Summary: | sys-apps/baselayout: portage user missing from the shadow file for sufficiently old systems | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Ellison Marks <gotyaoi> |
Component: | Current packages | Assignee: | William Hubbs <williamh> |
Status: | RESOLVED WONTFIX | ||
Severity: | minor | CC: | base-system, sam |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=829872 | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Ellison Marks
2022-01-26 00:34:31 UTC
If you run 'pwck' (as it says) it will actually fix it for you. No need to manually copy anything. I don't think anybody has hit this on a new system, which makes it hard to find something to fix other than instructing people to run pwck (which is what we decided to do). Stages and such will include acct-*/portage and things should be okay there. I'm not sure what fix we could apply in baselayout, especially given this can apply to different users anyway. It will offer to fix it, and if accepted, the generated line will be different than the one from baselayout. Mentioning acct-*/portage, I actually tried re-merging those, just to see, but they didn't add the user to shadow. My general thought was that, as baselayout changes, giving the user the option to incorporate changes (via dispatch-conf or some other mechanism) might be desirable. In this case it was portage in the shadow file, but theoretically any change might be good to incorporate. > Perhaps baselayout should use the dispatch-conf system? Not going to happen. The passwd and shadow files are not owned by any package, so config-protect doesn't apply. Triggering config-protect on every baselayout upgrade is not a good user experience. > It will offer to fix it, and if accepted, the generated line will be different than the one from baselayout. It does not need to be exactly equal to the line supplied in baselayout. > Triggering config-protect on every baselayout upgrade is not a good user experience.
To expand on this: if we have baselayout own /etc/passwd, then every time baselayout is reinstalled, etc-update and distpatch-conf will prompt the user to remove any accounts that have been added to the passwd file by other means. That's just tedious and counter-productive.
I think having people to run pwck one time on old installs is not too much to ask.
The down side of triggering config-protect for baselayout upgrades is that it makes it way to easy for a user to break their system. I agree that it is better to have users run pwck if they hit this issue. |