Bug #15854: Re-add UID/GID stability checks on feature/buster

Bug #15854

Re-add UID/GID stability checks on feature/buster

Added by hefee 2018-08-27 19:25:14 . Updated 2019-01-08 14:36:43 .

Status:

Resolved

Priority:

Normal

Assignee:

Category:

Target version:

Tails_4.0

Start date:

2018-08-27

Due date:

% Done:

100%

Feature Branch:

bugfix/15690-stop-installing-all-priority-standard-packages

Type of work:

Code

Blueprint:

Starter:

Affected tool:

Deliverable for:

Description

As the base system changes to much with buster - the underlying system groups also changes, so we can’t keep the GIDs from further versions.
At the moment we just remove the script, t get the iso being build.

Subtasks

Related issues

Related to Tails - ~~Bug #16322~~: Polish 04-change-gids-and-uids code style	Resolved	2019-01-08
Blocked by Tails - ~~Bug #15690~~: Stop installing all "Priority: standard" packages only to remove some of them later	Resolved	2018-06-29

History

#1 Updated by intrigeri 2018-08-30 04:47:47

Status changed from New to Confirmed

#2 Updated by intrigeri 2018-08-30 04:48:14

related to ~~Bug #15689~~: Test if overlayfs is affected by the DAC bug wrt. incremental upgrades changing UID/GID added

#3 Updated by intrigeri 2018-08-30 04:48:29

related to deleted (~~~~Bug #15689~~: Test if overlayfs is affected by the DAC bug wrt. incremental upgrades changing UID/GID~~)

#4 Updated by intrigeri 2018-08-30 04:48:40

blocked by ~~Bug #15689~~: Test if overlayfs is affected by the DAC bug wrt. incremental upgrades changing UID/GID added

#5 Updated by intrigeri 2019-01-04 10:43:20

The purpose of this script is to avoid breaking automatic (incremental) upgrades. There will be no incremental upgrade from Tails 3.x to 4.0 so it’s fine if the UIDs and GIDs change in 4.0. But later on, if UIDs/GIDs change in a version after 4.0, config/chroot_local-hooks/99-zzz_check_uids_and_gids needs to spot the problem and 04-change-gids-and-uids needs to fix it. So I would recommend this course of action:

bring back config/chroot_local-hooks/99-zzz_check_uids_and_gids on feature/buster
update /usr/share/tails/build/{passwd,group} on feature/buster so this check passes
bring back 04-change-gids-and-uids on feature/buster, make it a no-op for now (we don’t need it in 4.0 so no need to call any of the functions in that file) but keep the relevant code and comments around so they’re handily available next time we need them

#6 Updated by intrigeri 2019-01-04 10:43:41

Subject changed from Decide what to do with 04-change-gids-and-uids to Re-add UID/GID stability checks on feature/buster

#7 Updated by intrigeri 2019-01-04 16:45:57

blocked by ~~Bug #15690~~: Stop installing all "Priority: standard" packages only to remove some of them later added

#8 Updated by intrigeri 2019-01-04 17:57:15

Assignee set to intrigeri
Feature Branch set to bugfix/15690-stop-installing-all-priority-standard-packages

#9 Updated by intrigeri 2019-01-04 19:53:40

Status changed from Confirmed to In Progress

Applied in changeset commit:tails|f2f255e11c4171240890e189eeb520d6222b910f.

#10 Updated by intrigeri 2019-01-04 20:46:43

Assignee changed from intrigeri to CyrilBrulebois
% Done changed from 0 to 50
QA Check set to Ready for QA

#11 Updated by intrigeri 2019-01-04 20:47:56

blocks deleted (~~~~Bug #15689~~: Test if overlayfs is affected by the DAC bug wrt. incremental upgrades changing UID/GID~~)

#12 Updated by hefee 2019-01-07 22:22:50

Assignee changed from CyrilBrulebois to hefee

#13 Updated by hefee 2019-01-07 23:23:07

Assignee changed from hefee to intrigeri
% Done changed from 50 to 80
QA Check changed from Ready for QA to Dev Needed

updated passwd and groups are tested by Jenkins anyways. So I don’t check those additionally.
The 04-change-gids-and-uids looks fine just nip-picking:

add a comment on the top, how to use this script / what it is doing and comments for each function, what it does and how to use it.
don’t mix ${var} with $var
recommend to use CAPS variable names for arguments and lowercase for local variables.

#14 Updated by intrigeri 2019-01-08 09:49:00

QA Check changed from Dev Needed to Pass

> updated passwd and groups are tested by Jenkins anyways. So I don’t check those additionally.
> The 04-change-gids-and-uids looks fine just nip-picking:
> * add a comment on the top, how to use this script / what it is doing and comments for each function, what it does and how to use it.
> * don’t mix ${var} with $var
> * recommend to use CAPS variable names for arguments and lowercase for local variables.

Good ideas. IMO this should be done on a branch forked off devel (no reason to carry it as part of the devel…feature/buster delta) ⇒ filed ~~Bug #16322~~ to track this.

#15 Updated by intrigeri 2019-01-08 10:04:44

related to ~~Bug #16322~~: Polish 04-change-gids-and-uids code style added

#16 Updated by intrigeri 2019-01-08 14:36:11

Status changed from In Progress to Resolved
% Done changed from 80 to 100

Applied in changeset commit:tails|eaeb426fc196d0840f3f7c2b8832f144610e5469.

#17 Updated by intrigeri 2019-01-08 14:36:43

Assignee deleted (~~intrigeri~~)