Hello,
A common complaint with Alpine is that programs like who(1) do not function
correctly -- causing users to be frustrated by the fact that they cannot
easily find out who is logged into a given machine. This is because musl does
not implement the utmp functions, as a secure implementation of them would be
considered out of scope for musl -- instead, stubs are provided for
compatibility with programs that use those functions.
## What is utmps?
utmps is a set of daemons and a library written by Laurent Bercot which
provides a secure implementation of the utmp functions, allowing for utmp to
exist in a tamperproof way. Adelie have integrated the utmps package for a
while now, where who(1) is working as expected.
## Benefits to Alpine
Programs like who(1) will work as anticipated, in a way that is tamperproof.
This resolves one of the most common complaints I hear about from system
administrators evalulating Alpine for use cases outside containerization.
The additional code needed to support utmp functions in client programs is
also minimal, only a few KB.
## Timeline
This will be done after 3.13 release, right now I am targeting the 3.14
release cycle for this work. APKBUILDs will need to be modified to link
against the utmps client library to make use of the utmps functionality.
We will also need to split s6-ipcserver out of the s6 package in order to
support the utmp daemons -- this too only requires a few KB of install data.
## Contingency Plan
If a problem is found in the utmp daemons, the user may disable them on her
system by simply disabling the utmp daemon service. Likewise, we simply do
not enable the utmp daemon by default on new installs if there are problems
with it.
Ariadne