From: Stuart Henderson Subject: Re: yggdrasil: dedicated user To: Klemens Nanni Cc: ports Date: Sun, 19 Oct 2025 14:53:48 +0100 On 2025/10/19 13:02, Klemens Nanni wrote: > Second try after "user.list: reserve net/yggdrasil-go user, recycle _nginx from 2012", > this time I chose _openct which is commented since 2016. > > Feedback? OK? https://marc.info/?l=openbsd-ports&m=173055556925654&w=2 is still a concern so we could _really_ do with a way to allocate uids dynamically for ports where software doesn't care about which exact uid it has... that said, there are hundreds of these "only existing for running as a separated uid" reservations and there's no less reason for yggdrasil-go to have one than a bunch of other things which already do, and it beats having an rc script hardcoded to -user nobody, so... ok > > Index: infrastructure/db/user.list > =================================================================== > RCS file: /cvs/ports/infrastructure/db/user.list,v > diff -u -p -r1.472 user.list > --- infrastructure/db/user.list 18 Oct 2025 22:50:34 -0000 1.472 > +++ infrastructure/db/user.list 19 Oct 2025 12:52:11 -0000 > @@ -122,7 +122,7 @@ id user group port > 611 _icecast _icecast net/icecast > 612 _ipguard _ipguard security/ipguard > 613 _rancid _rancid sysutils/rancid > -#614 _openct _openct security/openct > +614 _yggdrasil _yggdrasil net/yggdrasil-go > 615 _iftop _iftop net/iftop > 616 _ircd-hybrid _ircd-hybrid net/ircd-hybrid > 617 _tinyproxy _tinyproxy www/tinyproxy > Index: net/yggdrasil-go/Makefile > =================================================================== > RCS file: /cvs/ports/net/yggdrasil-go/Makefile,v > diff -u -p -r1.17 Makefile > --- net/yggdrasil-go/Makefile 1 Aug 2025 19:51:07 -0000 1.17 > +++ net/yggdrasil-go/Makefile 19 Oct 2025 12:54:17 -0000 > @@ -2,7 +2,7 @@ COMMENT = experimental fully end-to-end > > MODGO_MODNAME = github.com/yggdrasil-network/yggdrasil-go > MODGO_VERSION = v0.5.12 > -REVISION = 1 > +REVISION = 2 > > DISTNAME = yggdrasil-go-${MODGO_VERSION} > > Index: net/yggdrasil-go/pkg/PLIST > =================================================================== > RCS file: /cvs/ports/net/yggdrasil-go/pkg/PLIST,v > diff -u -p -r1.5 PLIST > --- net/yggdrasil-go/pkg/PLIST 2 Nov 2024 09:26:46 -0000 1.5 > +++ net/yggdrasil-go/pkg/PLIST 19 Oct 2025 12:53:37 -0000 > @@ -1,3 +1,5 @@ > +@newgroup _yggdrasil:614 > +@newuser _yggdrasil:614:614::Yggdrasil:/nonexistent:/sbin/nologin > @rcscript ${RCDIR}/yggdrasil > @bin bin/yggdrasil > @bin bin/yggdrasil-genkeys > Index: net/yggdrasil-go/pkg/yggdrasil.rc > =================================================================== > RCS file: /cvs/ports/net/yggdrasil-go/pkg/yggdrasil.rc,v > diff -u -p -r1.4 yggdrasil.rc > --- net/yggdrasil-go/pkg/yggdrasil.rc 22 Mar 2025 22:05:10 -0000 1.4 > +++ net/yggdrasil-go/pkg/yggdrasil.rc 19 Oct 2025 12:58:13 -0000 > @@ -1,7 +1,7 @@ > #!/bin/ksh > > daemon="${TRUEPREFIX}/bin/yggdrasil" > -daemon_flags="-logto syslog -user nobody -useconffile ${SYSCONFDIR}/yggdrasil.conf" > +daemon_flags="-logto syslog -user _yggdrasil -useconffile ${SYSCONFDIR}/yggdrasil.conf" > > . /etc/rc.d/rc.subr > >