From 8dd55415d13cddfcbb87b0e2bfe55171a4624167 Mon Sep 17 00:00:00 2001 From: Adam Williamson Date: Wed, 7 Feb 2024 13:08:47 -0800 Subject: [PATCH] Revert "Use upstream sysusers configuration" This reverts commit 8d38ba4971d7739656747fd99cc0228cb7c1d6e5. It doesn't work, because of a chicken-and-egg problem: we need to create the user account in %pre, but the configuration file is obviously not present on the filesystem when %pre runs. This is a fairly well-known gotcha that's been discussed on devel@ a few times, e.g.: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/EXUGSSEMY2MVVGOFZIK4NBMQB5PWWWNG https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/HFAB4HY2J66367V5HR7XSCFGIIV5ZOVY In the second thread, Rathann and zbyszek recommend using tmpfiles.d snippets for this kind of purpose (needing something in /var owned by a user you want to have created by sysusers), but that's a bit more of a complex change, so I think it makes sense to just revert first then maybe attempt that later. This causes a practical problem: on current Rawhide Workstation live the first two steps of g-i-s are repeated on first boot after install. The way we try to avoid this is by having /var/lib/gnome-initial-setup/state copied to the installed system, but because of this problem, /var/lib/gnome-initial-setup is owned by root.root and g-i-s cannot write to it, so the file is not there to be copied. Note I edited the reversion not to add back the line: BuildRequires: gnome-desktop4 >= %{gnome_desktop_version} because it looks like the removal of that line wasn't really a part of this sysusers change. I also added a comment warning that this problem needs to be handled if anyone attempts to convert to sysusers again. --- gnome-initial-setup.spec | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/gnome-initial-setup.spec b/gnome-initial-setup.spec index f88cd42..f6a8bcf 100644 --- a/gnome-initial-setup.spec +++ b/gnome-initial-setup.spec @@ -58,8 +58,6 @@ BuildRequires: pkgconfig(rest-1.0) %if %{with webkitgtk} BuildRequires: pkgconfig(webkitgtk-6.0) %endif -BuildRequires: systemd-rpm-macros -%{?sysusers_requires_compat} # gnome-initial-setup is being run by gdm Requires: gdm @@ -70,6 +68,10 @@ Requires: gnome-desktop4%{?_isa} >= %{gnome_desktop_version} Requires: polkit-js-engine Requires: /usr/bin/tecla +Requires(pre): shadow-utils + +Provides: user(%name) + # https://fedoraproject.org/wiki/Changes/EncourageI686LeafRemoval ExcludeArch: %{ix86} @@ -96,12 +98,16 @@ you through configuring it. It is integrated with gdm. desktop-file-validate %{buildroot}%{_sysconfdir}/xdg/autostart/gnome-initial-setup-copy-worker.desktop desktop-file-validate %{buildroot}%{_datadir}/applications/gnome-initial-setup.desktop -install -pDm 0644 %{SOURCE1} %{buildroot}%{_datadir}/gnome-initial-setup/ +mkdir -p %{buildroot}%{_datadir}/gnome-initial-setup +cp %{SOURCE1} %{buildroot}%{_datadir}/gnome-initial-setup/ %find_lang %{name} %pre -%sysusers_create_compat %{buildroot}/%{_sysusersdir}/%{name}.conf +# we do not use sysusers yet because we need /var/lib/gnome-initial-setup +# to be owned by the gnome-initial-setup user. please do not convert +# to sysusers without making sure this is handled, maybe by tmpfiles +useradd -rM -d /run/gnome-initial-setup/ -s /sbin/nologin %{name} &>/dev/null || : %files -f %{name}.lang %license COPYING