On Tue, May 14, 2024 at 02:01:09PM +0300, Panu Matilainen wrote:
On 5/14/24 13:39, Zbigniew Jędrzejewski-Szmek wrote:
On Mon, May 13, 2024 at 01:37:11PM +0300, Panu Matilainen wrote:
I outlined the migration process last year in https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/... but failed to follow-up, so I'm glad to see this getting revisited.
I started looking into this, and I think we need to start at the bottom, i.e. in the setup package.
It currently provides /etc/{passwd,group} with a bunch of ids (23 groups) and /usr/lib/sysusers.d/20-setup-{users,groups} with a bunch of entries, but some of the groups listed in sysusers are not listed in the /etc files. IIUC, once we enable the rpm stuff, rpm will create /etc/{passwd,group} automatically, and the file provided by setup will be ignored. (It's specified as %config(noreplace).)
Should be drop the static /etc/{passwd,group} from setup?
The static files aren't harmful as long as they're not duplicated in other packages.
Harmful — no, but unnecessary and confusing. If we go decide to switch to the rpm sysusers mechanism, then I think we should go all-in on it. It doesn't make sense to ship a file in setup that would never be installed.
I seem to recall seeing systemd-sysusers error out if those files were not present, but I might be misremembering and/or it might've changed since then. The default mechanism uses useradd/groupadd though, I don't know if those support non-existent /etc/{passwd,group}.
There might have been bugs for some specific cases, but in general sysusers was always intended for starting with empty /etc. We certainly test that case in our tests.
Zbyszek