From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([209.51.188.92]:35443) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h0lXn-0001VA-A6 for guix-patches@gnu.org; Mon, 04 Mar 2019 06:14:04 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1h0lXm-0004gs-EY for guix-patches@gnu.org; Mon, 04 Mar 2019 06:14:03 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:45467) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1h0lXm-0004gk-9x for guix-patches@gnu.org; Mon, 04 Mar 2019 06:14:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1h0lXl-0006B1-Vm for guix-patches@gnu.org; Mon, 04 Mar 2019 06:14:02 -0500 Subject: [bug#34730] [PATCH 0/4] Add (gnu build accounts) and use it to create /etc/passwd & co. Resent-Message-ID: Received: from eggs.gnu.org ([209.51.188.92]:35125) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h0lWf-0001Nr-RE for guix-patches@gnu.org; Mon, 04 Mar 2019 06:12:54 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1h0lWe-0003Kr-Og for guix-patches@gnu.org; Mon, 04 Mar 2019 06:12:53 -0500 From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Date: Mon, 4 Mar 2019 12:12:13 +0100 Message-Id: <20190304111213.8436-1-ludo@gnu.org> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: 34730@debbugs.gnu.org Hello Guix! This patch series adds a new module, (gnu build accounts), and uses it to create /etc/{passwd,group,shadow} upon system activation. This replaces functionality currently provided by the Shadow command-line tools (=E2=80=98useradd=E2=80=99, =E2=80=98usermod=E2=80=99,= etc.) and libc (=E2=80=98getspnam=E2=80=99, =E2=80=98putpwent=E2=80=99, and all these wonderful APIs.) It=E2=80=99s more code on our side, but it=E2=80=99s overall much less co= de involved to create those databases. The code makes the UID/GID allocation strategy and state handling (preserving passwords and UIDs/GIDs, not reusing currently-used UIDs/GIDs, etc.) much clearer and auditable. Previously all this was buried in imperative calls to =E2=80=98useradd=E2= =80=99 & co., which in turn have an ID allocation strategy baked deep down into the Shadow code. As a side effect the system boots slightly faster and we get PIDs starting at ~190 instead of ~300 on a bare-bones system. :-) Feedback welcome! Ludo=E2=80=99. Ludovic Court=C3=A8s (4): system: Add (gnu system accounts). activation: Operate on and records. Add (gnu build accounts). activation: Build account databases with (gnu build accounts). Makefile.am | 1 + gnu/build/accounts.scm | 561 +++++++++++++++++++++++++++++++++++++++ gnu/build/activation.scm | 245 +++-------------- gnu/build/install.scm | 3 +- gnu/local.mk | 2 + gnu/system/accounts.scm | 109 ++++++++ gnu/system/shadow.scm | 92 +++---- tests/accounts.scm | 309 +++++++++++++++++++++ 8 files changed, 1061 insertions(+), 261 deletions(-) create mode 100644 gnu/build/accounts.scm create mode 100644 gnu/system/accounts.scm create mode 100644 tests/accounts.scm --=20 2.21.0