On 2025/07/03 02:31, Anthony J. Bentley wrote:
> Stuart Henderson writes:
> > On 2025/07/01 01:41, Anthony J. Bentley wrote:
> > > +        pw = getpwnam("_fc-cache");
> > > +        if (!pw)
> > > +            errx(1, "no _fc-cache user to revoke to");
> >
> > if _fc-cache doesn't exist yet, does it matter about setting ownership
> > back to root? (i.e. would it make sense to fallback to old behaviour
> > in case sysmerge hasn't been run to add the uid/gid yet?)
> 
> I think it's fine as-is. In my tests, sysmerge did always run without
> user intervention. If for some reason sysmerge didn't run, the error
> message is clear about what's wrong. Falling back to root instead would
> cause difficulty for pkg_add if packages are updated before sysmerge,
> which seems more likely than manually running fc-cache before sysmerge,
> and would be harder to notice and to fix.

pkg_add (post-diff) won't be able to run fc_cache until the _fc-cache
user exists anyway.

> > (belt and braces: sysmerge could chown after the dir adding _fc-cache...)
> 
> Yes, but IMO that's added complication that's not necessary.

It would cover the "upgrade by untarring sets" upgrade method as well as
bsd.rd though. (It could be done _instead_ of the bsd.rd change, which
would then avoid chown'ing the files to a uid that doesn't exist on the
installed system..)

It doesn't matter much either way in the typical case though.