On 12/03/2022 14:00, Holger Levsen wrote:
On Sat, Mar 12, 2022 at 01:21:24PM +0100, Marc Haber wrote:Or would it be enough for reproducible images if adduser would finally implement #243929, making it possible to pre-determine UIDs before an image is built?for reproducible images it would be 'enough' but I believe this would also shift the burden of the work to each and every image designer, so in a way this feels like a workaround with the main purpose of removing load from base-passwd maintenance while putting load on everyone else forever :/ Roland Clobus has put a lot of work & thoughts into reproducible images, so I've added him to cc: now, so he can comment on this aspect of #1006912.
I've read #243929 and #1006912.For reproducible images (based on live-build) the order of the creation of each user is determined by the order in which the packages are installed. When the image is built, it starts with the default user list, which is then expanded by the packages as they are installed. When, while (re-)generating an image, an account is deleted, it will also be in a deterministic order. So from the viewpoint of reproducible images, it does not matter in which order the lines in /etc/passwd are, nor whether the same UID number is assigned to a username.
With kind regards, Roland Clobus
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature