summaryrefslogtreecommitdiffstats
path: root/sysusers.d
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 15:35:18 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 15:35:18 +0000
commitb750101eb236130cf056c675997decbac904cc49 (patch)
treea5df1a06754bdd014cb975c051c83b01c9a97532 /sysusers.d
parentInitial commit. (diff)
downloadsystemd-b750101eb236130cf056c675997decbac904cc49.tar.xz
systemd-b750101eb236130cf056c675997decbac904cc49.zip
Adding upstream version 252.22.upstream/252.22
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'sysusers.d')
-rw-r--r--sysusers.d/README8
-rw-r--r--sysusers.d/basic.conf.in41
-rw-r--r--sysusers.d/meson.build39
-rw-r--r--sysusers.d/systemd-coredump.conf8
-rw-r--r--sysusers.d/systemd-journal.conf.in8
-rw-r--r--sysusers.d/systemd-network.conf.in8
-rw-r--r--sysusers.d/systemd-oom.conf8
-rw-r--r--sysusers.d/systemd-remote.conf8
-rw-r--r--sysusers.d/systemd-resolve.conf.in8
-rw-r--r--sysusers.d/systemd-timesync.conf.in8
10 files changed, 144 insertions, 0 deletions
diff --git a/sysusers.d/README b/sysusers.d/README
new file mode 100644
index 0000000..df3049c
--- /dev/null
+++ b/sysusers.d/README
@@ -0,0 +1,8 @@
+Files in this directory contain configuration for systemd-sysusers, a program
+to allocate system users and groups.
+
+See man:sysusers.d(5) for explanation of the configuration file format, and
+man:systemd-sysusers(8) for a description of when and how this configuration is
+applied.
+
+Use 'systemd-analyze cat-config sysusers.d' to display the effective config.
diff --git a/sysusers.d/basic.conf.in b/sysusers.d/basic.conf.in
new file mode 100644
index 0000000..0aec080
--- /dev/null
+++ b/sysusers.d/basic.conf.in
@@ -0,0 +1,41 @@
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+
+# The superuser
+g root 0 - -
+u root 0:0 "Super User" /root
+
+# The nobody user/group for NFS file systems
+g {{NOBODY_GROUP_NAME}} 65534 - -
+u {{NOBODY_USER_NAME }} 65534:65534 "Kernel Overflow User" -
+
+# Administrator group: can *see* more than normal users
+g adm {{ADM_GID }} - -
+
+# Administrator group: can *do* more than normal users
+g wheel {{WHEEL_GID }} - -
+
+# Access to shared database of users on the system
+g utmp {{UTMP_GID }} - -
+
+# Physical and virtual hardware access groups
+g audio {{AUDIO_GID }} - -
+g cdrom {{CDROM_GID }} - -
+g dialout {{DIALOUT_GID}} - -
+g disk {{DISK_GID }} - -
+g input {{INPUT_GID }} - -
+g kmem {{KMEM_GID }} - -
+g kvm {{KVM_GID }} - -
+g lp {{LP_GID }} - -
+g render {{RENDER_GID }} - -
+g sgx {{SGX_GID }} - -
+g tape {{TAPE_GID }} - -
+g tty {{TTY_GID }} - -
+g video {{VIDEO_GID }} - -
+
+# Default group for normal users
+g users {{USERS_GID }} - -
diff --git a/sysusers.d/meson.build b/sysusers.d/meson.build
new file mode 100644
index 0000000..608c4b7
--- /dev/null
+++ b/sysusers.d/meson.build
@@ -0,0 +1,39 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+files = [['README', ''],
+ ['systemd-coredump.conf', 'ENABLE_COREDUMP'],
+ ['systemd-oom.conf', 'ENABLE_OOMD']]
+
+foreach pair : files
+ if not enable_sysusers
+ # do nothing
+ elif pair[1] == '' or conf.get(pair[1]) == 1
+ install_data(pair[0], install_dir : sysusersdir)
+ else
+ message('Not installing sysusers.d/@0@ because @1@ is @2@'
+ .format(pair[0], pair[1], conf.get(pair[1], 0)))
+ endif
+endforeach
+
+
+if enable_sysusers and conf.get('ENABLE_REMOTE') == 1 and conf.get('HAVE_MICROHTTPD') == 1
+ install_data('systemd-remote.conf', install_dir : sysusersdir)
+endif
+
+
+in_files = [['basic.conf', enable_sysusers],
+ ['systemd-journal.conf', enable_sysusers],
+ ['systemd-network.conf', enable_sysusers and conf.get('ENABLE_NETWORKD') == 1],
+ ['systemd-resolve.conf', enable_sysusers and conf.get('ENABLE_RESOLVE') == 1],
+ ['systemd-timesync.conf', enable_sysusers and conf.get('ENABLE_TIMESYNCD') == 1]]
+
+foreach tuple : in_files
+ file = tuple[0]
+ custom_target(
+ file,
+ input : file + '.in',
+ output: file,
+ command : [jinja2_cmdline, '@INPUT@', '@OUTPUT@'],
+ install : tuple[1],
+ install_dir : sysusersdir)
+endforeach
diff --git a/sysusers.d/systemd-coredump.conf b/sysusers.d/systemd-coredump.conf
new file mode 100644
index 0000000..c4ff003
--- /dev/null
+++ b/sysusers.d/systemd-coredump.conf
@@ -0,0 +1,8 @@
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+
+u systemd-coredump - "systemd Core Dumper"
diff --git a/sysusers.d/systemd-journal.conf.in b/sysusers.d/systemd-journal.conf.in
new file mode 100644
index 0000000..61768b2
--- /dev/null
+++ b/sysusers.d/systemd-journal.conf.in
@@ -0,0 +1,8 @@
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+
+g systemd-journal {{SYSTEMD_JOURNAL_GID}} -
diff --git a/sysusers.d/systemd-network.conf.in b/sysusers.d/systemd-network.conf.in
new file mode 100644
index 0000000..7c64a46
--- /dev/null
+++ b/sysusers.d/systemd-network.conf.in
@@ -0,0 +1,8 @@
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+
+u systemd-network {{SYSTEMD_NETWORK_UID}} "systemd Network Management"
diff --git a/sysusers.d/systemd-oom.conf b/sysusers.d/systemd-oom.conf
new file mode 100644
index 0000000..27e571f
--- /dev/null
+++ b/sysusers.d/systemd-oom.conf
@@ -0,0 +1,8 @@
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+
+u systemd-oom - "systemd Userspace OOM Killer"
diff --git a/sysusers.d/systemd-remote.conf b/sysusers.d/systemd-remote.conf
new file mode 100644
index 0000000..ca20c24
--- /dev/null
+++ b/sysusers.d/systemd-remote.conf
@@ -0,0 +1,8 @@
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+
+u systemd-journal-remote - "systemd Journal Remote"
diff --git a/sysusers.d/systemd-resolve.conf.in b/sysusers.d/systemd-resolve.conf.in
new file mode 100644
index 0000000..9f02ef9
--- /dev/null
+++ b/sysusers.d/systemd-resolve.conf.in
@@ -0,0 +1,8 @@
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+
+u systemd-resolve {{SYSTEMD_RESOLVE_UID}} "systemd Resolver"
diff --git a/sysusers.d/systemd-timesync.conf.in b/sysusers.d/systemd-timesync.conf.in
new file mode 100644
index 0000000..e50f025
--- /dev/null
+++ b/sysusers.d/systemd-timesync.conf.in
@@ -0,0 +1,8 @@
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+
+u systemd-timesync {{SYSTEMD_TIMESYNC_UID}} "systemd Time Synchronization"