSERS
> > + mkdir -pv %{SYSTEMD_SYSUSERS_DIR}
> > +
> > + for file in %{DIR_SOURCE}/*.sysusers; do
> > + [ -e "${file}" ] || continue
> > + cat ${file} | \
> > + systemd-sysusers --replace=%{SYSTEMD_SYSUSERS_DIR}/$(basename
> > ${file%*.sysusers}).conf -
> > + done
> > + unset file
> > +end
> > +
> > MACRO_INSTALL_SYSTEMD_FILES
> > for file in %{DIR_SOURCE}/systemd/*; do
> > [ -e "${file}" ] || continue
> > --
> > 2.30.2
> >
>
diff --git a/macros/systemd.macro b/macros/systemd.macro index 1453db95..27231094 100644 --- a/macros/systemd.macro +++ b/macros/systemd.macro @@ -2,6 +2,17 @@ SYSTEMD_TMPFILES_DIR = /usr/lib/tmpfiles.d SYSTEMD_SYSUSERS_DIR = /usr/lib/sysusers.d +MACRO_APPLY_SYSTEMD_SYSUSERS + mkdir -pv %{SYSTEMD_SYSUSERS_DIR} + + for file in %{DIR_SOURCE}/*.sysusers; do + [ -e "${file}" ] || continue + cat ${file} | \ + systemd-sysusers --replace=%{SYSTEMD_SYSUSERS_DIR}/$(basename ${file%*.sysusers}).conf - + done + unset file +end + MACRO_INSTALL_SYSTEMD_FILES for file in %{DIR_SOURCE}/systemd/*; do [ -e "${file}" ] || continue