All icingaweb2 ebuilds currently add the "icingacmd" and "icingaweb2" groups to the "apache" or "nginx" user (depending on the USE flags) via usermod: pkg_setup() { depend.apache_pkg_setup use nginx && usermod -a -G icingacmd,icingaweb2 nginx use apache2 && usermod -a -G icingacmd,icingaweb2 apache } This works fine until acct-user/{apache,nginx} is reinstalled/upgraded, since acct-* packages currently remove all changes on install. So, installing acct-user/{apache,nginx} AFTER www-apps/icingaweb2 results in the respective user not belonging to the groups "icingacmd" and "icingaweb2" anymore. On my machine, this lead to icingaweb2's configuration files not being accessible to the icinga2 webapp in both nginx- and apache-based setups. I fixed this problem for now unintentionally by reinstalling icingaweb2 while tracking down the webapp error, but I guess it will reemerge with the next revbump or version bump of the above user packages. ionen suggested in #gentoo that a USE-flag-based approach similar to acct-user/git might help to maintain current behavior without manual usermod, other than that I'm not sure what the best approach would be here. Quick grepping of the gentoo repo suggests that also other packages use gpasswd/usermod to modify users, so this might be a (small but) more general use case? Reproducible: Always Portage 3.0.30 (python 3.10.5-final-0, !../../var/db/repos/binaryden/profiles/binaryden/17.1/base, gcc-11.3.0, glibc-2.34-r13, 5.15.52-gentoo x86_64) ================================================================= System uname: Linux-5.15.52-gentoo-x86_64-QEMU_Virtual_CPU_version_2.5+-with-glibc2.34 KiB Mem: 12264296 total, 7284908 free KiB Swap: 4194300 total, 4194300 free Timestamp of repository gentoo: Mon, 11 Jul 2022 08:16:40 +0000 Head commit of repository gentoo: 44691625e55658bbfef0dce3856013fcd5507035 Timestamp of repository binaryden: Thu, 07 Jul 2022 12:31:38 +0000 Head commit of repository binaryden: be7014f9e0a3ee1b7e354047a6d3b4280a7128d0 sh bash 5.1_p16 ld GNU ld (Gentoo 2.37_p1 p2) 2.37 app-misc/pax-utils: 1.3.4::gentoo app-shells/bash: 5.1_p16::gentoo dev-lang/perl: 5.34.1-r3::gentoo dev-lang/python: 3.10.5::gentoo dev-lang/rust-bin: 1.60.0::gentoo dev-util/cmake: 3.22.4::gentoo dev-util/meson: 0.62.2::gentoo sys-apps/baselayout: 2.8::gentoo sys-apps/sandbox: 2.29::gentoo sys-apps/systemd: 250.7::gentoo sys-devel/autoconf: 2.71-r1::gentoo sys-devel/automake: 1.16.5::gentoo sys-devel/binutils: 2.37_p1-r2::gentoo sys-devel/binutils-config: 5.4.1::gentoo sys-devel/gcc: 11.3.0::gentoo sys-devel/gcc-config: 2.5-r1::gentoo sys-devel/libtool: 2.4.7::gentoo sys-devel/make: 4.3::gentoo sys-kernel/linux-headers: 5.15-r3::gentoo (virtual/os-headers) sys-libs/glibc: 2.34-r13::gentoo Repositories: gentoo location: /var/db/repos/gentoo sync-type: git sync-uri: https://anongit.gentoo.org/git/repo/sync/gentoo.git priority: -1000 sync-git-clone-extra-opts: -b master sync-git-verify-commit-signature: true binaryden location: /var/db/repos/binaryden sync-type: git sync-uri: https://github.com/gentoo-mirror/binaryden.git masters: gentoo ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="@BINARY-REDISTRIBUTABLE" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=native -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php8.0/ext-active/ /etc/php/apache2-php8.1/ext-active/ /etc/php/cgi-php8.0/ext-active/ /etc/php/cgi-php8.1/ext-active/ /etc/php/cli-php8.0/ext-active/ /etc/php/cli-php8.1/ext-active/ /etc/php/fpm-php8.0/ext-active/ /etc/php/fpm-php8.1/ext-active/ /etc/php/phpdbg-php8.0/ext-active/ /etc/php/phpdbg-php8.1/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-march=native -O2 -pipe" DISTDIR="/var/cache/distfiles" EMERGE_DEFAULT_OPTS="--quiet-build=y --read-news=y" ENV_UNSET="CARGO_HOME DBUS_SESSION_BUS_ADDRESS DISPLAY GOBIN GOPATH PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs buildpkg-live clean-logs config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch pid-sandbox preserve-libs protect-owned qa-unresolved-soname-deps sandbox sfperms splitdebug strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" FFLAGS="-O2 -pipe" GENTOO_MIRRORS="http://distfiles.gentoo.org" LANG="en_US.utf8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" MAKEOPTS="-j5" PKGDIR="/var/cache/binpkgs" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git" PORTAGE_TMPDIR="/tmp" SHELL="/bin/zsh" USE="acl acpi amd64 bzip2 cli crypt dri fortran gdbm iconv ipv6 libglvnd libtirpc multilib ncurses nginx nls nptl openmp pam pcre postgres readline sasl seccomp split-usr ssl systemd udev udisks unicode vhosts vim-syntax xattr zlib" ABI_X86="64" ADA_TARGET="gnat_2020" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="mmx mmxext popcnt sse sse2 sse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" GRUB_PLATFORMS="pc" INPUT_DEVICES="libinput" KERNEL="linux" L10N="en-US en" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LUA_SINGLE_TARGET="lua5-1" LUA_TARGETS="lua5-1" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php8-0" POSTGRES_TARGETS="postgres12 postgres13" PYTHON_SINGLE_TARGET="python3_10" PYTHON_TARGETS="python3_10" RUBY_TARGETS="ruby27" USERLAND="GNU" VIDEO_CARDS="amdgpu fbdev intel nouveau radeon radeonsi vesa dummy v4l" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq proto steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: ADDR2LINE, AR, ARFLAGS, AS, ASFLAGS, CC, CCLD, CONFIG_SHELL, CPP, CPPFLAGS, CTARGET, CXX, CXXFILT, ELFEDIT, EXTRA_ECONF, F77FLAGS, FC, GCOV, GPROF, INSTALL_MASK, LC_ALL, LD, LEX, LFLAGS, LIBTOOL, LINGUAS, MAKE, MAKEFLAGS, NM, OBJCOPY, OBJDUMP, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, RANLIB, READELF, RUSTFLAGS, SIZE, STRINGS, STRIP, YACC, YFLAGS
