From Fedora Project Wiki
m (→‎Documentation: one more link)
No edit summary
 
(3 intermediate revisions by 3 users not shown)
Line 3: Line 3:


== Summary ==
== Summary ==
Currently, packages which add system users call out to useradd (from shadow-utils) in %post.  This Change is to use the new systemd-sysusers functionality instead.
Currently, packages which add system users call out to useradd (from shadow-utils) in %pre.  This Change is to use the new systemd-sysusers functionality instead.


== Owner ==
== Owner ==
Line 12: Line 12:
* Name: [[User:Walters| Colin Walters]]
* Name: [[User:Walters| Colin Walters]]
* Email: walters@verbum.org
* Email: walters@verbum.org
* Release notes owner:
* Release notes owner: Pete Travis
* Product: Fedora (all)
* Product: Fedora (all)
* Responsible WG: Fedora Base
* Responsible WG: Fedora Base
Line 22: Line 22:


== Detailed Description ==
== Detailed Description ==
All packages today contain duplicative code to add system users and groups (where applicable) via calls to useradd/groupadd in %post.  This Change is to migrate to [http://cgit.freedesktop.org/systemd/systemd/commit/?id=1b99214789101976d6bbf75c351279584b071998 systemd-sysusers ].
All packages today contain duplicative code to add system users and groups (where applicable) via calls to useradd/groupadd in %pre.  This Change is to migrate to [http://cgit.freedesktop.org/systemd/systemd/commit/?id=1b99214789101976d6bbf75c351279584b071998 systemd-sysusers ].


Starting with core packages, change them to instead install (usually one) snippet into /usr/lib/sysusers.d, and change their %post to call %sysusers_create.
Starting with core packages, change them to instead install (usually one) snippet into /usr/lib/sysusers.d, and change their %post to call %sysusers_create.
See also [[Packaging:UsersAndGroups]]


== Benefit to Fedora ==
== Benefit to Fedora ==
Line 44: Line 46:
* Release engineering: N/A
* Release engineering: N/A


* Policies and guidelines: Packaging guidelines should be updated to include recommended syntax
* Policies and guidelines: [https://fedorahosted.org/fpc/ticket/453 Packaging guidelines should be updated to include recommended syntax (no guideline text yet)]


== Upgrade/compatibility impact ==
== Upgrade/compatibility impact ==

Latest revision as of 17:18, 11 September 2014

Migrate to systemd-sysusers

Summary

Currently, packages which add system users call out to useradd (from shadow-utils) in %pre. This Change is to use the new systemd-sysusers functionality instead.

Owner

  • Name: Colin Walters
  • Email: walters@verbum.org
  • Release notes owner: Pete Travis
  • Product: Fedora (all)
  • Responsible WG: Fedora Base

Current status

  • Targeted release: Fedora 22
  • Last updated: 2014-07-08
  • Tracker bug: None yet

Detailed Description

All packages today contain duplicative code to add system users and groups (where applicable) via calls to useradd/groupadd in %pre. This Change is to migrate to systemd-sysusers .

Starting with core packages, change them to instead install (usually one) snippet into /usr/lib/sysusers.d, and change their %post to call %sysusers_create.

See also Packaging:UsersAndGroups

Benefit to Fedora

The primary benefit is in allowing "factory reset" scenarios, as well as enabling atomic upgrades via mechanisms such as rpm-ostree.

For more details on factory reset, see systemd stateless blog post. With this change for example, it is easier to wipe all system-local changes to /etc.

For more details on atomic upgrades, see this post.

Scope

Affects potentially all RPMs that add users or groups.

  • Proposal owners:
    • Help migrating RPMs and testing systemd-sysusers
  • Other developers: N/A
  • Release engineering: N/A

Upgrade/compatibility impact

By design, sysusers interoperates with other user/group mechanisms. It has no effect if the user or group already exists.

This may cause issues with live yum upgrades from Fedora 21 if the sysusers functionality changes between 21 and 22. The easy fix for that will be to release an updated systemd in 21.

How To Test

  • Install modified RPMs, verify they add the user/group

User Experience

None.

Dependencies

systemd.

Contingency Plan

  • Contingency mechanism: (What to do? Who will do it?)
    • Back out changes to RPMs.
  • Contingency deadline: Beta Freeze
  • Blocks release? Yes
  • Blocks product? All

Documentation

See systemd-sysusers(8), sysusers.d(5).

Release Notes