2.0.8-2 uses DynamicUser=true which makes permission management hard
| Task Info (Flyspray) | |
|---|---|
| Opened By | Tim (bastelfreak) |
| Task ID | 71902 |
| Type | Bug Report |
| Project | Community Packages |
| Category | Packages |
| Version | None |
| OS | x86_64 |
| Opened | 2021-08-23 08:29:28 UTC |
| Status | Assigned |
| Assignee | Sébastien Luttringer (seblu) |
Details
Description:
since bird 2.0.8-2 our unit file DynamicUser=true. This makes permission management a bit tricky. On other distributions it's common that a real user is created, it owns the configuration files and also the unix socket. Other services that need to access the socket, for example to extract metrics like https://github.com/czerwonk/bird_exporter/releases does it, run as a separate user and are added to the bird group. This won't work with DynamicUser=true. Are there any huge benefits I miss by using DynamicUser=true?
Additional info:
- package version(s) bird 2.0.8-2 and newer
- config and/or log files etc.
- link to upstream bug report, if any
Steps to reproduce:
- install bird
- try to add another user to the nonexistent bird group
I'm happy to provide a sysusers file or to comaintain/adopt the package, but then it would need to be moved to community.
Cheers, Tim