From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.223.130])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3AD461DA3A
	for <kdevops@lists.linux.dev>; Wed, 17 Apr 2024 18:39:16 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=195.135.223.130
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1713379159; cv=none; b=gkq0Fn+bLO6Eev/sVnpkwLqAZdxyBLwuzgcKUuKoWDl29rUeuGnn2t6Reeq8Yubh2GVX4y7NNwWRSnD83AZHfFR9bSUFGWOaaZAQgKrNVftY8w7PVfITl1UiSaeoRdYqXqZxQscgK3EUjC1qfcTnUw+ASaFjM+9JtjPY8cuioA0=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1713379159; c=relaxed/simple;
	bh=+f+cxBY6FPWGE2ppRg+qaxpbCausTncrdQ3mA4xAGdA=;
	h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version:
	 Content-Type:Content-Disposition:In-Reply-To; b=IVXT3I2D+JQWxDDE0jnKQfDVNtbXgeM0aCKxgK1y6pS7JtjdsD0rNDK5enauFsPcrJmgnbrlvP/MZBD35gsg1RYQeriNpkXc3AzNFgKGf3rb7suWxpBka3suoR6M7m59aZHKXGXz8NFXa4zjf78INsVkVCixhRCqtiWLQH2RMqU=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com; spf=pass smtp.mailfrom=suse.com; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b=Fd+g30Iq; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b=Fd+g30Iq; arc=none smtp.client-ip=195.135.223.130
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=suse.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b="Fd+g30Iq";
	dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b="Fd+g30Iq"
Received: from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org [10.150.64.97])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by smtp-out1.suse.de (Postfix) with ESMTPS id 3623234052;
	Wed, 17 Apr 2024 18:39:15 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1;
	t=1713379155; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:
	 mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=u5k6v6v1P9Rznk2CcpnME3L3Zx1kMr/F53idkmPPD64=;
	b=Fd+g30IqhWJAof9sf6nY2IiVOYjAFxdMpFDJ6/5O2ZNkHh5SR9CHDd4QZ6EU1df23NpuT6
	kNC2E9aaewVj4C0jrjeKxrTb3aaUWut9YL0VVT10AzvLV1WkO1b9IdEPQAkfh7NxHqxPxA
	7Z8dQoxa36HPq/1gszwWGcKVCDIsUeU=
Authentication-Results: smtp-out1.suse.de;
	none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1;
	t=1713379155; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:
	 mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=u5k6v6v1P9Rznk2CcpnME3L3Zx1kMr/F53idkmPPD64=;
	b=Fd+g30IqhWJAof9sf6nY2IiVOYjAFxdMpFDJ6/5O2ZNkHh5SR9CHDd4QZ6EU1df23NpuT6
	kNC2E9aaewVj4C0jrjeKxrTb3aaUWut9YL0VVT10AzvLV1WkO1b9IdEPQAkfh7NxHqxPxA
	7Z8dQoxa36HPq/1gszwWGcKVCDIsUeU=
Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id C67011384C;
	Wed, 17 Apr 2024 18:39:14 +0000 (UTC)
Received: from dovecot-director2.suse.de ([10.150.64.162])
	by imap1.dmz-prg2.suse.org with ESMTPSA
	id YQMILVIXIGYKJwAAD6G6ig
	(envelope-from <ailiop@suse.com>); Wed, 17 Apr 2024 18:39:14 +0000
Date: Wed, 17 Apr 2024 20:39:14 +0200
From: Anthony Iliopoulos <ailiop@suse.com>
To: Chuck Lever III <chuck.lever@oracle.com>
Cc: Luis Chamberlain <mcgrof@kernel.org>,
	Goldwyn Rodrigues <rgoldwyn@suse.com>, Chuck Lever <cel@kernel.org>,
	"kdevops@lists.linux.dev" <kdevops@lists.linux.dev>
Subject: Re: [RFC PATCH 00/22] Replace community.general.zypper
Message-ID: <ZiAXUl40mioYkDLW@technoir>
References: <20240412174655.722290-1-cel@kernel.org>
 <Zhl90nHURmr8YVPZ@bombadil.infradead.org>
 <07EFB56F-77BC-4AA0-AACC-82BF29A1E702@oracle.com>
 <CA+s2b-GbNqFPncbfeLdDYzQ+-Qsp1f05ORseOg+QVZzB-UYS=w@mail.gmail.com>
 <Zh2X6CruD1Zc3xPx@tissot.1015granger.net>
 <CA+s2b-GByoYUcVPDt5pt_vSn8UMbPdE=61zE7z26Y+9hBTRhbA@mail.gmail.com>
 <B1D9CD76-7AC6-476D-916D-25E5BCF140E6@oracle.com>
 <Zh2sgs2R-V34kdTJ@technoir>
 <59DA8D9D-273B-4737-A4E8-0DC39E839145@oracle.com>
Precedence: bulk
X-Mailing-List: kdevops@lists.linux.dev
List-Id: <kdevops.lists.linux.dev>
List-Subscribe: <mailto:kdevops+subscribe@lists.linux.dev>
List-Unsubscribe: <mailto:kdevops+unsubscribe@lists.linux.dev>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <59DA8D9D-273B-4737-A4E8-0DC39E839145@oracle.com>
X-Spam-Flag: NO
X-Spam-Score: -3.80
X-Spam-Level: 
X-Spamd-Result: default: False [-3.80 / 50.00];
	BAYES_HAM(-3.00)[100.00%];
	NEURAL_HAM_LONG(-1.00)[-1.000];
	MID_RHS_NOT_FQDN(0.50)[];
	NEURAL_HAM_SHORT(-0.20)[-1.000];
	MIME_GOOD(-0.10)[text/plain];
	TO_DN_EQ_ADDR_SOME(0.00)[];
	ARC_NA(0.00)[];
	RCVD_TLS_ALL(0.00)[];
	MIME_TRACE(0.00)[0:+];
	MISSING_XM_UA(0.00)[];
	TO_DN_SOME(0.00)[];
	RCVD_VIA_SMTP_AUTH(0.00)[];
	DKIM_SIGNED(0.00)[suse.com:s=susede1];
	FUZZY_BLOCKED(0.00)[rspamd.com];
	FROM_HAS_DN(0.00)[];
	RCPT_COUNT_FIVE(0.00)[5];
	FROM_EQ_ENVFROM(0.00)[];
	TO_MATCH_ENVRCPT_ALL(0.00)[];
	RCVD_COUNT_TWO(0.00)[2];
	DBL_BLOCKED_OPENRESOLVER(0.00)[suse.com:email,imap1.dmz-prg2.suse.org:helo,imap1.dmz-prg2.suse.org:rdns]

On Wed, Apr 17, 2024 at 04:57:23PM +0000, Chuck Lever III wrote:
> 
> 
> > On Apr 15, 2024, at 6:38 PM, Anthony Iliopoulos <ailiop@suse.com> wrote:
> > 
> > On Mon, Apr 15, 2024 at 09:41:38PM +0000, Chuck Lever III wrote:
> >> 
> >> 
> >>> On Apr 15, 2024, at 5:35 PM, Goldwyn Rodrigues <rgoldwyn@suse.com> wrote:
> >>> 
> >>> On Mon, Apr 15, 2024 at 4:11 PM Chuck Lever <chuck.lever@oracle.com> wrote:
> >>>> 
> >>>> On Mon, Apr 15, 2024 at 03:32:59PM -0500, Goldwyn Rodrigues wrote:
> >>>>> On Mon, Apr 15, 2024 at 9:39 AM Chuck Lever III <chuck.lever@oracle.com> wrote:
> >>>>>> 
> >>>>>> I've been able to test some of this series with OpenSuSE 15.3.
> >>>>>> Found and fixed one bug. I've pushed the result to:
> >>>>>> 
> >>>>>> https://github.com/chucklever/kdevops/tree/replace-zypper-module
> >>>>>> 
> >>>>>> However it looks like the fstests workflow hasn't been tested
> >>>>>> on SuSE for quite some time.
> >>>>>> 
> >>>>>> OpenSuSE doesn't like the group name "123456-fsgqa" (and probably
> >>>>>> the user name is rejected too, but kdevops tries the group first,
> >>>>>> and that's where the workflow fails).
> >>>>> 
> >>>>> I am able to add users without any issue here.
> >>>> 
> >>>> Is "here" on an OpenSuSE 15.3 system? I did log into the test system
> >>>> and try "groupadd" directly, and it failed in the same way.
> >>> 
> >>> openSUSE Tumbleweed, but I am sure nothing has changed since openSUSE 15.3
> >>> I am able to add the group 123456-fsgqa. However, if you have added a
> >>> 123456-fsgqa *user* before it may fail. What is the error message you
> >>> get?
> >> 
> >> TASK [fstests : Add missing groups for fstests] ************************************************************************************************
> >> changed: [cel-tmpfs-default] => (item=Ensuring the group sys exists)
> >> failed: [cel-tmpfs-default] (item=Ensuring the group 123456-fsgqa exists) => {
> >>    "ansible_loop_var": "item",
> >>    "changed": false,
> >>    "item": "123456-fsgqa",
> >>    "name": "123456-fsgqa"
> >> }
> >> 
> >> MSG:
> >> 
> >> groupadd: '123456-fsgqa' is not a valid group name
> >> 
> >> I logged in at the time, and tried by hand:
> >> 
> >> cel-tmpfs-default:~ # groupadd 123456-fsgqa
> >> groupadd: '123456-fsgqa' is not a valid group name
> >> cel-tmpfs-default:~ #
> > 
> > The issue is that SLE is using shadow v4.8, and it doesn't allow
> > user/group names starting with digits. This was later on relaxed via
> > shadow upstream commit cfc981df2afc ("shadow: use relaxed usernames")
> > which was released in v4.13. This is why this works in TW.
> > 
> > I had a local old kdevops patch that did "useradd --badnames -U" to
> > bypass the check for SLE.
> 
> Thanks for the suggestion!
> 
> The current playbooks/roles/fstests/tasks/main.yml uses
> the ansible.builtin.group and ansible.builtin.user
> modules, neither of which have a "badname" parameter.

Yes I don't think this was ever implemented in ansible, or at least I
don't see anything from a quick look at [1].

The way I had fixed this for SLE was along the lines of:

diff --git a/playbooks/roles/fstests/tasks/main.yml b/playbooks/roles/fstests/tasks/main.yml
index 63531f618b4b..e4cc1fa9bfb6 100644
--- a/playbooks/roles/fstests/tasks/main.yml
+++ b/playbooks/roles/fstests/tasks/main.yml
@@ -872,6 +872,7 @@
   group:
     name: "{{ item }}"
     state: present
+  command: "useradd --badnames -U {{ item }}"
   with_items:
     - sys
     - 123456-fsgqa

> I also looked at Fedora's useradd, and it does not have
> "--badname" either.

Which fedora release is that? I can see it in f39 at least, and I think
it has been available since f32 which ships shadow-utils v4.8.1 [2] (the
--badname(s) option was introduced in shadow v4.8, commit a2cd3e9ef03a).

Likewise for debian, so I suppose all kdevops-supported distros should
have this available.

Regards,
Anthony

[1] https://github.com/ansible/ansible/blob/devel/lib/ansible/modules/user.py
[2] https://src.fedoraproject.org/rpms/shadow-utils/blob/f32/f/shadow-utils.spec