X-Original-To: alpine-devel@lists.alpinelinux.org Received: from luna.geeknet.cz (luna.geeknet.cz [37.205.9.141]) by lists.alpinelinux.org (Postfix) with ESMTP id 18B855C4D3E for ; Tue, 5 Dec 2017 02:41:16 +0000 (GMT) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by luna.geeknet.cz (Postfix) with ESMTPSA id 1A216933F1; Tue, 5 Dec 2017 03:41:15 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jirutka.cz; s=mail; t=1512441675; bh=hEyC2TdO4WMigG63PrIGAysHaVmK2RuiA1TxtYn4YUc=; h=Date:In-Reply-To:References:Subject:To:From; b=Heis4kH9yTxixsz12RWGDUiKykCU6V6EaIApuPNixFL7lguTI2or6w5jk9bgmCFsW LLDLlypiiU0LX9jf66xQHhA36uFQ+5HerY2mBw6Rmp05tgnqWooIqtp/tz8xtiLB1R P9XWWr9iSsjjeFT+s6MhajVbWa6viRlXCkJdSGF0= Date: Tue, 05 Dec 2017 03:41:10 +0100 In-Reply-To: <5A25DE1D.6020602@adelielinux.org> References: <20171204203039.GA18601@miku> <663B8B1D-79B7-42AE-8B25-A76E821FA54D@shiz.me> <5A25DE1D.6020602@adelielinux.org> X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: Re: [alpine-devel] Alpine features and the future To: alpine-devel@lists.alpinelinux.org,"A. Wilcox" From: Jakub Jirutka Message-ID: <8D4CA20B-0098-420F-BA07-8978473FAFB4@jirutka.cz> > The amount of things that are broken by not having `useradd` is insane=2E Maybe on Ad=C3=A9lie, I've never encountered any issue on Alpine from not = having useradd=2E=2E=2E > Alpine build scripts still think `adduser` and `addgroup` are the way to go=2E Hm, we really should add a declarative way for creating users/groups in ab= uilds=2E Not (just) because of Ad=C3=A9lie, the current approach has more p= roblems=2E > I could also write wrappers the other way around=2E=2E=2E I was thinking about this several times, but always something more importa= nt appeared=2E I also don't like some behaviour of adduser=2E > BTW, is there a reason Alpine doesn't ship shadow as a base dep? Alpine's philosophy is small, simple and secure=2E shadow is not very smal= l and it depends on PAM which is everything but small and simple=2E Moreove= r, it's mostly not really needed and useful=2E I surely don't wanna this in= *base* system=2E Jakub (I'm sending this mail from mobile, so please forgive me typos etc=2E) On 5 December 2017 00:45:33 CET, "A=2E Wilcox" = wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA256 > >On 04/12/17 17:00, Shiz wrote: >>> On 4 Dec 2017, at 21:30, Drew DeVault >>> wrote: I would also recommend just porting shadow over using >>> busybox user management tooling=2E I think `useradd` et al has a >>> more Unix design than `adduser` et al=2E Thankfully the shadow >>> codebase hasn't yet been corrupted beyond saving by the broader >>> Linux ecosystem's influence=2E >>=20 >> Definitely agree with this=2E I am also of the opinion that `useradd` >> and friends seem more commonly used, and it=E2=80=99s a shame to have t= o >> recommend using the shadow package for everyone that wants to >> either use it themselves or have tooling using it=2E > > >The amount of things that are broken by not having `useradd` is >insane=2E We ship shadow in base in Ad=C3=A9lie anyway, so this isn't to= o >big of an issue, but what is an issue is that Alpine build scripts >still think `adduser` and `addgroup` are the way to go=2E Our builders >don't have busybox so I had to write clumsy shell shims to 'translate' >them=2E > >I can send them to the list if anyone would be interested; normally I >would put a link, but our Git server ENOSPC'd and I'm still trying to >clean up the pieces before bringing the web interface back online=2E > >I could also write wrappers the other way around if Alpine is really >tied to using `adduser` and `addgroup` so that build scripts can use >`useradd` and `groupadd` without a dependency on shadow=2E > >BTW, is there a reason Alpine doesn't ship shadow as a base dep? Does >Alpine really recommend use of tcb, or is it some other system? I've >never been able to figure this out and in fact this is why I gave up >trying to deploy Alpine at my last employer=2E We used LDAP and I >couldn't for the life of me make Alpine login(1) use it=2E > > >> s6 with a porcelain layer still seems very interesting > > >+1=2E > > >Best, >- --arw > > >- --=20 >A=2E Wilcox (awilfox) >Project Lead, Ad=C3=A9lie Linux >http://adelielinux=2Eorg >-----BEGIN PGP SIGNATURE----- >Version: GnuPG v2 > >iQIcBAEBCAAGBQJaJd4ZAAoJEMspy1GSK50Uk9EP/2MJEp2JqObs8oTuI5Ehu6/6 >VN6e62vIVDgm6EM78/4dEOd7PgDygfcVaEa+LflczP6sgU5rZXpX5mDn5wxb2XaB >iEsJ/esj306UkFIwnph8VU2z8+FdQ8SwcVD3IF++xKAbDHFCayYqt76nt44aNtjt >9/2FaLha9apU/4Vbl8u5+9l57wvxkyLTNlt2IrPWiB6KOyp2Jl450clE1VYYfjlQ >YroEab9klPToft4izScqPhlHc+AiqaiOwxNdKF2ekY3+bOVi73nZHejgibYtE0kj >tJWnb7M1HlSaPOKQ3XIc+cA/QWGNYWkfg8AwtaWnwSz30LpbV8FOKoRf0AoU4FsU >gTV8GQHKSLKbQgObZGVq9bpgsin8dWRcFbfij5P+sNZLg84nCfsCYH1TBjo+Y37d >gLGFrfHBCHWH5qs039lHa9x6U5tlMcBndvkAwd0FSlQDZaNLHDG3x3Jyq0o7BbTD >yGYj1CtW4udF7V9PxnV9r3PIvBu9OmPC/nNXf+3Mf/i4GOCGdS8IqE5FhFbmbtYG >BOz+g+Z95V3ZWaE4K6B4nqOMLWjM+UyJNJkfKaUz0ppDFKWU+IFDbtwbnYwCCElW >KRz/CY/MnOKi0CYEML7ouij4+SOMwjwv0qNAAS4/Xbqf1dt4JnAP/8gPUS3xSike >GfD+idvKvp24NbAzjbmP >=3DGK// >-----END PGP SIGNATURE----- > > >--- >Unsubscribe: alpine-devel+unsubscribe@lists=2Ealpinelinux=2Eorg >Help: alpine-devel+help@lists=2Ealpinelinux=2Eorg >--- --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---