.if ${MKSHARE} != "no"
FILESDIR=/usr/share/examples/libsaslc
FILESOWN=root
-.if !defined(__MINIX)
FILESGRP=wheel
-.else
-FILESGRP=operator
-.endif # !defined(__MINIX)
FILESMODE=444
FILES= saslc.conf
.if ${MKSHARE} != "no"
FILESDIR=/usr/share/examples/libsaslc/mech
FILESOWN=root
-.if !defined(__MINIX)
FILESGRP=wheel
-.else
-FILESGRP=operator
-.endif # !defined(__MINIX)
FILESMODE=444
FILES=
print "install:"
} else if (mode == "mtree") {
print "/unset\tall";
- print "/set\ttype=file uname=root gname=operator";
+ print "/set\ttype=file uname=root gname=wheel";
print;
} else if (mode == "populate") {
print "cd " ENVIRON["CURDIR"];
> "${SDIR}/flist.${setname}.full" \
|| exit 1
(
- echo "/set uname=root gname=operator"
+ echo "/set uname=root gname=wheel"
${AWK} -f "${rundir}/join.awk" \
"${SDIR}/flist.${setname}.full" "${metalog}"
echo "./etc/mtree/set.${setname} type=file mode=0444"
"${spec1}" "${metalog}"
${AWK} -f "${rundir}/join.awk" \
"${spec1}" /dev/stdin <<EOF
-./etc/mtree/set.${pkgset} type=file mode=0444 uname=root gname=operator
+./etc/mtree/set.${pkgset} type=file mode=0444 uname=root gname=wheel
EOF
else
cat "${spec1}"
+20170218:
+ Before starting a build, you will have to update your master.passwd and
+ group files in /etc. This is needed because we have switched over from
+ the old set of MINIX users and groups to the new set of NetBSD users
+ and groups, as needed by various imported tools. Follow these steps.
+
+ 1. Make a back-up copy of your old master.passwd and group files:
+
+ # cp /etc/master.passwd /etc/master.passwd~
+ # cp /etc/group /etc/group~
+
+ 2. Install /usr/src/etc/master.passwd to /etc/master.passwd, and
+ install /usr/src/etc/group to /etc/group. If you have NOT created
+ any local user accounts yourself, for example because you are
+ upgrading a fresh MINIX 3 installation right away, all you need to
+ do is copy over those two files:
+
+ # cp /usr/src/etc/master.passwd /etc/master.passwd
+ # cp /usr/src/etc/group /etc/group
+
+ If you DO have custom user accounts or groups, you need to merge
+ their lines (and only those!) into the new master.passwd and group
+ files manually. If you are unsure whether you have such custom
+ entries, you can use the following commands:
+
+ # cd /usr/src
+ # git show 68804c2:etc/master.passwd | diff -u - /etc/master.passwd
+ # git show 68804c2:etc/group | diff -u - /etc/group
+
+ This should show any changes compared to the old two templates. If
+ you have such changes, you need to reapply them after copying over
+ the new two templates. The following procedure shows one approach:
+
+ # cd /usr/src
+ # cp /etc/master.passwd /tmp/my-passwd
+ # vi /tmp/my-passwd
+ <remove any lines from /tmp/my-passwd that have no password>
+ # cp /usr/src/etc/master.passwd /etc/master.passwd
+ # cat /tmp/my-passwd >> /etc/master.passwd
+ # rm /tmp/my-passwd
+
+ ..and follow a similar procedure for /etc/group.
+
+ 3. Once the new files are in place, update all derived password files:
+
+ # pwd_mkdb -p /etc/master.passwd
+
+ If you did everything right so far, the following command:
+
+ # postinstall check uid gid
+
+ ..should show "postinstall checks passed: uid gid" and no failures.
+
+ 4. Now perform a full build as usual:
+
+ # cd /usr/src
+ # make build
+
+ As part of the build, all /dev files will get new proper ownership.
+
+ 5. There may still be files that are owned by users and groups that now
+ have been renumbered. It is advisable to run at least the following
+ three commands to apply the renumbering to the most common files:
+
+ # find / -user 2 -exec chown bin \{\} \;
+ # find / -user 5 -exec chown uucp \{\} \;
+ # find / -user 9998 -exec chown games \{\} \;
+
+ If you have installed custom programs, you may want to check whether
+ they are not affected by the change. This should be rare, though.
+
+ Until a subsequent reboot, various running services will show up in
+ ps(1) output and /proc as owned by "postfix". This is no problem.
+
20170122:
MINIX 3 did not import NetBSD's passwd.conf file, which makes the
userland fall back by default to the old, broken UNIX password hashing
# -rw-r--r--
BINOWN= root
-BINGRP= operator
+BINGRP= wheel
UTMPGRP= utmp
.if defined(__MINIX)
BIN1+= boot.cfg.default \
#
install-etc-files: .PHONY .MAKE check_DESTDIR MAKEDEV
${_MKMSG_INSTALL} ${DESTDIR}/etc/master.passwd
- ${ETC_INSTALL_FILE} -o root -g operator -m 600 \
+ ${ETC_INSTALL_FILE} -o root -g wheel -m 600 \
master.passwd ${DESTDIR}/etc
${TOOL_PWD_MKDB} -p ${PWD_MKDB_ENDIAN} -d ${DESTDIR}/ \
${DESTDIR}/etc/master.passwd
( \
mode=0600; \
for metaent in spwd.db passwd pwd.db; do \
- echo "./etc/$${metaent} type=file mode=$${mode} uname=root gname=operator tags=etc_pkg"; \
+ echo "./etc/$${metaent} type=file mode=$${mode} uname=root gname=wheel tags=etc_pkg"; \
mode=0644; \
done; \
) | ${METALOG.add}
${MAKEDIRTARGET} . install-etc-files-safe
install-etc-files-safe: .PHONY .MAKE check_DESTDIR MAKEDEV
-# LSC Minix administrator group is operator, not wheel
.endif # defined(__MINIX)
${_MKMSG_INSTALL} ${DESTDIR}/etc/ttys
.if !defined(__MINIX)
# TAC to the .for block above.
.if !defined(__MINIX)
.for owner group mode file in \
- ${BINOWN} operator 664 /etc/ttys \
${BINOWN} operator 664 /etc/dumpdates \
${BINOWN} operator 600 /etc/skeykeys \
root wheel 600 /var/at/at.deny \
-operator:*:0:
-daemon:*:1:
-bin:*:2:
-other:*:3:
-tty:*:4:
-uucp:*:5:
-news:*:6:
-ftp:*:7:
-kmem:*:8:
-www:*:9:
-driver:*:10:
-server:*:11:
+wheel:*:0:root
+daemon:*:1:daemon
+kmem:*:2:root
+sys:*:3:root
+tty:*:4:root
+operator:*:0:root
+mail:*:6:
+bin:*:7:
+wsrc:*:9:
+maildrop:*:11:
+postfix:*:12:
games:*:13:
+named:*:14:
+ntpd:*:15:
+sshd:*:16:
_pflogd:*:18:
_rwhod:*:19:
+staff:*:20:root
_proxy:*:21:
_timedc:*:22:
_sdpd:*:23:
_mdnsd:*:25:
_tests:*:26:
_tcpdump:*:27:
-smtpd:*:40:
-postfix:*:41:
-maildrop:*:42:
-mail:*:43:
-sshd:*:44:
-nogroup:*:99:
+_tss:*:28:
+_gpio:*:29:
+_rtadvd:*:30:
+guest:*:31:root
+nobody:*:39:
+utmp:*:45:
+authpf:*:72:
users:*:100:
+dialer:*:117:
+nogroup:*:32766:
-root::0:0::0:0:Big Brother:/root:/bin/sh
-daemon:*:1:1::0:0:The Deuce:/etc:/bin/sh
-bin:*:2:0::0:0:Binaries Commands and Source:/nonexistent:/bin/sh
-uucp:*:5:5::0:0:UNIX to UNIX copy:/usr/spool/uucp:/usr/bin/uucico
-news:*:6:6::0:0:Usenet news:/usr/spool/news:/bin/sh
-ftp:*:7:7::0:0:Anonymous FTP:/usr/ftp:/bin/sh
-www:*:9:9::0:0:World Wide Web:/usr/www:/bin/sh
-driver:*:10:10::0:0:Device Drivers:/:/bin/sh
-server:*:11:11::0:0:OS Servers:/:/bin/sh
-service:*:12:12::0:0:System Services:/:/bin/sh
-sshd:*:22:22::0:0:sshd:/:/bin/sh
-smtpd:*:25:25::0:0:smtpd:/:/bin/sh
-postfix:*:27:27::0:0:postfix:/usr/var/spool/postfix:/usr/bin/false
-postgres:*:30:30::0:0:postgresql:/:/usr/bin/false
-games:*:9998:13::0:0:games:/:/bin/sh
-nobody:*:9999:39::0:0:Unprivileged user:/tmp:/bin/sh
+root::0:0::0:0:Charlie &:/root:/bin/sh
+toor:*:0:0::0:0:Bourne-again Superuser:/root:/bin/sh
+daemon:*:1:1::0:0:The devil himself:/:/sbin/nologin
+operator:*:2:5::0:0:System &:/usr/guest/operator:/sbin/nologin
+bin:*:3:7::0:0:Binaries Commands and Source:/:/bin/sh
+games:*:7:13::0:0:& pseudo-user:/usr/games:/sbin/nologin
+postfix:*:12:12::0:0:& pseudo-user:/var/spool/postfix:/sbin/nologin
+named:*:14:14::0:0:& pseudo-user:/var/chroot/named:/sbin/nologin
+ntpd:*:15:15::0:0:& pseudo-user:/var/chroot/ntpd:/sbin/nologin
+sshd:*:16:16::0:0:& pseudo-user:/var/chroot/sshd:/sbin/nologin
+_pflogd:*:18:18::0:0:& pseudo-user:/var/chroot/pflogd:/sbin/nologin
+_rwhod:*:19:19::0:0:& pseudo-user:/var/rwho:/sbin/nologin
+_proxy:*:21:21::0:0:Proxy Services:/nonexistent:/sbin/nologin
+_timedc:*:22:22::0:0:& pseudo-user:/nonexistent:/sbin/nologin
+_sdpd:*:23:23::0:0:& pseudo-user:/nonexistent:/sbin/nologin
+_httpd:*:24:24::0:0:& pseudo-user:/var/www:/sbin/nologin
+_mdnsd:*:25:25::0:0:& pseudo-user:/nonexistent:/sbin/nologin
+_tests:*:26:26::0:0:& pseudo-user:/nonexistent:/sbin/nologin
+_tcpdump:*:27:27::0:0:& pseudo-user:/var/chroot/tcpdump:/sbin/nologin
+_tss:*:28:28::0:0:& pseudo-user:/var/tpm:/sbin/nologin
+_rtadvd:*:30:30::0:0:& pseudo-user:/var/chroot/rtadvd:/sbin/nologin
+uucp:*:66:1::0:0:UNIX-to-UNIX Copy:/nonexistent:/sbin/nologin
+service:*:999:0::0:0:System Services:/:/sbin/nologin
+nobody:*:32767:39::0:0:Unprivileged user:/nonexistent:/sbin/nologin
# with diff(1)s if $check_changelist is enabled.
#
-#__MINIX: gname is not wheel
-/set uname=root gname=operator
+/set uname=root gname=wheel
. type=dir mode=0755
ci -q -f -u -t-"$_msg0" -m"$_msg1" $_cur
rcs -q -kb -U $_cur
co -q -f -u $_cur
- chown root:operator $_cur $_cur,v
+ chown root:wheel $_cur $_cur,v
;;
remove)
cp /dev/null $_cur
ci -q -f -u -t-"$_msg0" -m"$_msg1" $_cur
rcs -q -kb -U $_cur
- chown root:operator $_cur $_cur,v
+ chown root:wheel $_cur $_cur,v
rm $_cur
;;
esac
cp -p $_cur $_back
fi
cp -p $_file $_cur
- chown root:operator $_cur
+ chown root:wheel $_cur
;;
remove)
mv -f $_cur $_back
MKFONTSCALEDIR!= cd ${NETBSDSRCDIR}/external/mit/xorg/tools/mkfontscale && ${PRINTOBJDIR}
MKFONTSCALE= ${MKFONTSCALEDIR}/mkfontscale
-#__MINIX: gname=operator instead of wheel
afterinstall: create.fonts.dir create.fonts.scale
.if ${MKUNPRIVED} != "no"
- echo ".${FILESDIR}/fonts.dir type=file mode=0444 uname=root gname=operator" \
+ echo ".${FILESDIR}/fonts.dir type=file mode=0444 uname=root gname=wheel" \
| ${METALOG.add}
- echo ".${FILESDIR}/fonts.scale type=file mode=0444 uname=root gname=operator" \
+ echo ".${FILESDIR}/fonts.scale type=file mode=0444 uname=root gname=wheel" \
| ${METALOG.add}
.endif
${_MKMSG_INSTALL} ${DESTDIR}${FILESDIR}/encodings.dir
do
# Reset the defaults
uname=root
- gname=operator
+ gname=wheel
permissions=600
case ${dev} in
PROG= term
-BINGRP= uucp
-BINMODE= 2755
.include <bsd.prog.mk>
${TOOL_PWD_MKDB} -V 0 -p -d . etc/master.passwd
proto.dev.mtree:
- @echo ". type=dir uname=root gname=operator mode=0755" \
+ @echo ". type=dir uname=root gname=wheel mode=0755" \
>${.TARGET}.tmp && \
- echo "./dev type=dir uname=root gname=operator mode=0755" \
+ echo "./dev type=dir uname=root gname=wheel mode=0755" \
>>${.TARGET}.tmp && \
${NETBSDSRCDIR}/minix/commands/MAKEDEV/MAKEDEV.sh -m -r \
>> ${.TARGET}.tmp && mv ${.TARGET}.tmp ${.TARGET}
.TP
\fBgid=\fInumber\fR
Likewise, sets the group ID for all files and directories.
-The default is operator (the number \fB0\fR).
+The default is wheel (the number \fB0\fR).
.TP
\fBfmask=\fInumber\fR
This option sets the file permission mask of regular files. It is specified as
root_node->fn_mode = v_pri.inode_root->i_stat.st_mode;
root_node->fn_size = v_pri.inode_root->i_stat.st_size;
root_node->fn_uid = SYS_UID; /* Always root */
- root_node->fn_gid = SYS_GID; /* operator */
+ root_node->fn_gid = SYS_GID; /* wheel */
root_node->fn_dev = NO_DEV;
*res_flags = RES_NOFLAGS;
.TP
\fBgid=\fInumber\fR
Likewise, sets the group ID for all files and directories.
-The default is operator (the number \fB0\fR).
+The default is wheel (the number \fB0\fR).
.TP
\fBfmask=\fInumber\fR
This option sets the file permission mask of regular files. It is specified as
#define SERVICE_LOGIN "service" /* passwd file entry for services */
-/* The following definition should be kept in sync with the actual /etc/passwd
- * value for SERVICE_LOGIN for now, and removed altogether once we are able to
- * obtain its value dynamically everywhere.
+/* The following definition should be kept in sync with the actual
+ * /etc/master.passwd value for SERVICE_LOGIN for now, and removed altogether
+ * once we are able to obtain its value dynamically everywhere. The value has
+ * been chosen so as to avoid creating conflicts with future NetBSD additions
+ * to the password files, although one can never be sure.
*/
-#define SERVICE_UID 12 /* user ID for services */
+#define SERVICE_UID 999 /* user ID for services */
/* RSS definitions. */
#define RSS_NR_IRQ 16
panic("unable to clone current RS instance: %d", s);
}
- /* Fork a new RS instance with root:operator. */
+ /* Fork a new RS instance with root:wheel. */
pid = srv_fork(0, 0);
if(pid < 0) {
panic("unable to fork a new RS instance: %d", pid);
*/
if(rs_verbose)
printf("RS: forking child with srv_fork()...\n");
- child_pid= srv_fork(rp->r_uid, 0); /* Force group to operator for now */
+ child_pid= srv_fork(rp->r_uid, 0); /* Force group to wheel for now */
if(child_pid < 0) {
printf("RS: srv_fork() failed (error %d)\n", child_pid);
free_slot(rp);
#define KEY_C (KEY_A + 2)
#define ROOT_USER "root" /* name of root */
-#define ROOT_GROUP "operator" /* name of root's group */
+#define ROOT_GROUP "wheel" /* name of root's group */
#define NONROOT_USER "bin" /* name of any unprivileged user */
#define NONROOT_GROUP "bin" /* name of any unprivileged group */
#!/bin/sh
# expected sha1sum of the FS image
-expect=55d61f457204c206628c848771a1f9d75cfa3afa
+expect=98bcafa04cb1eb75b7add6c95eb587c37f5050e0
set -e
# ownership matters for the proto file.
-# the run script runs us with uid 2, gid 0.
-if [ "`id -u`" != 2 -o "`id -g`" != 0 ]
+# the run script runs us with user "bin" (3), group "bin" (7).
+if [ "`id -u`" != 3 -o "`id -g`" != 7 ]
then
- echo "test script should be run with uid 2, gid 0."
+ echo "test script should be run with uid 3, gid 7."
exit 1
fi
/sbin/mkfs.mfs -T 1 -b $BLOCKS -i $INODES $fsimage $protofile >/dev/null 2>&1
sum="`sha1 $fsimage | awk '{ print $4 }'`"
+rm -rf $testdir $protofile $fsimage
+
if [ $sum != $expect ]
then
echo sum $sum is not expected $expect
#define MAX_TOKENS 10
#define LINE_LEN 300
-/* XXX why do we not use 0 / SU_ID ? */
-#define BIN 2
-#define BINGRP 2
/* some Minix specific types that do not conflict with Posix */
#ifndef block_t
/* Make simple file system of the given size, using defaults. */
mode = 040777;
- usrid = BIN;
- grpid = BINGRP;
+ usrid = 0;
+ grpid = 0;
simple = 1;
}
BINMODE?= 755
NONBINMODE?= 644
MANDIR?= /usr/man
-BINGRP?= operator
-MANGRP?= operator
-INFOGRP?= operator
-DOCGRP?= operator
-LOCALEGRP?= operator
-NLSGRP?= operator
-DEBUGGRP?= operator
MKKYUA?= yes
MKMCLINKER?= no