NIS groups conflict with ports groups

[spk]

Hi,

I'm using FreeBSD 9.1 as my primary workstation at work and I'm having an issue with conflicts with groups that already exist in our NIS environment.

Our NIS domain dates back to the early 90s and unfortunately in the past, a number of low GIDs were used for NIS groups. There's nothing I can do to change this.

Is there a recommended way to handle this e.g. tell ports to start allocating UIDs and GIDs from a specific starting point upwards? Or should I just amend the UID or GID in /usr/ports/UIDs and /usr/ports/GIDs for ports I'm having a problem with?

Cheers,
Steve

 

[spk]

Hi,

In case anyone has a similar issue, a simple work around for my specific situation was to switch to the root user, stop ypbind, install the relevant port and restart ypbind. Be aware that any NIS users or groups etc. will be completely unknown to the system whilst ypbind is stopped.

Cheers,
Steve

 

[fonz]

Is there a recommended way to handle this e.g. tell ports to start allocating UIDs and GIDs from a specific starting point upwards?

Perhaps UID_OFFSET and GID_OFFSET do what you want? In case you can't override them in /etc/make.conf (they are not mentioned in make.conf(5)), they are set in /usr/ports/Mk/bsd.port.mk.

 

[spk]

Perhaps UID_OFFSET and GID_OFFSET do what you want? In case you can't override them in /etc/make.conf (they are not mentioned in make.conf(5)), they are set in /usr/ports/Mk/bsd.port.mk.

Hi,

Thanks for the info - that does sound like a setting that would solve the problem. Does that file not get overwritten by, for example, portsnap when updating though?

Cheers,
Steve

 

[kpa]

Don't edit the files under /usr/ports/Mk, set those variables in make.conf(5).

 

[fonz]

set those variables in make.conf(5)

That would be preferable, indeed. If it works, perhaps someone should file a PR about these variables not being documented in the make.conf(5) man page.

 

[spk]

Hi,

It appears that this setting doesn't work for at least some ports, regardless of if it has been in bsd.port.mk or /etc/make.conf.

I've got the following in /etc/make.conf:

# Offset the starting UID and GID for ports due to low numbers having been
UID_OFFSET?=	65000
GID_OFFSET?=	65000

and have also tried the same in bsd.port.mk:

UID_OFFSET?=	65000
GID_OFFSET?=	65000

but it seems that there is a problem:

if ! pw groupshow cups; then pw groupadd cups -g 193; fi
pw: unknown group `cups'
pw: gid `193' has already been allocated
*** [pre-su-install] Error code 65

Stop in /usr/ports/print/cups-base.
*** [install] Error code 1

Stop in /usr/ports/print/cups-base.
*** [reinstall] Error code 1

Stop in /usr/ports/print/cups-base.

I suppose it's possible that the cups-base port is ignoring this value - that I've not looked into - but I'm wondering if it does anything at all. If it's not used, it would probably explain why it's not documented. Is it likely there's a few ports setting the UID and GID in a 'non-standard' way that ignores these variables?

Cheers,
steve

 

[fonz]

Is it likely there's a few ports setting the UID and GID in a 'non-standard' way that ignores these variables?

Likely? I'm not sure. Possible? Probably. You may want to ask about this on the freebsd-ports mailing list.