* [Buildroot] [PATCH 1/3] support/scripts/mkusers: allow option for system uid/gid
@ 2020-01-13 15:35 Norbert Lange
2020-01-13 15:35 ` [Buildroot] [PATCH 2/3] package/systemd: create system users Norbert Lange
` (2 more replies)
0 siblings, 3 replies; 8+ messages in thread
From: Norbert Lange @ 2020-01-13 15:35 UTC (permalink / raw)
To: buildroot
Extend the mkusers script to allow -2 for uid/gid.
This value will take an identifier from the system range.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
---
support/scripts/mkusers | 49 +++++++++++++++++++++++++++++------------
1 file changed, 35 insertions(+), 14 deletions(-)
diff --git a/support/scripts/mkusers b/support/scripts/mkusers
index d00ba33823..1bf1336e48 100755
--- a/support/scripts/mkusers
+++ b/support/scripts/mkusers
@@ -8,6 +8,12 @@ MIN_UID=1000
MAX_UID=1999
MIN_GID=1000
MAX_GID=1999
+# use names from /etc/adduser.conf
+FIRST_SYSTEM_UID=100
+LAST_SYSTEM_UID=999
+FIRST_SYSTEM_GID=100
+LAST_SYSTEM_GID=999
+
# No more is configurable below this point
#----------------------------------------------------------------------------
@@ -136,9 +142,9 @@ check_user_validity() {
fail "invalid username '%s\n'" "${username}"
fi
- if [ ${gid} -lt -1 -o ${gid} -eq 0 ]; then
+ if [ ${gid} -lt -2 -o ${gid} -eq 0 ]; then
fail "invalid gid '%d' for '%s'\n" ${gid} "${username}"
- elif [ ${gid} -ne -1 ]; then
+ elif [ ${gid} -gt -1 ]; then
# check the gid is not already used for another group
if [ -n "${_group}" -a "${_group}" != "${group}" ]; then
fail "gid '%d' for '%s' is already used by group '%s'\n" \
@@ -162,9 +168,9 @@ check_user_validity() {
fi
fi
- if [ ${uid} -lt -1 -o ${uid} -eq 0 ]; then
+ if [ ${uid} -lt -2 -o ${uid} -eq 0 ]; then
fail "invalid uid '%d' for '%s'\n" ${uid} "${username}"
- elif [ ${uid} -ne -1 ]; then
+ elif [ ${uid} -gt -1 ]; then
# check the uid is not already used for another user
if [ -n "${_username}" -a "${_username}" != "${username}" ]; then
fail "uid '%d' for '%s' already used by user '%s'\n" \
@@ -198,16 +204,18 @@ check_user_validity() {
# - not already used by a group
generate_gid() {
local group="${1}"
+ local mingid="${2:-$MIN_UID}"
+ local maxgid="${3:-$MAX_UID}"
local gid
gid="$( get_gid "${group}" )"
if [ -z "${gid}" ]; then
- for(( gid=MIN_GID; gid<=MAX_GID; gid++ )); do
+ for(( gid=mingid; gid<=maxgid; gid++ )); do
if [ -z "$( get_group "${gid}" )" ]; then
break
fi
done
- if [ ${gid} -gt ${MAX_GID} ]; then
+ if [ ${gid} -gt ${maxgid} ]; then
fail "can not allocate a GID for group '%s'\n" "${group}"
fi
fi
@@ -222,8 +230,13 @@ add_one_group() {
local members
# Generate a new GID if needed
- if [ ${gid} -eq -1 ]; then
- gid="$( generate_gid "${group}" )"
+ if [ ${gid} -le -1 ]; then
+ if [ ${gid} -eq -1 ]; then
+ gid="$( generate_gid "${group}" )"
+ else
+ gid="$( generate_gid "${group}" $FIRST_SYSTEM_GID $LAST_SYSTEM_GID )"
+
+ fi
fi
members=$(get_members "$group")
@@ -247,16 +260,19 @@ add_one_group() {
# - not already used by a user
generate_uid() {
local username="${1}"
+ local minuid="${2:-$MIN_UID}"
+ local maxuid="${3:-$MAX_UID}"
+
local uid
uid="$( get_uid "${username}" )"
if [ -z "${uid}" ]; then
- for(( uid=MIN_UID; uid<=MAX_UID; uid++ )); do
+ for(( uid=minuid; uid<=maxuid; uid++ )); do
if [ -z "$( get_username "${uid}" )" ]; then
break
fi
done
- if [ ${uid} -gt ${MAX_UID} ]; then
+ if [ ${uid} -gt ${maxuid} ]; then
fail "can not allocate a UID for user '%s'\n" "${username}"
fi
fi
@@ -307,8 +323,13 @@ add_one_user() {
check_user_validity "${username}" "${uid}" "${group}" "${gid}"
# Generate a new UID if needed
- if [ ${uid} -eq -1 ]; then
- uid="$( generate_uid "${username}" )"
+ if [ ${uid} -le -1 ]; then
+ if [ ${uid} -eq -1 ]; then
+ uid="$( generate_uid "${username}" )"
+ else
+ uid="$( generate_uid "${username}" $FIRST_SYSTEM_UID $LAST_SYSTEM_UID )"
+
+ fi
fi
# Remove any previous instance of this user
@@ -399,7 +420,7 @@ main() {
# Then, create all the main groups which gid *is* automatic
for line in "${ENTRIES[@]}"; do
read username uid group gid passwd home shell groups comment <<<"${line}"
- [ ${gid} -eq -1 ] || continue # Non-automatic gid
+ [ ${gid} -le -1 ] || continue # Non-automatic gid
add_one_group "${group}" "${gid}"
done
@@ -433,7 +454,7 @@ main() {
for line in "${ENTRIES[@]}"; do
read username uid group gid passwd home shell groups comment <<<"${line}"
[ "${username}" != "-" ] || continue # Magic string to skip user creation
- [ ${uid} -eq -1 ] || continue # Non-automatic uid
+ [ ${uid} -le -1 ] || continue # Non-automatic uid
add_one_user "${username}" "${uid}" "${group}" "${gid}" "${passwd}" \
"${home}" "${shell}" "${groups}" "${comment}"
done
--
2.24.1
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [Buildroot] [PATCH 2/3] package/systemd: create system users
2020-01-13 15:35 [Buildroot] [PATCH 1/3] support/scripts/mkusers: allow option for system uid/gid Norbert Lange
@ 2020-01-13 15:35 ` Norbert Lange
2020-01-13 16:05 ` Thomas Petazzoni
2020-01-13 15:35 ` [Buildroot] [PATCH 3/3] package/openssh: " Norbert Lange
2020-09-15 20:47 ` [Buildroot] [PATCH 1/3] support/scripts/mkusers: allow option for system uid/gid Thomas Petazzoni
2 siblings, 1 reply; 8+ messages in thread
From: Norbert Lange @ 2020-01-13 15:35 UTC (permalink / raw)
To: buildroot
Signed-off-by: Norbert Lange <nolange79@gmail.com>
---
package/systemd/allow-empty-hostname.patch | 58 ++++++++++++++++++++++
package/systemd/systemd.mk | 18 +++----
2 files changed, 67 insertions(+), 9 deletions(-)
create mode 100644 package/systemd/allow-empty-hostname.patch
diff --git a/package/systemd/allow-empty-hostname.patch b/package/systemd/allow-empty-hostname.patch
new file mode 100644
index 0000000000..43dff94eae
--- /dev/null
+++ b/package/systemd/allow-empty-hostname.patch
@@ -0,0 +1,58 @@
+diff --git a/src/network/generator/network-generator.c b/src/network/generator/network-generator.c
+index 81afa953076..bed1e42697c 100644
+--- a/src/network/generator/network-generator.c
++++ b/src/network/generator/network-generator.c
+@@ -574,7 +574,7 @@ static int parse_netmask_or_prefixlen(int family, const char **value, unsigned c
+
+ static int parse_cmdline_ip_address(Context *context, int family, const char *value) {
+ union in_addr_union addr = {}, peer = {}, gateway = {};
+- const char *hostname, *ifname, *dhcp_type, *dns, *p;
++ const char *hostname = NULL, *ifname, *dhcp_type, *dns, *p;
+ unsigned char prefixlen;
+ int r;
+
+@@ -599,9 +599,11 @@ static int parse_cmdline_ip_address(Context *context, int family, const char *va
+ if (!p)
+ return -EINVAL;
+
+- hostname = strndupa(value, p - value);
+- if (!hostname_is_valid(hostname, false))
+- return -EINVAL;
++ if (p != value) {
++ hostname = strndupa(value, p - value);
++ if (!hostname_is_valid(hostname, false))
++ return -EINVAL;
++ }
+
+ value = p + 1;
+
+diff --git a/test/TEST-35-NETWORK-GENERATOR/test-03-issue-14319.expected/90-enp3s0.network b/test/TEST-35-NETWORK-GENERATOR/test-03-issue-14319.expected/90-enp3s0.network
+new file mode 100644
+index 00000000000..28ccfdd9b00
+--- /dev/null
++++ b/test/TEST-35-NETWORK-GENERATOR/test-03-issue-14319.expected/90-enp3s0.network
+@@ -0,0 +1,17 @@
++# Automatically generated by systemd-network-generator
++
++[Match]
++Name=enp3s0
++
++[Link]
++
++[Network]
++DHCP=no
++
++[DHCP]
++
++[Address]
++Address=10.99.37.44/16
++
++[Route]
++Gateway=10.99.10.1
+diff --git a/test/TEST-35-NETWORK-GENERATOR/test-03-issue-14319.input b/test/TEST-35-NETWORK-GENERATOR/test-03-issue-14319.input
+new file mode 100644
+index 00000000000..3be752067b8
+--- /dev/null
++++ b/test/TEST-35-NETWORK-GENERATOR/test-03-issue-14319.input
+@@ -0,0 +1 @@
++root=/dev/nfs nfsroot=10.99.37.240:/srv/netroot,v3,tcp ip=10.99.37.44::10.99.10.1:255.255.0.0::enp3s0:off
diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
index a3073f10a9..bce87951d2 100644
--- a/package/systemd/systemd.mk
+++ b/package/systemd/systemd.mk
@@ -181,7 +181,7 @@ endif
ifeq ($(BR2_PACKAGE_SYSTEMD_JOURNAL_REMOTE),y)
SYSTEMD_CONF_OPTS += -Dremote=true
-SYSTEMD_REMOTE_USER = systemd-journal-remote -1 systemd-journal-remote -1 * /run/systemd - - systemd Journal Remote
+SYSTEMD_REMOTE_USER = systemd-journal-remote -2 systemd-journal-remote -2 * /run/systemd - - systemd Journal Remote
else
SYSTEMD_CONF_OPTS += -Dremote=false
endif
@@ -305,7 +305,7 @@ endif
ifeq ($(BR2_PACKAGE_SYSTEMD_COREDUMP),y)
SYSTEMD_CONF_OPTS += -Dcoredump=true
-SYSTEMD_COREDUMP_USER = systemd-coredump -1 systemd-coredump -1 * /run/systemd - - systemd core dump processing
+SYSTEMD_COREDUMP_USER = systemd-coredump -2 systemd-coredump -2 * /run/systemd - - systemd core dump processing
else
SYSTEMD_CONF_OPTS += -Dcoredump=false
endif
@@ -325,7 +325,7 @@ endif
ifeq ($(BR2_PACKAGE_SYSTEMD_NETWORKD),y)
SYSTEMD_CONF_OPTS += -Dnetworkd=true
-SYSTEMD_NETWORKD_USER = systemd-network -1 systemd-network -1 * /run/systemd - - systemd Network Management
+SYSTEMD_NETWORKD_USER = systemd-network -2 systemd-network -2 * /run/systemd - - systemd Network Management
SYSTEMD_NETWORKD_DHCP_IFACE = $(call qstrip,$(BR2_SYSTEM_DHCP))
ifneq ($(SYSTEMD_NETWORKD_DHCP_IFACE),)
define SYSTEMD_INSTALL_NETWORK_CONFS
@@ -344,14 +344,14 @@ define SYSTEMD_INSTALL_RESOLVCONF_HOOK
$(TARGET_DIR)/etc/resolv.conf
endef
SYSTEMD_CONF_OPTS += -Dresolve=true
-SYSTEMD_RESOLVED_USER = systemd-resolve -1 systemd-resolve -1 * /run/systemd - - systemd Resolver
+SYSTEMD_RESOLVED_USER = systemd-resolve -2 systemd-resolve -2 * /run/systemd - - systemd Resolver
else
SYSTEMD_CONF_OPTS += -Dresolve=false
endif
ifeq ($(BR2_PACKAGE_SYSTEMD_TIMESYNCD),y)
SYSTEMD_CONF_OPTS += -Dtimesyncd=true
-SYSTEMD_TIMESYNCD_USER = systemd-timesync -1 systemd-timesync -1 * /run/systemd - - systemd Time Synchronization
+SYSTEMD_TIMESYNCD_USER = systemd-timesync -2 systemd-timesync -2 * /run/systemd - - systemd Time Synchronization
else
SYSTEMD_CONF_OPTS += -Dtimesyncd=false
endif
@@ -420,10 +420,10 @@ define SYSTEMD_INSTALL_IMAGES_CMDS
endef
define SYSTEMD_USERS
- - - input -1 * - - - Input device group
- - - systemd-journal -1 * - - - Journal
- - - render -1 * - - - DRI rendering nodes
- - - kvm -1 * - - - kvm nodes
+ - - input -2 * - - - Input device group
+ - - systemd-journal -2 * - - - Journal
+ - - render -2 * - - - DRI rendering nodes
+ - - kvm -2 * - - - kvm nodes
$(SYSTEMD_REMOTE_USER)
$(SYSTEMD_COREDUMP_USER)
$(SYSTEMD_NETWORKD_USER)
--
2.24.1
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [Buildroot] [PATCH 3/3] package/openssh: create system users
2020-01-13 15:35 [Buildroot] [PATCH 1/3] support/scripts/mkusers: allow option for system uid/gid Norbert Lange
2020-01-13 15:35 ` [Buildroot] [PATCH 2/3] package/systemd: create system users Norbert Lange
@ 2020-01-13 15:35 ` Norbert Lange
2020-09-15 20:47 ` [Buildroot] [PATCH 1/3] support/scripts/mkusers: allow option for system uid/gid Thomas Petazzoni
2 siblings, 0 replies; 8+ messages in thread
From: Norbert Lange @ 2020-01-13 15:35 UTC (permalink / raw)
To: buildroot
Signed-off-by: Norbert Lange <nolange79@gmail.com>
---
package/openssh/openssh.mk | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk
index 0411133bdc..6e29c3af7d 100644
--- a/package/openssh/openssh.mk
+++ b/package/openssh/openssh.mk
@@ -67,7 +67,7 @@ define OPENSSH_INSTALL_SYSTEMD_SYSUSERS
endef
else
define OPENSSH_USERS
- sshd -1 sshd -1 * /var/empty - - SSH drop priv user
+ sshd -2 sshd -2 * /var/empty - - SSH drop priv user
endef
endif
--
2.24.1
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [Buildroot] [PATCH 2/3] package/systemd: create system users
2020-01-13 15:35 ` [Buildroot] [PATCH 2/3] package/systemd: create system users Norbert Lange
@ 2020-01-13 16:05 ` Thomas Petazzoni
0 siblings, 0 replies; 8+ messages in thread
From: Thomas Petazzoni @ 2020-01-13 16:05 UTC (permalink / raw)
To: buildroot
On Mon, 13 Jan 2020 16:35:14 +0100
Norbert Lange <nolange79@gmail.com> wrote:
> Signed-off-by: Norbert Lange <nolange79@gmail.com>
> ---
> package/systemd/allow-empty-hostname.patch | 58 ++++++++++++++++++++++
This patch doesn't seem to be related.
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Buildroot] [PATCH 1/3] support/scripts/mkusers: allow option for system uid/gid
2020-01-13 15:35 [Buildroot] [PATCH 1/3] support/scripts/mkusers: allow option for system uid/gid Norbert Lange
2020-01-13 15:35 ` [Buildroot] [PATCH 2/3] package/systemd: create system users Norbert Lange
2020-01-13 15:35 ` [Buildroot] [PATCH 3/3] package/openssh: " Norbert Lange
@ 2020-09-15 20:47 ` Thomas Petazzoni
2020-09-15 21:29 ` Norbert Lange
2 siblings, 1 reply; 8+ messages in thread
From: Thomas Petazzoni @ 2020-09-15 20:47 UTC (permalink / raw)
To: buildroot
Hello Norbert,
On Mon, 13 Jan 2020 16:35:13 +0100
Norbert Lange <nolange79@gmail.com> wrote:
> Extend the mkusers script to allow -2 for uid/gid.
> This value will take an identifier from the system range.
>
> Signed-off-by: Norbert Lange <nolange79@gmail.com>
Sorry for the long delay in getting back to you. We had an earlier
proposal from Stephan Henningsen doing pretty much the same:
https://patchwork.ozlabs.org/project/buildroot/patch/20191023211313.6758-1-stephan+buildroot at asklandd.dk/
The argument of Stephan was pretty much beauty/consistency with what
"most systems do" without much other arguments.
However, based on your PATCH 2/3 and a reading of
https://systemd.io/UIDS-GIDS/ it seems like systemd somehow cares about
this system vs. normal user difference.
Could you give some details about the *why* you did this change?
Indeed, your commit log doesn't explain anything about the *why*.
Also, could you compare your changes to mkusers with the ones proposed
by Stephan? The ones proposed by Stephan looked quite a bit more
complicated.
Another (minor) question is: if we're going to go to this route of
separating system and normal users, wouldn't it make sense to have -1
identify system users, and -2 identify normal users? Indeed the vast
majority (all?) Buildroot packages probably want to create system
users, and they already use -1.
Best regards,
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Buildroot] [PATCH 1/3] support/scripts/mkusers: allow option for system uid/gid
2020-09-15 20:47 ` [Buildroot] [PATCH 1/3] support/scripts/mkusers: allow option for system uid/gid Thomas Petazzoni
@ 2020-09-15 21:29 ` Norbert Lange
2020-09-16 6:41 ` Jérémy ROSEN
2020-09-16 6:53 ` Thomas Petazzoni
0 siblings, 2 replies; 8+ messages in thread
From: Norbert Lange @ 2020-09-15 21:29 UTC (permalink / raw)
To: buildroot
Thomas Petazzoni <thomas.petazzoni@bootlin.com> schrieb am Di., 15. Sep.
2020, 22:47:
> Hello Norbert,
>
> On Mon, 13 Jan 2020 16:35:13 +0100
> Norbert Lange <nolange79@gmail.com> wrote:
>
> > Extend the mkusers script to allow -2 for uid/gid.
> > This value will take an identifier from the system range.
> >
> > Signed-off-by: Norbert Lange <nolange79@gmail.com>
>
> Sorry for the long delay in getting back to you. We had an earlier
> proposal from Stephan Henningsen doing pretty much the same:
>
>
> https://patchwork.ozlabs.org/project/buildroot/patch/20191023211313.6758-1-stephan+buildroot at asklandd.dk/
>
> The argument of Stephan was pretty much beauty/consistency with what
> "most systems do" without much other arguments.
>
> However, based on your PATCH 2/3 and a reading of
> https://systemd.io/UIDS-GIDS/ it seems like systemd somehow cares about
> this system vs. normal user difference.
>
> Could you give some details about the *why* you did this change?
> Indeed, your commit log doesn't explain anything about the *why*.
>
> Also, could you compare your changes to mkusers with the ones proposed
> by Stephan? The ones proposed by Stephan looked quite a bit more
> complicated.
>
> Another (minor) question is: if we're going to go to this route of
> separating system and normal users, wouldn't it make sense to have -1
> identify system users, and -2 identify normal users? Indeed the vast
> majority (all?) Buildroot packages probably want to create system
> users, and they already use -1.
>
> Best regards,
>
> Thomas
> --
> Thomas Petazzoni, CTO, Bootlin
> Embedded Linux and Kernel engineering
> https://bootlin.com
Yeah, this was touched upon (both points), see [1].
System users exist as concept on all distros an observable effects are for
ex journald spawning a separate logging stream.
So no, it's not just cosmetics, and yes I'd make system user the default.
Norbert
[1] http://lists.busybox.net/pipermail/buildroot/2020-February/273558.html
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200915/64a12f4d/attachment.html>
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Buildroot] [PATCH 1/3] support/scripts/mkusers: allow option for system uid/gid
2020-09-15 21:29 ` Norbert Lange
@ 2020-09-16 6:41 ` Jérémy ROSEN
2020-09-16 6:53 ` Thomas Petazzoni
1 sibling, 0 replies; 8+ messages in thread
From: Jérémy ROSEN @ 2020-09-16 6:41 UTC (permalink / raw)
To: buildroot
I'll give a bit more detail about the way journald handles system/user UID.
there might be other places where systemd treats them differently, but
that's the only
one I know from memory.
journald collects all logs on the system
* from the daemons running around
* from the kernel/audit system
* from containers
* from user sessions.
When a user logs in, a "per user" instance of systemd is spawned that
can starts daemons for that user (ssh-agent, pulseaudio, colord...
daemons that make sense at the user level but not at the system level)
To ease the handling of permissions and reading those files, journald does
not store all logs in a single file, but in one file per user. Journald uses
ACL to allow each user to have access to his logs through normal unix
permissions instead of relying on some sort of SUID mechanism.
However, it would be a bad idea to have a separate journal file for system
users, since system users are part of the system and the log they produce
are really only for the administrator to see. So those logs are stored with
the
system logs in the machine's main log file.
The separation between the two types of users uses the UID1000 split
A quick grep in systemd yields a couple of other usages
* systemd-coredumps will tweak access right to allow non-system users to
read the core-dumps they generate
* When closing a session, logind may clean up IPC for non-system user.
The explanation is a bit complex so i'll just copy/paste the comment in
the code
/* Clean SysV + POSIX IPC objects, but only if this is not a system
user. Background: in many setups cronjobs
* are run in full PAM and thus logind sessions, even if the code
run doesn't belong to actual users but to
* system components. Since enable RemoveIPC= globally for all
users, we need to be a bit careful with such
* cases, as we shouldn't accidentally remove a system service's
IPC objects while it is running, just because
* a cronjob running as the same user just finished. Hence: exclude
system users generally from IPC clean-up,
* and do it only for normal users. */
* there is a unit condition calle ConditionUser= (and AssertUser=) that
allow to limit a unit file to only be allowed for a certain user. This
condition
can take a user name, a UID or the magic value "@system" to be allowed
to any system user
Regards
Jeremy
--
[image: SMILE] <http://www.smile.eu/>
20 rue des Jardins
92600 Asni?res-sur-Seine
*J?r?my ROSEN*
Architecte technique
[image: email] jeremy.rosen at smile.fr
[image: phone] +33 6 88 25 87 42
[image: url] http://www.smile.eu
[image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
<https://www.facebook.com/smileopensource> [image: LinkedIn]
<https://www.linkedin.com/company/smile> [image: Github]
<https://github.com/Smile-SA>
[image: D?couvrez l?univers Smile, rendez-vous sur smile.eu]
<https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200916/dbf5dbef/attachment.html>
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Buildroot] [PATCH 1/3] support/scripts/mkusers: allow option for system uid/gid
2020-09-15 21:29 ` Norbert Lange
2020-09-16 6:41 ` Jérémy ROSEN
@ 2020-09-16 6:53 ` Thomas Petazzoni
1 sibling, 0 replies; 8+ messages in thread
From: Thomas Petazzoni @ 2020-09-16 6:53 UTC (permalink / raw)
To: buildroot
Hello,
On Tue, 15 Sep 2020 23:29:24 +0200
Norbert Lange <nolange79@gmail.com> wrote:
> Yeah, this was touched upon (both points), see [1].
>
> System users exist as concept on all distros an observable effects are for
> ex journald spawning a separate logging stream.
Right, thanks for the additional feedback.
> So no, it's not just cosmetics, and yes I'd make system user the default.
Agreed.
Did you compare your implementation with the one proposed by Stephan
earlier ?
Best regards,
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2020-09-16 6:53 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-01-13 15:35 [Buildroot] [PATCH 1/3] support/scripts/mkusers: allow option for system uid/gid Norbert Lange
2020-01-13 15:35 ` [Buildroot] [PATCH 2/3] package/systemd: create system users Norbert Lange
2020-01-13 16:05 ` Thomas Petazzoni
2020-01-13 15:35 ` [Buildroot] [PATCH 3/3] package/openssh: " Norbert Lange
2020-09-15 20:47 ` [Buildroot] [PATCH 1/3] support/scripts/mkusers: allow option for system uid/gid Thomas Petazzoni
2020-09-15 21:29 ` Norbert Lange
2020-09-16 6:41 ` Jérémy ROSEN
2020-09-16 6:53 ` Thomas Petazzoni
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.