| View previous topic :: View next topic |
| Author |
Message |
Ant P.
Watchman
Joined: 18 Apr 2009
Posts: 6920
|
 Posted: Thu Aug 01, 2019 8:31 pm Post subject: |
 |
|
| About time Gentoo caught up to Exherbo, which has worked this way for years. |
|
| Back to top |
|
 |
Anon-E-moose
Watchman
Joined: 23 May 2008
Posts: 6186
Location: Dallas area
|
| Posted: Thu Aug 01, 2019 8:46 pm Post subject: |
|
|
| Ant P. wrote: | | About time Gentoo caught up to Exherbo, which has worked this way for years. |
I haven't messed with Exherbo before, how is it compared to gentoo?
_________________
UM780, 6.12 zen kernel, gcc 13, openrc, wayland |
|
| Back to top |
|
|
Ant P.
Watchman
Joined: 18 Apr 2009
Posts: 6920
|
| Posted: Thu Aug 01, 2019 9:08 pm Post subject: |
|
|
It's much more strict about doing things the Right Way. Usually that comes at the cost of usability, but it also means they never had problems like the perl update hell that still causes an annual wave of support threads here.
Most of the meaningful improvements to portage since 2.1 were lifted from there. |
|
| Back to top |
|
|
mv
Watchman
Joined: 20 Apr 2005
Posts: 6780
|
| Posted: Thu Aug 01, 2019 9:11 pm Post subject: |
|
|
| Anon-E-moose wrote: |
| Code: | # check for ACCT_GROUP_ID collisions early
if [[ -n ${ACCT_GROUP_ENFORCE_ID} ]]; then
... |
So, I just added all the acct-group/user ebuilds to the package.provided file. |
I really don't get your point: Currently, absolutely nothing does set ACCT_GROUP_ENFORCE_ID unless you do set it manually, so the code you paste is completely irrelevant:
Currently, installing all these packages is practically a NOOP if you do have the groups/users already. |
|
| Back to top |
|
|
Anon-E-moose
Watchman
Joined: 23 May 2008
Posts: 6186
Location: Dallas area
|
| Posted: Thu Aug 01, 2019 9:56 pm Post subject: |
|
|
No point other than I just by-passed the whole rigamarole, whether they enable it today, tomorrow or never.
I was already careful to not have multiple GID/UID. I don't need the hand holding.
_________________
UM780, 6.12 zen kernel, gcc 13, openrc, wayland |
|
| Back to top |
|
|
tholin
Apprentice
Joined: 04 Oct 2008
Posts: 206
|
| Posted: Fri Aug 02, 2019 10:27 am Post subject: |
|
|
| mv wrote: | | Currently, installing all these packages is practically a NOOP if you do have the groups/users already. |
The update didn't go that smoothly for me. Acct-user/qemu broke my setup.
I have a gaming VM using evdev device passthrough. The user running the VM needs direct access to the input devices for that to work. Typically you put the unprivileged user into a group with permission to access the needed hardware resource so I have the "qemu" user in the "input" group. Installing acct-user/qemu will change the group membership of "qemu" to a hardcoded list of only qemu,kvm and not input. The VM will then fail to start with Permission denied.
The GLEP says "The proposal also respects direct sysadmin modifications." but obviously not in this case. |
|
| Back to top |
|
|
pjp
Administrator
Joined: 16 Apr 2002
Posts: 20552
|
| Posted: Fri Aug 02, 2019 5:05 pm Post subject: |
|
|
:(
This ought to have started as an informational tool with a request for problems / bug reports.
It seems likely there will be more scenarios that result in "user mitigation required."
_________________
Quis separabit? Quo animo? |
|
| Back to top |
|
|
mv
Watchman
Joined: 20 Apr 2005
Posts: 6780
|
| Posted: Fri Aug 02, 2019 6:02 pm Post subject: |
|
|
| Anon-E-moose wrote: | | No point other than I just by-passed the whole rigamarole, whether they enable it today, tomorrow or never. |
I doubt that there are plans to enable it for any other reason than testing or for a package which requires a certain number hard-coded.
Actually, apparently this stuff was never tested, since e.g. the group checks with id -g -n are simply faulty (they check for the group of the user with the given number), and this is not the only serious bug in that code: Also the checks with the group strings are broken, and then there is tholin's experience.... |
|
| Back to top |
|
|
Anon-E-moose
Watchman
Joined: 23 May 2008
Posts: 6186
Location: Dallas area
|
| Posted: Fri Aug 02, 2019 6:58 pm Post subject: |
|
|
All I can do is shake my head at some of the responses when reading that thread.
Micro-managing users, database of ids, locking them out when they think they should, it'll make gentoo perfect ... holy horse pucks.
_________________
UM780, 6.12 zen kernel, gcc 13, openrc, wayland |
|
| Back to top |
|
|
pjp
Administrator
Joined: 16 Apr 2002
Posts: 20552
|
| Posted: Fri Aug 02, 2019 7:05 pm Post subject: |
|
|
I didn't see anything notable one way or the other. Mostly people agreeing with each other and some minor points of refinement.
There was another thread prior to that (I only checked the month prior to this and didn't find any others):
[gentoo-dev] [pre-GLEP] User and group management via dedicated packages
_________________
Quis separabit? Quo animo? |
|
| Back to top |
|
|
Anon-E-moose
Watchman
Joined: 23 May 2008
Posts: 6186
Location: Dallas area
|
| Posted: Fri Aug 02, 2019 7:25 pm Post subject: |
|
|
Holy smokes, reading that makes me want to have a "church lady" Ick face.
Edit to add: just the general yes men attitude and only a small handful of devs seemingly deciding on something like this
What I'd like to know is what was the genesis of all this brouhaha.
_________________
UM780, 6.12 zen kernel, gcc 13, openrc, wayland |
|
| Back to top |
|
|
pjp
Administrator
Joined: 16 Apr 2002
Posts: 20552
|
| Posted: Fri Aug 02, 2019 8:05 pm Post subject: |
|
|
I'd imagine enteprise users want it, but why now, no idea.
From the first thread, there is this message:
https://marc.info/?l=gentoo-dev&m=156104012206293&w=2
And the link to the referenced 2017 discussion, I haven't read.
https://marc.info/?t=148553969000003&r=1&w=2
I'd just like to see a mechanism to segregate experimental features as well as alpha and beta testing. Official overlays maybe?
_________________
Quis separabit? Quo animo? |
|
| Back to top |
|
|
Anon-E-moose
Watchman
Joined: 23 May 2008
Posts: 6186
Location: Dallas area
|
| Posted: Fri Aug 02, 2019 8:21 pm Post subject: |
|
|
| pjp wrote: | I'd imagine enteprise users want it, but why now, no idea.
|
I took "people" as some devs or perhaps RH/systemd/FDO or some of the people in it.
I'm pretty sure that most enterprise people have standardized users/groups, at least if they're larger than a dozen or so people.
Given the number of systemd parts in acct-group/user I suspect systemd influence, especially since the one that wrote this GLEP, was an early supporter of systemd, creating an eclass for it, even before it was offically accepted as part of gentoo, as per his blog. But I haven't scoured the web, seeking proof one way or the other.
| Quote: | | I'd just like to see a mechanism to segregate experimental features as well as alpha and beta testing. Official overlays maybe? |
Experimental shouldn't be part of the main repository, IMO. And there should be more that a half-dozen people deciding all of this.
If things like this keep on, I fear for the longevity of gentoo.
But this is all just conjecture on my part, and I've no dog in this race, as I previously mentioned, I've just blocked all acct* stuff.
Anyway, y'all have fun with it.
_________________
UM780, 6.12 zen kernel, gcc 13, openrc, wayland |
|
| Back to top |
|
|
mv
Watchman
Joined: 20 Apr 2005
Posts: 6780
|
| Posted: Sat Aug 03, 2019 6:07 am Post subject: |
|
|
| Anon-E-moose wrote: | | And there should be more that a half-dozen people deciding all of this. |
After they have locked down the dev-ml, this became impossible.
| Quote: | | If things like this keep on, I fear for the longevity of gentoo. |
I no longer do. It is clear that gentoo has become a dead-end. |
|
| Back to top |
|
|
fedeliallalinea
Administrator
Joined: 08 Mar 2003
Posts: 31387
Location: here
|
| Posted: Sat Aug 03, 2019 6:14 am Post subject: |
|
|
| mv wrote: | | Anon-E-moose wrote: | | And there should be more that a half-dozen people deciding all of this. |
After they have locked down the dev-ml, this became impossible. |
https://bugs.gentoo.org/691242
_________________
Questions are guaranteed in life; Answers aren't. |
|
| Back to top |
|
|
Anon-E-moose
Watchman
Joined: 23 May 2008
Posts: 6186
Location: Dallas area
|
| Posted: Sat Aug 03, 2019 10:19 am Post subject: |
|
|
| fedeliallalinea wrote: | | mv wrote: | | Anon-E-moose wrote: | | And there should be more that a half-dozen people deciding all of this. |
After they have locked down the dev-ml, this became impossible. |
https://bugs.gentoo.org/691242 |
Nice, they've opened the corral after the barn has burnt down 
_________________
UM780, 6.12 zen kernel, gcc 13, openrc, wayland |
|
| Back to top |
|
|
mv
Watchman
Joined: 20 Apr 2005
Posts: 6780
|
| Posted: Sat Aug 03, 2019 10:35 am Post subject: |
|
|
| fedeliallalinea wrote: | | mv wrote: | | Anon-E-moose wrote: | | And there should be more that a half-dozen people deciding all of this. |
After they have locked down the dev-ml, this became impossible. |
https://bugs.gentoo.org/691242 |
This sounds good. I haven't tried to post anymore after some posts had been rejected, and I didn't expect a change... |
|
| Back to top |
|
|
Hu
Administrator
Joined: 06 Mar 2007
Posts: 22925
|
| Posted: Sat Aug 03, 2019 3:49 pm Post subject: |
|
|
| I hadn't heard about the relaxation either, so whatever venue(s) were used to announce it apparently don't overlap with what I read. I wonder how many people who should be reading/commenting on that list are ignoring it because they don't know they can post, and didn't see the value in reading it when they were muted. |
|
| Back to top |
|
|
fedeliallalinea
Administrator
Joined: 08 Mar 2003
Posts: 31387
Location: here
|
|
| Back to top |
|
|
Hu
Administrator
Joined: 06 Mar 2007
Posts: 22925
|
| Posted: Sat Aug 03, 2019 8:55 pm Post subject: |
|
|
| I concur with mgorny's points 4(a)-4(c) on -project about the restrictions being harmful. I find it curious, but not curious enough to go looking, how the people who pushed the original proposal either didn't consider those drawbacks or thought that the positives were so strong as to overwhelm those negatives. |
|
| Back to top |
|
|
saellaven
l33t
Joined: 23 Jul 2006
Posts: 655
|
| Posted: Sat Aug 03, 2019 9:40 pm Post subject: |
|
|
| Hu wrote: | | I concur with mgorny's points 4(a)-4(c) on -project about the restrictions being harmful. I find it curious, but not curious enough to go looking, how the people who pushed the original proposal either didn't consider those drawbacks or thought that the positives were so strong as to overwhelm those negatives. |
You mean the same group that is now looking to shut down the forums?
For the better part of maybe a decade or so, we've been dealing with the aftermath of a small group of very active, very vocal devs that have set out to try to turn Gentoo into Red Hat - hal, systemd, getting the Council to drop support for separate /usr without a fragile forced initramfs, usr merge, blocking people from the dev mailing list, campaigning to shut down the forums, wanting to change how groups are managed even if it breaks systems, ignoring FHS, etc.
Very little of what they do is actually engineered or even considered with future consequences in mind... it's all about subverting what has made Gentoo Gentoo, and, if limiting feedback in order to quiet opposition is what they need, then great. Literally, all of the above is from the same group of devs.
_________________
Ryzen 3700X, Asus Prime X570-Pro, 64 GB DDR4 3200, GeForce GTX 1660 Super
openrc-0.17, ~vanilla-sources, ~nvidia-drivers, ~gcc |
|
| Back to top |
|
|
dmpogo
Advocate
Joined: 02 Sep 2004
Posts: 3462
Location: Canada
|
| Posted: Tue Aug 06, 2019 7:14 pm Post subject: What are these acct-group packages ? |
|
|
| I guess subject says its all ... |
|
| Back to top |
|
|
mike155
Advocate
Joined: 17 Sep 2010
Posts: 4438
Location: Frankfurt, Germany
|
| Posted: Tue Aug 06, 2019 7:26 pm Post subject: |
|
|
|
|
| Back to top |
|
|
dmpogo
Advocate
Joined: 02 Sep 2004
Posts: 3462
Location: Canada
|
| Posted: Tue Aug 06, 2019 8:03 pm Post subject: |
|
|
Hm |
|
| Back to top |
|
|
mike155
Advocate
Joined: 17 Sep 2010
Posts: 4438
Location: Frankfurt, Germany
|
|
| Back to top |
|
|
|
Gentoo Chat
