Baleine/gardenerdb
2
1
Fork 0
forked from Gardenhouse/gardenerdb
Code Pull requests Activity
Drop-in standalone implementation of systemd-userdb
14 commits 1 branch 3 tags 105 KiB
  • C 96.5%
  • Meson 3%
  • Shell 0.5%
Find a file
Rose Hellsing 37dc6f53ce user-record: Fake implement systemd-userdb birthDate field 
This is stupid. I hate that I have to add this. But because I guess this is now a part of the userdb records we have this field now.
This field will never be properly populated by GardenerDB, it will always be set to 1998-07-06 (airing date of lain in japan)
2026-03-19 13:55:17 +01:00
examples Add examples on using dynamic users in services 2026-03-17 23:03:23 +01:00
include user-record: Fake implement systemd-userdb birthDate field 2026-03-19 13:55:17 +01:00
lib user-record: Fake implement systemd-userdb birthDate field 2026-03-19 13:55:17 +01:00
nss nss: implement _nss_systemd_block and _nss_systemd_is_blocked for userdb compatibility 2026-03-17 20:19:09 +01:00
src Print to stderr instead of stdout 2026-03-17 22:20:32 +01:00
subprojects Gardenerdb: Add userdb reimplementation 2026-03-17 17:04:07 +01:00
test Gardenerdb: Add userdb reimplementation 2026-03-17 17:04:07 +01:00
units Fix openrc services 2026-03-17 18:42:07 +01:00
varlink Gardenerdb: Add userdb reimplementation 2026-03-17 17:04:07 +01:00
.gitignore Gardenerdb: Add userdb reimplementation 2026-03-17 17:04:07 +01:00
COPYING Gardenerdb: Add userdb reimplementation 2026-03-17 17:04:07 +01:00
meson.build Gardenerdb: Add userdb reimplementation 2026-03-17 17:04:07 +01:00
meson_options.txt Add support for multiple init systems 2026-03-17 17:18:12 +01:00
README.md Add examples on using dynamic users in services 2026-03-17 23:03:23 +01:00

README.md

gardenerDB

Drop-in standalone implementation of systemds userdb.

Components

Binary Description
gardenerdb-mux Multiplexer daemon. Listens on io.systemd.Multiplexer
gardenerdb-dynamic Dynamic user daemon. Allocates ephermal UIDs/GIDs on demand io.systemd.DynamicUser + io.gardenerdb.DynamicUser
gardenerdbctl CLI tool to query users/groups/memberships. Equivalent to userdbctl
libnss_gardenerdb.so NSS module, makes gardenerDB provides users/groups available to getpwnam(), getgrnam() and similiar
gardenerdb-dynamicctl Tool to allocate/release dynamic users

Building

Requires vali, json-c and meson >= 0.60

meson setup build
meson compile -C build
meson test -C build
meson install -C build

All dependencies may be automatically pulled as meson subprojects if they are not installed system-wide.

Build options

Option Default Description
dynamic-uid-min 61184 First UID in the dynamic allocation pool
dynamic-uid-max 65519 Last UID in the dynamic allocation pool
init-system openrc Init system to install service files for: systemd, openrc, s6, runit or none 
meson setup build -Dinit-system=s6 -Ddynamic-uid-min=60000

Using dynamic users in services

The examples/ directory contains examples on how to use dynamic users in openrc, runit and s6.

The concept for all of them is pretty much the same:

  1. Generate the username based on the service name
  2. Get the uid/gid from gardenerdb-dynamicctl allocate
  3. Execute the program as the newly created user
  4. After the program exits, call gardenerdb-dynamicctl release with the previously generated username