Accepting request 1303598 from Base:System

OBS-URL: https://build.opensuse.org/request/show/1303598
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/system-users?expand=0&rev=34

system-user-bin.conf

@@ -1,4 +1,2 @@
 # Type Name ID GECOS [HOME]
-g bin 1
+u! bin 1 bin /bin
-m daemon bin
-u bin 1 bin /bin

system-user-daemon.conf

@@ -1,3 +1,2 @@
 # Type Name ID GECOS [HOME]
-g daemon 2
+u! daemon 2 Daemon /sbin
-u daemon 2 Daemon /sbin

system-user-ftp.conf

@@ -1,2 +1,2 @@
 # Type Name ID GECOS [HOME]
-u ftp - "FTP Account" /srv/ftp
+u! ftp - "FTP Account" /srv/ftp

system-user-games.conf

@@ -1,2 +1,2 @@
 # Type Name ID GECOS [HOME]
-u games - "Games account" /var/games
+u! games - "Games account" /var/games

system-user-lp.conf

@@ -1,2 +1,2 @@
 # Type Name ID GECOS [HOME]
-u lp - "Printing daemon" /var/spool/lpd
+u! lp - "Printing daemon" /var/spool/lpd

system-user-mail.conf

@@ -1,2 +1,2 @@
 # Type Name ID GECOS [HOME]
-u mail - "Mailer daemon" /var/spool/clientmqueue
+u! mail - "Mailer daemon" /var/spool/clientmqueue

system-user-man.conf

@@ -1,3 +1,3 @@
 # Type Name ID GECOS [HOME]
 g man 62
-u man 13 "Manual pages viewer" /var/lib/empty
+u! man 13 "Manual pages viewer" /var/lib/empty

system-user-news.conf

@@ -1,2 +1,2 @@
 # Type Name ID GECOS [HOME]
-u news - "News system" /etc/news
+u! news - "News system" /etc/news

system-user-nobody.conf

@@ -1,4 +1,3 @@
 # Type Name ID GECOS [HOME]
 g nogroup 65533
-g nobody 65534
+u! nobody 65534 "nobody" /var/lib/nobody -
-u nobody 65534 "nobody" /var/lib/nobody -

system-user-ntp.conf

@@ -1,2 +1,2 @@
 # Type Name ID GECOS [HOME]
-u ntp - "NTP account" /var/lib/ntp
+u! ntp - "NTP account" /var/lib/ntp

system-user-qemu.conf

@@ -1,4 +1,3 @@
 # Type Name ID GECOS [HOME]
-g qemu 107
+u! qemu 107 "qemu user"
-u qemu 107 "qemu user"
 m qemu kvm

system-user-tftp.conf

@@ -1,2 +1,2 @@
 # Type Name ID GECOS [HOME]
-u tftp - "TFTP Account" /srv/tftpboot
+u! tftp - "TFTP Account" /srv/tftpboot

system-user-tss.conf

@@ -1,2 +1,2 @@
 # Type Name ID GECOS [HOME]
-u tss 98 "TSS daemon" /var/lib/tpm
+u! tss 98 "TSS daemon" /var/lib/tpm

system-user-upsd.conf

@@ -1,3 +1,2 @@
 # Type Name ID GECOS [HOME]
-u upsd - "UPS daemon" /var/lib/empty
+u! upsd - "UPS daemon" /var/lib/empty
-m upsd daemon

system-user-uucp.conf

@@ -1,3 +1,3 @@
 # Type Name ID GECOS [HOME]
-u uucp - "Unix-to-Unix CoPy system" /etc/uucp
+u! uucp - "Unix-to-Unix CoPy system" /etc/uucp
 m uucp lock

system-user-uuidd.conf

@@ -1,2 +1,2 @@
 # Type Name ID GECOS [HOME]
-u uuidd - "User for uuidd" /var/run/uuidd
+u! uuidd - "User for uuidd" /var/run/uuidd

system-user-vscan.conf

@@ -1,3 +1,2 @@
 # Type Name ID GECOS [HOME]
-g vscan 65 - -
+u! vscan 65 "Vscan account" /var/spool/amavis
-u vscan 65 "Vscan account" /var/spool/amavis

system-user-wwwrun.conf

@@ -1,4 +1,4 @@
 # Type Name ID GECOS [HOME]
 g www -
-u wwwrun - "WWW daemon apache" /var/lib/wwwrun
+u! wwwrun - "WWW daemon apache" /var/lib/wwwrun
 m wwwrun www

system-users.changes

@@ -1,3 +1,16 @@
+-------------------------------------------------------------------
+Mon Aug 25 09:01:05 UTC 2025 - Jan Engelhardt <jengelh@inai.de>
+
+- Remove old and now implicit %defattr lines
+- Use noun phrase for descriptions
+- Reduce calls to mkdir
+
+-------------------------------------------------------------------
+Fri Aug 22 14:27:27 UTC 2025 - Thorsten Kukuk <kukuk@suse.com>
+
+- Use fully locked user accounts
+- Remove daemon as second group
+
 -------------------------------------------------------------------
 Wed Mar 12 09:31:26 UTC 2025 - Thorsten Kukuk <kukuk@suse.com>
 

system-users.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package system-users
 #
-# Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2025 SUSE LLC and contributors
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,9 +17,9 @@
 
 
 Name:           system-users
-Version:        20170617
+Version:        20250822
 Release:        0
-Summary:        Provide system accounts
+Summary:        Provider for system accounts
 License:        MIT
 Group:          System/Fhs
 Source1:        system-user-uucp.conf
@@ -54,9 +54,7 @@ This package provides various system users and their directories
 
 %package -n system-user-bin
 Summary:        System user and group 'bin'
-#!BuildIgnore:  user(daemon)
 Group:          System/Fhs
-Requires(pre):  user(daemon)
 %{sysusers_requires}
 
 %description -n system-user-bin
@@ -178,9 +176,7 @@ This package provides the system account and group 'nobody'.
 
 %package -n system-user-upsd
 Summary:        System user upsd
-#!BuildIgnore:  group(daemon)
 Group:          System/Fhs
-Requires(pre):  group(daemon)
 %{sysusers_requires}
 
 %description -n system-user-upsd
@@ -252,7 +248,7 @@ Group:          System/Fhs
 This package provides the system user and group 'ntp'.
 
 %prep
-%setup -q -c -T
+%autosetup -c
 
 %build
 %sysusers_generate_pre %{SOURCE1} uucp system-user-uucp.conf
@@ -280,20 +276,21 @@ This package provides the system user and group 'ntp'.
 %sysusers_generate_pre %{SOURCE25} ntp system-user-ntp.conf
 
 %install
-mkdir -p %{buildroot}%{_sysusersdir}
+mkdir -pv \
-mkdir -p %{buildroot}%{_sysconfdir}/uucp
+	%{buildroot}%{_sysusersdir} \
-mkdir -p %{buildroot}%{_sysconfdir}/news
+	%{buildroot}%{_sysconfdir}/uucp \
-mkdir -p %{buildroot}%{_localstatedir}/games
+	%{buildroot}%{_sysconfdir}/news \
-mkdir -p %{buildroot}%{_localstatedir}/lib/ntp
+	%{buildroot}%{_localstatedir}/games \
-mkdir -p %{buildroot}%{_localstatedir}/lib/wwwrun
+	%{buildroot}%{_localstatedir}/lib/ntp \
-mkdir -p %{buildroot}%{_localstatedir}/spool/amavis
+	%{buildroot}%{_localstatedir}/lib/wwwrun \
-mkdir -p %{buildroot}%{_localstatedir}/spool/clientmqueue
+	%{buildroot}%{_localstatedir}/spool/amavis \
-mkdir -p %{buildroot}%{_localstatedir}/spool/lpd
+	%{buildroot}%{_localstatedir}/spool/clientmqueue \
-mkdir -p %{buildroot}%{_localstatedir}/run/uuidd
+	%{buildroot}%{_localstatedir}/spool/lpd \
-mkdir -p %{buildroot}/srv/ftp
+	%{buildroot}%{_localstatedir}/run/uuidd \
-mkdir -p %{buildroot}%{_localstatedir}/lib/nobody
+	%{buildroot}/srv/ftp \
-mkdir -p %{buildroot}/srv/tftpboot
+	%{buildroot}%{_localstatedir}/lib/nobody \
-mkdir -p %{buildroot}/var/lib/tpm
+	%{buildroot}/srv/tftpboot \
+	%{buildroot}/var/lib/tpm
 install -m 644 %{SOURCE1} %{buildroot}%{_sysusersdir}/system-user-uucp.conf
 install -m 644 %{SOURCE2} %{buildroot}%{_sysusersdir}/system-user-games.conf
 install -m 644 %{SOURCE3} %{buildroot}%{_sysusersdir}/system-user-bin.conf
@@ -365,106 +362,83 @@ install -m 644 %{SOURCE25} %{buildroot}%{_sysusersdir}/system-user-ntp.conf
 %pre -n system-user-ntp -f ntp.pre
 
 %files -n system-user-uucp
-%defattr(-,root,root)
 %dir %attr(0750,uucp,uucp) %{_sysconfdir}/uucp
 %{_sysusersdir}/system-user-uucp.conf
 
 %files -n system-user-games
-%defattr(-,root,root)
 %dir %attr(0755,root,root) %{_localstatedir}/games
 %{_sysusersdir}/system-user-games.conf
 
 %files -n system-user-bin
-%defattr(-,root,root)
 %{_sysusersdir}/system-user-bin.conf
 
 %files -n system-user-daemon
-%defattr(-,root,root)
 %{_sysusersdir}/system-user-daemon.conf
 
 %files -n system-user-man
-%defattr(-,root,root)
 %{_sysusersdir}/system-user-man.conf
 
 %files -n system-user-news
-%defattr(-,root,root)
 %dir %attr(0750,news,news) %{_sysconfdir}/news
 %{_sysusersdir}/system-user-news.conf
 
 %files -n system-group-obsolete
-%defattr(-,root,root)
 %{_sysusersdir}/system-group-obsolete.conf
 
 %files -n system-group-hardware
-%defattr(-,root,root)
 %{_sysusersdir}/system-group-hardware.conf
 
 %files -n system-group-wheel
-%defattr(-,root,root)
 %{_sysusersdir}/system-group-wheel.conf
 
 %files -n system-user-wwwrun
-%defattr(-,root,root)
 %dir %attr(0755,wwwrun,root) %{_localstatedir}/lib/wwwrun
 %{_sysusersdir}/system-user-wwwrun.conf
 
 %files -n system-user-mail
-%defattr(-,root,root)
 %dir %attr(0770,mail,mail) %{_localstatedir}/spool/clientmqueue
 %{_sysusersdir}/system-user-mail.conf
 
 %files -n system-user-ftp
-%defattr(-,root,root)
 %dir %attr(0755,root,root) /srv/ftp
 %{_sysusersdir}/system-user-ftp.conf
 
 %files -n system-user-lp
-%defattr(-,root,root)
 %dir %attr(0755,lp,lp) %{_localstatedir}/spool/lpd
 %{_sysusersdir}/system-user-lp.conf
 
 %files -n system-user-nobody
-%defattr(-,root,root)
 %dir %attr(0755,nobody,root) %{_localstatedir}/lib/nobody
 %{_sysusersdir}/system-user-nobody.conf
 
 %files -n system-user-upsd
-%defattr(-,root,root)
 %{_sysusersdir}/system-user-upsd.conf
 
 %files -n system-user-uuidd
-%defattr(-,root,root)
 %{_sysusersdir}/system-user-uuidd.conf
 
 %files -n system-user-tftp
-%defattr(-,root,root)
 %dir %attr(0755,tftp,tftp) /srv/tftpboot
 %{_sysusersdir}/system-user-tftp.conf
 
 %files -n system-user-tss
-%defattr(-,root,root)
 %dir %attr(0750,tss,tss) /var/lib/tpm
 %{_sysusersdir}/system-user-tss.conf
 
 %files -n system-group-kvm
-%defattr(-,root,root)
 %{_sysusersdir}/system-group-kvm.conf
 
 %files -n system-user-qemu
-%defattr(-,root,root)
 %{_sysusersdir}/system-user-qemu.conf
 
 %files -n system-group-libvirt
-%defattr(-,root,root)
 %{_sysusersdir}/system-group-libvirt.conf
 
 %files -n system-user-vscan
-%defattr(-,root,root)
 %dir %attr(0750,vscan,vscan) %{_localstatedir}/spool/amavis
 %{_sysusersdir}/system-user-vscan.conf
 
 %files -n system-user-ntp
-%defattr(-,root,root)
 %dir %attr(0755,root,root) %{_localstatedir}/lib/ntp
 %{_sysusersdir}/system-user-ntp.conf