Received: from out0.migadu.com (out0.migadu.com [94.23.1.103])
	by nld3-dev1.alpinelinux.org (Postfix) with ESMTPS id 2FA91780FA6
	for <~alpine/devel@lists.alpinelinux.org>; Wed,  7 Oct 2020 16:11:02 +0000 (UTC)
X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers.
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dereferenced.org;
	s=default; t=1602087061;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=m1Co6QxARCJ+AUTyIm7jyKXfaXPIl7qomHICrmIvx/k=;
	b=NXHzyKeny1N43EookxAwwNSx6HLRkEKfCYlLWfoFSW2RVv3hAnn7go9Uci8S/rwa9Kn2qn
	qSZuA/0H5Rzy8j3B8ktDh6WEeXewwHMU6LNeZnB+/cBBisMpNSi+qqVdkKJSY3Uhkt+CKP
	CsRelV6Ee2O5tcw1KqjD4LH/mUoHYDU=
From: Ariadne Conill <ariadne@dereferenced.org>
To: ~alpine/devel@lists.alpinelinux.org
Subject: System change proposal: integration of utmps
Date: Wed, 07 Oct 2020 10:10:58 -0600
Message-ID: <13150407.38Gu9qM0DN@localhost>
MIME-Version: 1.0
Content-Transfer-Encoding: 7Bit
Content-Type: text/plain; charset="us-ascii"
X-Spam-Score: 0.90

Hello,

A common complaint with Alpine is that programs like who(1) do not function 
correctly -- causing users to be frustrated by the fact that they cannot 
easily find out who is logged into a given machine.  This is because musl does 
not implement the utmp functions, as a secure implementation of them would be 
considered out of scope for musl -- instead, stubs are provided for 
compatibility with programs that use those functions.

## What is utmps?

utmps is a set of daemons and a library written by Laurent Bercot which 
provides a secure implementation of the utmp functions, allowing for utmp to 
exist in a tamperproof way.  Adelie have integrated the utmps package for a 
while now, where who(1) is working as expected.

## Benefits to Alpine

Programs like who(1) will work as anticipated, in a way that is tamperproof.  
This resolves one of the most common complaints I hear about from system 
administrators evalulating Alpine for use cases outside containerization.

The additional code needed to support utmp functions in client programs is 
also minimal, only a few KB.

## Timeline

This will be done after 3.13 release, right now I am targeting the 3.14 
release cycle for this work.  APKBUILDs will need to be modified to link 
against the utmps client library to make use of the utmps functionality.

We will also need to split s6-ipcserver out of the s6 package in order to 
support the utmp daemons -- this too only requires a few KB of install data.

## Contingency Plan

If a problem is found in the utmp daemons, the user may disable them on her 
system by simply disabling the utmp daemon service.  Likewise, we simply do 
not enable the utmp daemon by default on new installs if there are problems 
with it.

Ariadne