Mail archive
alpine-aports

[alpine-aports] [PATCH 00/15] Pre-upgrade/pre-install addgroup/adduser fixes.

From: Przemyslaw Pawelczyk <przemoc_at_zoho.com>
Date: Mon, 6 Jun 2016 02:05:00 +0200

This is kind of follow-up patch set to previous patch set called:

    Pre-upgrade/pre-install addgroup/adduser cleanings

I am deeply sorry for my last "cleanings" that brought possibly more
harm than good. How I overlooked that:

    system user creation doesn't add same named group and uses
    nogroup as primary group unless explicitly specified via -G

is beyond me.

These patches fix problems for new users of touched packages, but not
for those that already installed problematic packages (diplomatic way of
naming packages that I have quite likely broken because of my
"improvements").

Why? Because it cannot be done in any sanely manner, because we cannot
tell whether user being in group not named as user (like nogroup) is a
mistake or administrator really wanted it that way.

But if you have already installed problematic package and want to fix
primary group of user created there, then you have to perform:

    delgroup USER nogroup
    addgroup -S USER
    # Change GID of USER in /etc/passwd to newly created group's GID.
    # (busybox doesn't have usermod tool)
    # Fix group membership of USER's whole home directory if needed.
    # (you can use `chgrp -R USER /path/to/home` for that)


Additional note:

In the end I didn't put further improvements regarding adduser/addgroup
calling style in .pre-* scripts, as patches in the set are already late,
and I'm really sorry for that too.

These further improvements (this time w/o mistakes!), that will get
their own patch set, will simply unify even more all .pre-* scripts:
- there will be no line wrapping in adduser/addgroup calls,
- adduser's -g option value (GECOS) will be quoted using ",
- adduser's -G option (primary group) will be after -g option (GECOS),
  which I should have done in the first place, but somehow didn't...

Rationale behind above changes should be rather obvious and greatly help
in any future mass changes.


Future note:

Having user/group creation built into apk seems crucial.
Intoducing own alpine createuser, creategroup, addusertogroup and so on
scripts could be also considered as intermediate step to cleanly express
intent and also hide differences between busybox's (awful!) adduser/...
gadgets and LSB's useradd/... tools (available in shadow package).


Przemyslaw Pawelczyk (15):
  testing/at: Properly set primary group in .pre-install.
  testing/ejabberd: Fix .pre-install script broken since 9716bc3570be.
  testing/rrdbot: Remove bogus comment in .pre-install script.
  main/dovecot: Properly set primary group in .pre-install.
  main/{npre,postgrey}: Properly set primary group in .pre-install.
  main/ympd: Reorder arguments in .pre-install as in da4e96aacef5.
  main/znc: Reorder arguments in .pre-install as in da4e96aacef5.
  main/aports-build: Reorder arguments in .pre-install as in
    da4e96aacef5.
  main/atheme-iris: Fix overlooked consistency issue as in a60b9f07dee0.
  main/[various]: Add group and use it as primary in .pre-* scripts.
  community/[various]: Add group and use it as primary in .pre-*
    scripts.
  testing/[various]: Add group and use it as primary in .pre-* scripts.
  main/[various]: Bump pkgrel for .pre-install scripts fixes.
  community/[various]: Bump pkgrel for .pre-install scripts fixes.
  testing/[various]: Bump pkgrel for .pre-install scripts fixes.

 community/caddy/APKBUILD | 2 +-
 community/caddy/caddy.pre-install | 3 ++-
 community/domoticz/APKBUILD | 2 +-
 community/domoticz/domoticz.pre-install | 3 ++-
 community/oscam/APKBUILD | 2 +-
 community/oscam/oscam.pre-install | 3 ++-
 community/syncthing/APKBUILD | 2 +-
 community/syncthing/syncthing.pre-install | 3 ++-
 main/apache2/APKBUILD | 2 +-
 main/apache2/apache2.pre-install | 3 ++-
 main/aports-build/APKBUILD | 2 +-
 main/aports-build/aports-build.pre-install | 3 ++-
 main/atheme-iris/APKBUILD | 2 +-
 main/atheme-iris/atheme-iris.pre-install | 3 ++-
 main/clamav/APKBUILD | 2 +-
 main/clamav/clamav-db.pre-install | 3 ++-
 main/clamsmtp/APKBUILD | 2 +-
 main/clamsmtp/clamsmtp.pre-install | 3 ++-
 main/clamsmtp/clamsmtp.pre-upgrade | 3 ++-
 main/coova-chilli/APKBUILD | 2 +-
 main/coova-chilli/coova-chilli.pre-install | 3 ++-
 main/dhcp/APKBUILD | 2 +-
 main/dhcp/dhcp.pre-install | 3 ++-
 main/djbdns/APKBUILD | 2 +-
 main/djbdns/dnscache.pre-install | 3 ++-
 main/djbdns/tinydns.pre-install | 3 ++-
 main/dovecot/APKBUILD | 2 +-
 main/dovecot/dovecot.pre-install | 4 ++--
 main/ez-ipupdate/APKBUILD | 2 +-
 main/ez-ipupdate/ez-ipupdate.pre-install | 3 ++-
 main/fetchmail/APKBUILD | 2 +-
 main/fetchmail/fetchmail.pre-install | 3 ++-
 main/freeswitch/APKBUILD | 2 +-
 main/freeswitch/freeswitch.pre-install | 3 ++-
 main/gitolite/APKBUILD | 2 +-
 main/gitolite/gitolite.pre-install | 3 ++-
 main/gnats/APKBUILD | 2 +-
 main/gnats/gnats.pre-install | 3 ++-
 main/gross/APKBUILD | 2 +-
 main/gross/gross.pre-install | 3 ++-
 main/icecast/APKBUILD | 2 +-
 main/icecast/icecast.pre-install | 3 ++-
 main/memcached/APKBUILD | 2 +-
 main/memcached/memcached.pre-install | 3 ++-
 main/ngircd/APKBUILD | 2 +-
 main/ngircd/ngircd.pre-install | 3 ++-
 main/nrpe/APKBUILD | 2 +-
 main/nrpe/nrpe.pre-install | 2 +-
 main/openntpd/APKBUILD | 2 +-
 main/openntpd/openntpd.pre-install | 3 ++-
 main/postgrey/APKBUILD | 2 +-
 main/postgrey/postgrey.pre-install | 2 +-
 main/snort/APKBUILD | 2 +-
 main/snort/snort.pre-install | 3 ++-
 main/squid/APKBUILD | 2 +-
 main/squid/squid.pre-install | 3 ++-
 main/squid/squid.pre-upgrade | 3 ++-
 main/transmission/APKBUILD | 2 +-
 main/transmission/transmission-daemon.pre-install | 3 ++-
 main/ympd/APKBUILD | 2 +-
 main/ympd/ympd.pre-install | 2 +-
 main/znc/APKBUILD | 2 +-
 main/znc/znc.pre-install | 3 ++-
 testing/at/APKBUILD | 2 +-
 testing/at/at.pre-install | 3 +--
 testing/dbmail/APKBUILD | 2 +-
 testing/dbmail/dbmail.pre-install | 3 ++-
 testing/dspam/APKBUILD | 2 +-
 testing/dspam/dspam.pre-install | 3 ++-
 testing/ejabberd/APKBUILD | 2 +-
 testing/ejabberd/ejabberd.pre-install | 1 +
 testing/opensips/APKBUILD | 2 +-
 testing/opensips/opensips.pre-install | 3 ++-
 testing/pdns/APKBUILD | 2 +-
 testing/pdns/pdns.pre-install | 3 ++-
 testing/qpage/APKBUILD | 2 +-
 testing/qpage/qpage.pre-install | 3 ++-
 testing/rrdbot/APKBUILD | 2 +-
 testing/rrdbot/rrdbot.pre-install | 5 ++---
 testing/wt/APKBUILD | 2 +-
 testing/wt/wt.pre-install | 3 ++-
 81 files changed, 118 insertions(+), 84 deletions(-)

-- 
2.6.6
---
Unsubscribe:  alpine-aports+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-aports+help_at_lists.alpinelinux.org
---
Received on Mon Jun 06 2016 - 02:05:00 GMT