From 3114d0425d0bbb61f02021c47967138ff0d19a6d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20G=C3=B3rny?= Date: Sun, 14 Dec 2025 04:15:12 +0100 Subject: [PATCH] acct-group/jobserver: Add group for system wide jobservers, v0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add a dedicated group to control system-wide jobserver access, such as the one provided by dev-build/steve. This will replace the current portage:portage ownership, and make it possible to grant users access without giving them full portage group access. Note that we don't want open access to system-wide jobservers, as an untrusted user could then grab all tokens and effectively block other processes from building. Signed-off-by: Michał Górny Part-of: https://codeberg.org/gentoo/gentoo/pulls/2 Signed-off-by: Michał Górny --- acct-group/jobserver/jobserver-0.ebuild | 9 +++++++++ acct-group/jobserver/metadata.xml | 8 ++++++++ 2 files changed, 17 insertions(+) create mode 100644 acct-group/jobserver/jobserver-0.ebuild create mode 100644 acct-group/jobserver/metadata.xml diff --git a/acct-group/jobserver/jobserver-0.ebuild b/acct-group/jobserver/jobserver-0.ebuild new file mode 100644 index 000000000000..4a7bb9457daf --- /dev/null +++ b/acct-group/jobserver/jobserver-0.ebuild @@ -0,0 +1,9 @@ +# Copyright 2025 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit acct-group + +ACCT_GROUP_ID=556 +DESCRIPTION="Access to system-wide jobservers" diff --git a/acct-group/jobserver/metadata.xml b/acct-group/jobserver/metadata.xml new file mode 100644 index 000000000000..076793e3f54b --- /dev/null +++ b/acct-group/jobserver/metadata.xml @@ -0,0 +1,8 @@ + + + + + mgorny@gentoo.org + Michał Górny + +