| |
@@ -135,18 +135,35 @@
|
| |
|
| |
=== Dynamic allocation
|
| |
|
| |
- To create users and groups in packages using dynamic allocation, use the following:
|
| |
-
|
| |
- ....
|
| |
- Requires(pre): shadow-utils
|
| |
- [...]
|
| |
+ To create users and groups in packages using dynamic allocation, do the following:
|
| |
+
|
| |
+ Create a `<package-name>.sysusers` file with the user definition and add it to the specfile as a source.
|
| |
+ For example for the `munge` package, this file contains:
|
| |
+ ```
|
| |
+ #Type Name ID GECOS Home directory Shell
|
| |
+ u munge - "Runs Uid 'N' Gid Emporium" /run/munge /sbin/nologin
|
| |
+ ```
|
| |
+
|
| |
+ In the specfile, add a BuildRequires for systemd-rpm-macros, install the sysusers file,
|
| |
+ and use the `%sysusers_create_compat` macro to consume it in the `%pre` section
|
| |
+ (in this example the sysusers config file is `Source3` of the specfile):
|
| |
+ ```
|
| |
+ [...]
|
| |
+ BuildRequires: systemd-rpm-macros
|
| |
+
|
| |
+ [...]
|
| |
+ %install
|
| |
+ install -p -D -m 0644 %{SOURCE3} %{buildroot}%{_sysusersdir}/munge.conf
|
| |
+
|
| |
+ [...]
|
| |
%pre
|
| |
- getent group GROUPNAME >/dev/null || groupadd -r GROUPNAME
|
| |
- getent passwd USERNAME >/dev/null || \
|
| |
- useradd -r -g GROUPNAME -d HOMEDIR -s /sbin/nologin \
|
| |
- -c "Useful comment about the purpose of this account" USERNAME
|
| |
- exit 0
|
| |
- ....
|
| |
+ %sysusers_create_compat %{SOURCE3}
|
| |
+
|
| |
+ [...]
|
| |
+ %files
|
| |
+ %{_sysusersdir}/munge.conf
|
| |
+ [...]
|
| |
+ ```
|
| |
|
| |
=== Soft static allocation
|
| |
|
| |
@@ -168,22 +185,10 @@
|
| |
We will try to accommodate on a first-come-first serve basis
|
| |
if the UID/GID is available from within the Fedora system UID/GID range.
|
| |
|
| |
- To create users and groups in packages, use the following:
|
| |
+ To create users and groups in packages with an allocated UID/GID, add a sysusers file
|
| |
+ that specifies the ID for the given user and/or group and follow the same steps as in
|
| |
+ the dynamic allocation section above.
|
| |
|
| |
- ....
|
| |
- Requires(pre): shadow-utils
|
| |
- [...]
|
| |
- %pre
|
| |
- getent group GROUPNAME >/dev/null || groupadd -f -g ALLOCATED_GID -r GROUPNAME
|
| |
- if ! getent passwd USERNAME >/dev/null ; then
|
| |
- if ! getent passwd ALLOCATED_UID >/dev/null ; then
|
| |
- useradd -r -u ALLOCATED_UID -g GROUPNAME -d HOMEDIR -s /sbin/nologin -c "Useful comment about the purpose of this account" USERNAME
|
| |
- else
|
| |
- useradd -r -g GROUPNAME -d HOMEDIR -s /sbin/nologin -c "Useful comment about the purpose of this account" USERNAME
|
| |
- fi
|
| |
- fi
|
| |
- exit 0
|
| |
- ....
|
| |
|
| |
=== Values given to useradd and groupadd
|
| |
|
| |
Update the guidelines to account for the recent addition of the %sysusers_create_compat macro which should now be used everywhere