From: Henning Schild <henning.schild@siemens.com>
To: "Schultschik, Sven" <sven.schultschik@siemens.com>
Cc: "isar-users@googlegroups.com" <isar-users@googlegroups.com>
Subject: Re: Fixed user ids
Date: Wed, 1 Sep 2021 17:54:33 +0200 [thread overview]
Message-ID: <20210901175433.2b76961a@md1za8fc.ad001.siemens.net> (raw)
In-Reply-To: <VI1PR10MB3552BBD88F633F96A340146F90CD9@VI1PR10MB3552.EURPRD10.PROD.OUTLOOK.COM>
[-- Attachment #1: Type: text/plain, Size: 2079 bytes --]
Hey,
pre-fixed user ids would be an anti-pattern and would only work if
debian would do it.
If you need files to be owned by a specific user you chown and possibly
chmod them in postinst. Using the name and not an id. You create that
user in case it is not already there.
https://github.com/ilbers/isar/blob/master/doc/user_manual.md#home-directory-contents-prefilling
and here the example postinst
https://github.com/ilbers/isar/blob/master/meta-isar/recipes-app/example-raw/files/postinst
This is also how debian does things. i.e. when a webserver needs the
user "www", all web-server packages would create that user if not
there, and chown/chmod based on the name.
I think every file in a debian package will always belong to root:root,
and deviations need to be chowned in postinst.
Henning
Am Wed, 1 Sep 2021 12:04:57 +0000
schrieb "Schultschik, Sven" <sven.schultschik@siemens.com>:
> Hi ISAR users,
>
>
>
> I’m currently thinking about to freeze the users and group ids.
>
>
>
> I have different ideas in mind, but I wanted to ask which would be
> the best way with ISAR to generate fixed user and group ids.
>
>
>
> Or do you just pre create all needed user accounts before installing
> the packages within the build process?
>
>
>
> Mit freundlichen Grüßen
> Sven Angelo Schultschik
>
> Siemens AG
> Digital Industries
> Process Automation
> Software House Khe
> DI PA DCP R&D 2
> Östliche Rheinbrückenstr. 50
> 76187 Karlsruhe, Deutschland
> Tel.: +49 721 6672-0128
> Mobil: +49 162 4975705
> <mailto:sven.schultschik@siemens.com>
> mailto:sven.schultschik@siemens.com <https://siemens.com>
> www.siemens.com
>
> Siemens Aktiengesellschaft: Vorsitzender des Aufsichtsrats: Jim
> Hagemann Snabe; Vorstand: Roland Busch, Vorsitzender; Cedrik Neike,
> Matthias Rebellius, Ralf P. Thomas, Judith Wiese; Sitz der
> Gesellschaft: Berlin und München, Deutschland; Registergericht:
> Berlin-Charlottenburg, HRB 12300, München, HRB 6684; WEEE-Reg.-Nr. DE
> 23691322
>
[-- Attachment #2: smime.p7s --]
[-- Type: application/pkcs7-signature, Size: 7821 bytes --]
next prev parent reply other threads:[~2021-09-01 15:54 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-01 12:04 Schultschik, Sven
2021-09-01 15:54 ` Henning Schild [this message]
2021-09-02 8:08 ` AW: " Schultschik, Sven
2021-09-02 9:17 ` Henning Schild
2021-09-02 13:48 ` AW: " Schultschik, Sven
2021-09-02 14:37 ` Henning Schild
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210901175433.2b76961a@md1za8fc.ad001.siemens.net \
--to=henning.schild@siemens.com \
--cc=isar-users@googlegroups.com \
--cc=sven.schultschik@siemens.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox