[LEDE-DEV] [PATCH 0/3] enhance UID/GID assignment
Yousong Zhou
yszhou4tech at gmail.com
Wed Jun 14 05:28:57 PDT 2017
In a previous thread "convention on uid/gid for packages" we explored the
cons/pros of static and dynamic assignment uid/gid. I tried to sum up the
discussion in a separate document [2]
Conclusions at the moment are
- We still need to retain both static and dynamic assignment
- We do not want to maintain a central global list for static assignment
scattered around in all those feeds
- We need to address the potential issue of id collisions between the two
allocation schemes
This series contains mainly the following changes
- Support multiple user:group tuples in Require-User
- Ensure that build will fail if there are collisions in the packages list
- Start dynamic allocation from 65536 instead of 100
Refs
[1]. [LEDE-DEV] convention on uid/gid for packages,
http://lists.infradead.org/pipermail/lede-dev/2017-May/007522.html
[2]. UID/GID Assignment,
https://docs.google.com/document/d/15kD_-9wCW5mjI8aJaCT03Uoxde3rrtCdZWcaz-5mEtA
The following is a list of current assignment of username/groupname, uid/gid in
base and packages feed
user znc -1 package/feeds/packages/znc/Makefile
user sshd 22 package/feeds/packages/openssh/Makefile
user pulse 51 package/feeds/packages/pulseaudio/Makefile
user tor 52 package/feeds/packages/tor/Makefile
user zabbix 53 package/feeds/packages/zabbix/Makefile
user prosody 54 package/feeds/packages/prosody/Makefile
user dmapd 56 package/feeds/packages/dmapd/Makefile
user dovecot 59 package/feeds/packages/dovecot/Makefile
user ocserv 72 package/feeds/packages/ocserv/Makefile
user icecast 87 package/feeds/packages/icecast/Makefile
user pianod 88 package/feeds/packages/pianod/Makefile
user upmpdcli 89 package/feeds/packages/upmpdcli/Makefile
user _fdm 99 package/feeds/packages/fdm/Makefile
user avahi 105 package/feeds/packages/avahi/Makefile
user nut 113 package/feeds/packages/nut/Makefile
user lldp 121 package/network/services/lldpd/Makefile
user ntp 123 package/feeds/packages/ntpd/Makefile
user mosquitto 200 package/feeds/packages/mosquitto/Makefile
user transmission 224 package/feeds/packages/transmission/Makefile
user chrony 323 package/feeds/packages/chrony/Makefile
user dhcp-fwd 375 package/feeds/packages/dhcp-forwarder/Makefile
user git 382 package/feeds/packages/gitolite/Makefile
user dnsmasq 453 package/network/services/dnsmasq/Makefile
user msmtp 482 package/feeds/packages/msmtp-scripts/Makefile
user unbound 553 package/feeds/packages/unbound/Makefile
user gnunet 958 package/feeds/packages/gnunet/Makefile
user radicale 5232 package/feeds/packages/radicale/Makefile
user knot 5353 package/feeds/packages/knot/Makefile
user postgres 5432 package/feeds/packages/postgresql/Makefile
user domoticz 6144 package/feeds/packages/domoticz/Makefile
user privoxy 8118 package/feeds/packages/privoxy/Makefile
user rpc 65533 package/feeds/packages/portmap/Makefile
group znc -1 package/feeds/packages/znc/Makefile
group sshd 22 package/feeds/packages/openssh/Makefile
group pulse 51 package/feeds/packages/pulseaudio/Makefile
group tor 52 package/feeds/packages/tor/Makefile
group zabbix 53 package/feeds/packages/zabbix/Makefile
group prosody 54 package/feeds/packages/prosody/Makefile
group dmapd 56 package/feeds/packages/dmapd/Makefile
group dovecot 59 package/feeds/packages/dovecot/Makefile
group ocserv 72 package/feeds/packages/ocserv/Makefile
group icecast 87 package/feeds/packages/icecast/Makefile
group pianod 88 package/feeds/packages/pianod/Makefile
group upmpdcli 89 package/feeds/packages/upmpdcli/Makefile
group _fdm 99 package/feeds/packages/fdm/Makefile
group avahi 105 package/feeds/packages/avahi/Makefile
group nut 113 package/feeds/packages/nut/Makefile
group ntp 123 package/feeds/packages/ntpd/Makefile
group lldp 129 package/network/services/lldpd/Makefile
group mosquitto 200 package/feeds/packages/mosquitto/Makefile
group transmission 224 package/feeds/packages/transmission/Makefile
group chrony 323 package/feeds/packages/chrony/Makefile
group dhcp-fwd 375 package/feeds/packages/dhcp-forwarder/Makefile
group git 382 package/feeds/packages/gitolite/Makefile
group gnunetdns 452 package/feeds/packages/gnunet/Makefile
group dnsmasq 453 package/network/services/dnsmasq/Makefile
group msmtp 482 package/feeds/packages/msmtp-scripts/Makefile
group unbound 553 package/feeds/packages/unbound/Makefile
group gnunet 958 package/feeds/packages/gnunet/Makefile
group radicale 5232 package/feeds/packages/radicale/Makefile
group knot 5353 package/feeds/packages/knot/Makefile
group postgres 5432 package/feeds/packages/postgresql/Makefile
group domoticz 6144 package/feeds/packages/domoticz/Makefile
group privoxy 8118 package/feeds/packages/privoxy/Makefile
group rpc 65533 package/feeds/packages/portmap/Makefile
Yousong Zhou (3):
base-files: support multiple user:group tuples in Require-User
base-files: allocate uid/gid starting from 65536
scripts/package-metadata.pl: parse and validate field Require-User
include/package-ipkg.mk | 2 +-
package/base-files/Makefile | 2 +-
package/base-files/files/lib/functions.sh | 62 +++++++++++++-------------
scripts/metadata.pm | 72 ++++++++++++++++++++++++++++++-
scripts/package-metadata.pl | 12 ++++++
5 files changed, 116 insertions(+), 34 deletions(-)
--
2.12.2
More information about the Lede-dev
mailing list