[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] Consiering a host UID/GID upgrade discontinuity (breaking CentOS7 Atomic and F22)

On 04/30/2015 12:50 PM, Colin Walters wrote:
> I posted before about uids/gids:
> https://lists.projectatomic.io/projectatomic-archives/atomic-devel/2015-January/msg00008.html
> OSTree (like Docker) ships numeric uid/gids - the way I think of this, the binaries
> have "fixated" on a particular name -> uid mapping.
>  rpm-ostree grew infrastructure to ensure the fixation remains constant, we don't yet have
> an equivalent for this for either
>  - The Docker base image, which is built using Anaconda in ImageFactory in Koji;
>    see https://github.com/rhinstaller/anaconda/pull/80#issuecomment-94834420
>  - Dockerfiles invoking yum; It is however not too hard to populate /etc/passwd by hand
>    similar to the above
> Anyways on to the actual topic of this post - recently Ian McLeod did some work
> to extract the metadata for a downstream rebuild for CentOS that has the
> uids used in Red Hat Enterprise Linux Atomic Host:
> https://github.com/CentOS/sig-atomic-buildscripts/blob/downstream/passwd
> I'd like to propose using these for both CentOS 7 Atomic and F22 Atomic Host.
> It would break upgrades for CentOS, and F21 -> F22 - but since F22 isn't
> released yet, it's better to do this now.

Can we still do this change now? Does it impact anything else? (/me
wonders if we need a freeze exception or whatnot)

> # Cleanly terminating the current CentOS release
> I can do a special build of into the current branch which would do something like this:
> $ atomic host upgrade
> Checking for updates:
> error: There are no more updates to this branch; see http://wiki.centos.org/SpecialInterestGroup/Atomic/UpgradeDiscontinuity
> And basically the wiki would describe how you'd need to reinstall.
> There are actually OSTree-level tricks we could do to avoid reinstallation,
> but if things like the `ssh_keys` group changes it's a bit tricky.

Can we make sure to have this as a topic for Thursday's meeting (CentOS
SIG) and perhaps the Wednesday Cloud Working Group meeting (Fedora)? In
fact, we might need a Trac ticket for this w/in Fedora. Thoughts?


Joe Brockmeier | Principal Cloud & Storage Analyst
jzb redhat com | http://community.redhat.com/
Twitter: @jzb  | http://dissociatedpress.net/

Attachment: signature.asc
Description: OpenPGP digital signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]