From: Warren Togami <wtogami-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
To: David Dillow <dave-i1Mk8JYDVaaSihdK6806/g@public.gmane.org>
Cc: Seewer Philippe <philippe.seewer-omB+W0Dpw2o@public.gmane.org>,
initramfs <initramfs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>
Subject: Re: /etc/passwd thoughts
Date: Tue, 16 Jun 2009 14:42:19 -0400 [thread overview]
Message-ID: <4A37E78B.10308@redhat.com> (raw)
In-Reply-To: <1244859170.18551.9.camel-1q1vX8mYZiGLUyTwlgNVppKKF0rrzTr+@public.gmane.org>
On 06/12/2009 10:12 PM, David Dillow wrote:
> On Fri, 2009-06-12 at 23:21 +0200, Seewer Philippe wrote:
>> Actually 95nfs doesn't create its own entry. The part is commented out.
>
> Right; I'm torn on this. We want to support both portmap and rpcbind,
> and at least rpcbind needs a user to run as -- it won't run without it.
> I don't know what portmap wants.
>
> I have it copying the passwd file as that seemed to be the most
> distro-agnostic way I could do it.
>
> I see a few options --
> 1) Copy /etc/passwd from the distro into the initrd; exposes user names,
> but passwords should be in /etc/shadow and hence not copied.
> 2) Make our own users for rpcbind (and portmap if different) and just
> use that. rpcbind gets killed before we transition to root, so the uid
> doesn't have to match up.
It seems the correct way would be:
If rpcbind, then write only the necessary user into the initrd's
/etc/passwd. Do not copy the generating system's /etc/passwd.
Any objections?
Warren Togami
wtogami-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org
--
To unsubscribe from this list: send the line "unsubscribe initramfs" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2009-06-16 18:42 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-06-12 20:19 /etc/passwd thoughts Warren Togami
[not found] ` <4A32B84E.8090603-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2009-06-12 20:20 ` Bill Nottingham
[not found] ` <20090612202045.GA30968-Zdt1ptygihhQcNjhGXsBABcY2uh10dtjAL8bYrjMMd8@public.gmane.org>
2009-06-12 20:23 ` Warren Togami
[not found] ` <4A32B94E.10902-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2009-06-12 21:21 ` Seewer Philippe
[not found] ` <4A32C6CF.9010802-omB+W0Dpw2o@public.gmane.org>
2009-06-13 2:12 ` David Dillow
[not found] ` <1244859170.18551.9.camel-1q1vX8mYZiGLUyTwlgNVppKKF0rrzTr+@public.gmane.org>
2009-06-13 4:04 ` Seewer Philippe
2009-06-16 18:42 ` Warren Togami [this message]
[not found] ` <4A38CABB.9070900@redhat.com>
[not found] ` <4A38CABB.9070900-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2009-06-17 17:08 ` Warren Togami
[not found] ` <4A39231E.8050700-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2009-06-18 17:14 ` Harald Hoyer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4A37E78B.10308@redhat.com \
--to=wtogami-h+wxahxf7alqt0dzr+alfa@public.gmane.org \
--cc=dave-i1Mk8JYDVaaSihdK6806/g@public.gmane.org \
--cc=initramfs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=philippe.seewer-omB+W0Dpw2o@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.