uids for daemons on a spin
Martin Langhoff
martin.langhoff at gmail.com
Mon Aug 4 07:17:14 UTC 2008
2008/8/4 Ricky Zhou <ricky at fedoraproject.org>:
>> Googling for "uid policy fedora -selinux" (or redhat) does not yield
>> anything particularly interesting.
> Searching around on the wiki, I found the following pages:
> http://fedoraproject.org/wiki/Packaging/UsersAndGroups
> https://fedoraproject.org/wiki/Packaging/UserCreation
> https://fedoraproject.org/wiki/PackageUserRegistry
Thanks for the pointers! The docs on fedora-groupadd / useradd seem to
be just what I have been looking for.
Except that it doesn't seem to work - both on F7 and F9 I get
$ cat /etc/fedora/usermgmt/basegid
300
$ sudo /usr/sbin/fedora-groupadd 3 testing
## expecting 303 here -
$ grep testing /etc/group
testing:x:501:
Now, it's a bash script - and it _seems_ to be doing the right thing.
Almost. Mostly. See below:
$ sudo bash -x /usr/sbin/fedora-groupadd 3 testing
+ PATH=/usr/bin:/bin:/sbin:/usr/sbin:/usr/local/sbin
+ BASE_DIR=/etc/fedora/usermgmt
+ ARGS=("$0" "$@")
+ test -r /etc/fedora/usermgmt/baseuid
++ cat /etc/fedora/usermgmt/baseuid
+ BASE_UID=300
+ test -r /etc/fedora/usermgmt/basegid
++ cat /etc/fedora/usermgmt/basegid
+ BASE_GID=300
++ basename /usr/sbin/fedora-groupadd
+ skin=fedora-groupadd
+ skin=groupadd
+ exec_name=
+ for i in '"$BASE_DIR/scripts/$skin"' '"$BASE_DIR/$skin"'
+ test -x /etc/fedora/usermgmt/scripts/groupadd
+ exec_name=/etc/fedora/usermgmt/scripts/groupadd
+ break
+ case $skin in
+ test 3 '!=' --help
+ test 2 -ge 2
+ validateHint v 300 3
+ local tmp
+ let tmp=31
+ test 31 -ne 0
+ let tmp=300+3
+ test 303 -ge 0
+ eval 'v=$tmp'
++ v=303
+ shift
+ set -- 303 testing
+ log=/etc/fedora/usermgmt/log
+ test -e /etc/fedora/usermgmt/log -a -L /etc/fedora/usermgmt/log
+ test -n /etc/fedora/usermgmt/scripts/groupadd
+ invalidateCache
+ local rc=0
+ return 1
+ /etc/fedora/usermgmt/scripts/groupadd 303 testing #### THIS LOOKS CORRECT
+ rc=0
+ invalidateCache
+ local rc=0
+ return 1
+ invalidateCache
+ local rc=0
+ return 1
+ test 0 -eq 0
+ exit 0
and then... hrm...
$ sudo bash -x /etc/fedora/usermgmt/scripts/groupadd 303 testing
+ shift
+ exec /usr/sbin/groupadd testing
The first param to fedora-(user|group)add is supposed to be uid, which
should get added do base (g|u)id and should also get prefixed with
--uid for useradd and --gid for groupadd. When should the option name
be added I am not sure, but it should happen *somewhere*.
<curious>Is this toolchain in use?
cheers,
m
--
martin.langhoff at gmail.com
martin at laptop.org -- School Server Architect
- ask interesting questions
- don't get distracted with shiny stuff - working code first
- http://wiki.laptop.org/go/User:Martinlanghoff
More information about the fedora-devel-list
mailing list