It’s source code repo did not get migrated with Debian’s move to Gitlab, but an archive can be found here. If this forms an important part of an Ubuntu Core system and we need to make changes, it would be worth addressing the maintenance question. libnss-extrausers was orphaned upstream in September 2016.If we want this to work on Ubuntu Core 16 systems, then the feature would need to be back-ported. Patch shadow-utils to allow modifying of system group membership by creating a new record in /var/lib/extrausers/group with the same name and ID as found in /etc/group.Patch nss-extrausers to not ignore low ID groups.Update the /etc/nf configuration for the group database: group: files extrausers.It looks like it would be fairly easy to integrate into an Ubuntu Core system: The main use case for this was to allow extending system groups via LDAP, but it has also been used by systemd-homed to include group memberships in a user record. Through the use of directive, this allows the results of two or more group backends to be merged to produce a getgrnam or getgrgid result. Glibc 2.24 introduced a new group merging feature: Further more, removing users and groups from the /etc databases is problematic if we want Ubuntu Core devices to be able to migrate forward to new UC releases: there might be files on disk using the removed uids/gids. This means that membership of groups declared in /etc/group is effectively fixed.Ĭore20 PR #82 was an attempt to fix the docker group by moving it to the extrausers database, but was ineffective because the IDs are less than 500. The membership of of a group is declared in its group database entry. Some of the tools from shadow-utils have been patched to allow managing users and groups in the /var/lib/extrausers, but it is a bit spotty. The extrausers backend includes a check to make sure IDs are >= 500, on the basis that it should not be used to define system users and groups The extrausers backend is similar but reads databases from /var/lib/extrausers, which is writable on Ubuntu Core. The files NSS backend reads the databases stored in /etc, which are read only on Ubuntu Core systems. The backends are consulted in the order listed in the configuration file.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |