Enable RPM sysusers integration #1367
Conversation
|
what about %files section? |
nikromen
force-pushed
the
provice-groups-via-sysusers
branch
from
b347681
to
2b1b941
Compare
|
I think this still miss a few things: BuildRequires and %pre macro. See https://docs.fedoraproject.org/en-US/packaging-guidelines/UsersAndGroups/#_dynamic_allocation |
|
Additionally, it would be nice if you amend https://docs.fedoraproject.org/en-US/packaging-guidelines/UsersAndGroups/#_dynamic_allocation and for package that provides the user do s/mock/mock-core-configs/. |
.. or |
nikromen
force-pushed
the
provice-groups-via-sysusers
branch
3 times, most recently
from
7968df6
to
d348272
Compare
nikromen
changed the title
nikromen
force-pushed
the
provice-groups-via-sysusers
branch
from
d348272
to
4c8cd88
Compare
|
Why you removed that line from %files section? |
nikromen
force-pushed
the
provice-groups-via-sysusers
branch
from
4c8cd88
to
353c12a
Compare
|
The %sysusers_create_compat macro will generate something like this: # generated from mock.conf.
getent group 'mock' >/dev/null || groupadd -r 'mock' || :
getent passwd 'mock' >/dev/null || \
useradd -r -g 'mock' -d '/run/mock' -s '/sbin/nologin' -c 'Runs Uid '\''N'\'' some text' 'mock' || :so the line in files is no longer needed |
|
I meant: But you added it back with latest update. It is ok then. |
|
I tried to install on UBI8: |
nikromen
force-pushed
the
provice-groups-via-sysusers
branch
from
353c12a
to
ab1e9a5
Compare
mock/mock.spec
Outdated
| @@ -17,7 +16,8 @@ License: GPL-2.0-or-later | |||
| # cd mock | |||
| # git reset --hard %%{name}-%%{version} | |||
| # tito build --tgz | |||
| Source: %{name}-%{version}.tar.gz | |||
| Source0: %{name}-%{version}.tar.gz | |||
| Source1: https://raw.githubusercontent.com/rpm-software-management/mock/main/mock-core-configs/mock.conf | |||
There was a problem hiding this comment.
This is the way to address the file in %pre when macros are evaluated (before the tarball is extrected).
There was a problem hiding this comment.
I think you are confusing %pre and %prep.
There was a problem hiding this comment.
No no ... the %sysusers_create_compat macro is evaluated at the time when the tarball isn't extracted, yet. See how it is defined, it contains the shell-script macro %().
There was a problem hiding this comment.
There was a problem hiding this comment.
According to my experiments, ... yes? But maybe I'm doing something wrong.
There was a problem hiding this comment.
Yeah, I tried to install bodhi-server in fedora:rawhide container, and there's no bodhi user/group:
[root@db5467446600 /]# grep bodhi /etc/group /etc/passwd
[root@db5467446600 /]#
The reason nobody noticed is that they (probably) install it on servers with systemd.
There was a problem hiding this comment.
they also try to work around this by defining the file directly in spec
https://src.fedoraproject.org/rpms/bodhi-server/blob/rawhide/f/bodhi-server.spec#_84
it seems like hard task to push the .sysusers file from upstream to %pre...
There was a problem hiding this comment.
That is wrong approach, the -f file needs to contain shell script, not the sysusersdir content.
There was a problem hiding this comment.
Actually, as I realized in the other thread, the feature is now RPM built-in. But it still doesn't work for the bodhi-server :-) confusing as hell. I think the problem actually is that the dropin has .sysusers suffix instead of .conf. I'm trying to propose a fix here.
nikromen
force-pushed
the
provice-groups-via-sysusers
branch
4 times, most recently
from
55d852e
to
1fd4da3
Compare
nikromen
force-pushed
the
provice-groups-via-sysusers
branch
2 times, most recently
from
392a041
to
442074b
Compare
nikromen
force-pushed
the
provice-groups-via-sysusers
branch
2 times, most recently
from
29afaaa
to
52dab30
Compare
nikromen
force-pushed
the
provice-groups-via-sysusers
branch
from
52dab30
to
03f8f00
Compare
|
The release notes snippet deserves update, otherwise LGTM |
nikromen
force-pushed
the
provice-groups-via-sysusers
branch
from
03f8f00
to
0cfadda
Compare
|
Hmpf, now I recall I've seen this feature before, and guess what :) |
| @@ -169,6 +169,9 @@ done | |||
|
|
|||
| ./precompile-bash-completion "mock.complete" | |||
|
|
|||
| # this is what %%sysusers_create_compat will expand to | |||
| %{_rpmconfigdir}/sysusers.generate-pre.sh mock.conf > sysusers_script | |||
There was a problem hiding this comment.
I eventually think that we do not need this %pre dance at all for systems with RPM >= 4.19. I'd use something like:
%if 0%{!?fedora:1} && ( 0%{?rhel} <= 9 || ... others older distros may come ... )
%{_rpmconfigdir}/sysusers.generate-pre.sh mock.conf > sysusers_script
There was a problem hiding this comment.
Without this EL10+ condition, we risk a conflict of the "built-in" mechanism and the %pre code.
nikromen
force-pushed
the
provice-groups-via-sysusers
branch
2 times, most recently
from
3285a6b
to
927d25f
Compare
Provide users/groups via `/usr/lib/sysusers.d`. This is going to be handled by RPM as described in https://docs.fedoraproject.org/en-US/packaging-guidelines/UsersAndGroups/#_dynamic_allocation and https://lists.fedoraproject.org/archives/list/[email protected]/thread/NEFOV236FJYS2RED2SEOV5YHDFLDX7DK/#KB6KS3U7RO4AYANGSUNVSG7UF5AW52Q2 Relates to fedora-copr/copr#2789
nikromen
force-pushed
the
provice-groups-via-sysusers
branch
from
927d25f
to
08966e2
Compare
The script for generating the %pre scriptlet is non-existing on new distributions (like Mageia now, but Fedora will drop that sooner or later, too). The build of Mock on Mageia previously relied on sysusers.generate-pre.sh, and failed. The sysusers feature is an RPM built-in anyway (on modern systems), so there's no reason to duplicate the logic in %pre. Generate the %pre scriptlet only for older distributions. Complements: rpm-software-management#1367 Relates: rpm-software-management#289 Relates: fedora-copr/copr#2789
The script for generating the %pre scriptlet is non-existing on new distributions (like Mageia now, but Fedora will drop that sooner or later, too). The build of Mock on Mageia previously relied on sysusers.generate-pre.sh, and failed. The sysusers feature is an RPM built-in anyway (on modern systems), so there's no reason to duplicate the logic in %pre. Generate the %pre scriptlet only for older distributions. Complements: rpm-software-management#1367 Relates: rpm-software-management#289 Relates: fedora-copr/copr#2789
Complements: rpm-software-management#1367 Relates: rpm-software-management#289 Closes: rpm-software-management#1498 Relates: fedora-copr/copr#2789
Complements: rpm-software-management#1367 Relates: rpm-software-management#289 Closes: rpm-software-management#1498 Relates: fedora-copr/copr#2789 Co-authored-by: Neal Gompa (ニール・ゴンパ) <[email protected]>
Provide users/groups via
/usr/lib/sysusers.d. This is goingto be handled by RPM as described in
https://docs.fedoraproject.org/en-US/packaging-guidelines/UsersAndGroups/#_dynamic_allocation
and https://lists.fedoraproject.org/archives/list/[email protected]/thread/NEFOV236FJYS2RED2SEOV5YHDFLDX7DK/#KB6KS3U7RO4AYANGSUNVSG7UF5AW52Q2
Fixes fedora-copr/copr#2789