Summary: | Supporting /usr/lib/passwd | ||
---|---|---|---|
Product: | glibc | Reporter: | Colin <walters> |
Component: | libc | Assignee: | Not yet assigned to anyone <unassigned> |
Status: | RESOLVED WONTFIX | ||
Severity: | normal | CC: | carlos, cickumqt, drepper.fsp, fweimer, jhrozek |
Priority: | P2 | Flags: | fweimer:
security-
|
Version: | unspecified | ||
Target Milestone: | --- | ||
Host: | Target: | ||
Build: | Last reconfirmed: |
Description
Colin
2013-11-08 15:33:05 UTC
Moving on to implementation; at the moment, my OS (gnome-continuous) has a hacked up copy of the glibc "files" backend which just looks up in /usr/lib/passwd, then our default /etc/nsswitch.conf has: passwd: files altfiles group: files altfiles Now what I'd like to move on to here is upstreaming this logic, because my ultimate plan is to have OSTree's logic *underneath* dpkg/rpm, and to do that really, I'd like Debian and Red Hat Enterprise Linux to come capable of this out of the box. So for upstreaming, what do you think of these options? 1) Change "files" to do this by default 1a) Unconditionally (though obviously not erroring out if /usr/lib/passwd doesn't exist) 1b) Behind a build-time --enable-usrlib-passwd option 2) Ship "usrlibfiles" as a separate upstream module 3) Something else? I personally think 1a) will be fine, but I'm open to discussion. You'll need to post your patches to libc-alpha with some very very strong rationale for wanting to support /usr/lib/passwd, starting with use cases and why /etc/passwd is currently problematic for your use cases. Please make sure you lead with your examples and use cases to justify /usr/lib/passwd. As it stands right now you haven't provided enough rationale to complicated system administration with another password file. Please read through the contribution checklist carefully: https://sourceware.org/glibc/wiki/Contribution%20checklist If you want some review you can post to libc-help and we can hash out the patch and any style issues before posting a fully baked solution to libc-alpha, but that's up to you. (In reply to Carlos O'Donell from comment #2) > You'll need to post your patches to libc-alpha with some very very strong > rationale for wanting to support /usr/lib/passwd, It might be that the right thing is for nss-altfiles to live outside of glibc. If we choose that path though, one thing I'd like is something like /etc/nsswitch.conf.d or perhaps better, just /usr/lib/nss and where it looks like: 10-files.so 20-nss-altfiles.so 30-sssd.so etc. Then the NSS module is loaded and specifies which services it should offer. (Does anyone ever even want sss for passwd but not group? I don't think so) > starting with use cases Atomic upgrades. > and why /etc/passwd is currently problematic for your use cases. Because it requires a semantic merge. Don't get me wrong, I *could* choose to hardcode special support for merges on upgrades of /etc/passwd. RPM and dpkg effectively do this now by calling useradd. But it's far cleaner I think to have system users in a separate place from human users. For what it's worth, from looking around, CoreOS is also using /usr/lib/passwd. I think this is better handled with a set of custom NSS modules. This will be necessary anyway to handle certain corner cases in the way system administrators expect, and glibc is the wrong place for such policy decisions. |