'Twas brillig, and Colin Walters at 22/07/14 21:47 did gyre and gimble: > On Mon, Jul 21, 2014, at 09:43 AM, Lennart Poettering wrote: >> >> I am pretty strongly against this. Making this administrator >> configurable apepars very wrong, this really should be a decision for >> the distribution vendor, and that's it. > > You list one concern below, are there others? > >> We shouldn't design a system >> that comes to completely different results if you boot it up with and >> without /etc populated... > > If that's the only issue, surely we could just have it in the > /usr/share/factory dir?
While I'm (personally) wanting to support login.defs here, there is still a chicken+egg that is not really resolvable here (AFAICT) If there was a /usr/share/factory/etc/login.defs with e.g. 500 boundary point, then this file would presumably be copied in by tmpfiles to populate /etc/login.defs BUT, as tmpfiles often needs users to exist (to do chowning etc), it has to run after sysusers. As sysusers would be one of the consumers of a /etc/login.defs parser, it wouldn't "see" the /etc/login.defs until too late, thus possibly creating system users with the compiled in default rather than the "configured" default. One cracked egg and an angry chicken :) This was pretty much the same concern I had when Zbigniew patched sysusers to also look in /etc/sysusers.d/. The same chicken and egg scenario exists there, but Lennart was OK with it in that context. To be honest, I'm not really sure why this chicken+egg is different from the sysusers one, so I'd expect either both to be rejected or both accepted but I'm not crazy fussed in this case as it should be easy enough to hack in /etc/login.defs parsing downstream where our primary use case is supporting "normal" installs where /etc/ is persistent and often upgraded from older releases. Col PS I appreciate that I've "flipped sides" in my chicken+egg debate compared to the concern I raised with Zbigniew's sysusers patch! I always reserve the right to contradict myself :p -- Colin Guthrie gmane(at)colin.guthr.ie http://colin.guthr.ie/ Day Job: Tribalogic Limited http://www.tribalogic.net/ Open Source: Mageia Contributor http://www.mageia.org/ PulseAudio Hacker http://www.pulseaudio.org/ Trac Hacker http://trac.edgewall.org/ _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
