acct-user.eclass
Description
This eclass represents and creates a single user entry. The name
of the user is derived from ${PN}, while (preferred) UID needs to
be specified via ACCT_USER_ID. Additional variables are provided
to override the default home directory, shell and add group
membership. Packages needing the user in question should depend
on the package providing it.
The ebuild needs to call acct-user_add_deps after specifying
ACCT_USER_GROUPS.
Example:
If your package needs user 'foo' belonging to same-named group, you
create acct-user/foo package and add an ebuild with the following
contents:
EAPI=8
inherit acct-user
ACCT_USER_ID=200
ACCT_USER_GROUPS=( foo )
acct-user_add_deps
Then you add appropriate dependencies to your package. Note that
the build system might need to resolve names, too. The dependency
type(s) should be: BDEPEND if the user must be resolvable at build
time (e.g. fowners uses it in src_install), IDEPEND if it must
be resolvable at install time (e.g. fowners uses it in pkg_preinst),
and RDEPEND in every case.
Functions
- acct-user_add_deps
-
Generate appropriate
RDEPENDfromACCT_USER_GROUPS. This must be called ifACCT_USER_GROUPSare set. - acct-user_pkg_pretend
-
Performs sanity checks for correct eclass usage, and early-checks whether requested UID can be enforced.
- acct-user_src_install
-
Installs a keep-file into the user's home directory to ensure it is owned by the package, and
sysusers.dfile. - acct-user_pkg_preinst
-
Creates the user if it does not exist yet. Sets permissions of the home directory in install image.
- acct-user_pkg_postinst
-
Updates user properties if necessary. This needs to be done after new home directory is installed.
- acct-user_pkg_prerm
-
Ensures that the user account is locked out when it is removed.
Variables
- ACCT_USER_ID (REQUIRED)
-
Preferred UID for the new user. This variable is obligatory, and its value must be unique across all user packages. This can be overriden in
make.confthroughACCT_USER_<UPPERCASE_USERNAME>_IDvariable.Overlays should set this to -1 to dynamically allocate UID. Using -1 in ::gentoo is prohibited by policy.
- ACCT_USER_ENFORCE_ID
-
If set to a non-null value, the eclass will require the user to have specified UID. If the user already exists with another UID, or the UID is taken by another user, the install will fail.
- ACCT_USER_NO_MODIFY
-
If set to a non-null value, the eclass will not make any changes to an already existing user.
- ACCT_USER_SHELL ?= -1
-
The shell to use for the user. If not specified, a
nologin`variant for the system is used. This can be overriden inmake.confthroughACCT_USER_<UPPERCASE_USERNAME>_SHELLvariable. - ACCT_USER_HOME ?= /dev/null
-
The home directory for the user. If not specified,
/dev/nullis used. The directory will be created with appropriate permissions if it does not exist. When updating, existing home directory will not be moved. This can be overriden inmake.confthroughACCT_USER_<UPPERCASE_USERNAME>_HOMEvariable. - ACCT_USER_HOME_OWNER
-
The ownership to use for the home directory, in
chown ([user][:group])syntax. Defaults to the newly created user, and its primary group. This can be overriden inmake.confthroughACCT_USER_<UPPERCASE_USERNAME>_HOME_OWNERvariable. - ACCT_USER_HOME_PERMS ?= 0755
-
The permissions to use for the home directory, in
chmod(octal or verbose) form. This can be overriden inmake.confthroughACCT_USER_<UPPERCASE_USERNAME>_HOME_PERMSvariable. - ACCT_USER_GROUPS (REQUIRED)
-
List of groups the user should belong to. This must be a bash array. The first group specified is the user's primary group, while the remaining groups (if any) become supplementary groups.
This can be overriden in
make.confthroughACCT_USER_<UPPERCASE_USERNAME>_GROUPSvariable, or appended to viaACCT_USER_<UPPERCASE_USERNAME>_GROUPS_ADD. Please note that due to technical limitations, the override variables are not arrays but space-separated lists.
Maintainers
Michał Górny <mgorny@gentoo.org>
Reporting Bugs
Please report bugs via https://bugs.gentoo.org/