Autogenerate requires for users and groups in packages from file data

Ensure proper installation order and dependencies for custom user/group
usage across packages. These are effectively Requires(pre,postun)
dependencies to prefer during install and preserve the dependency for
installed packages as well.

These new requires require distro level bootstrapping of sorts to get
the provides into place first. To make that less painful, allow turning
the requires into recommends so they wont cause hard failures but will
still cause the right thing to happen when ordering (and depsolving too)
for the packages that do have the provides already.

3 files changed, 39 insertions, 9 deletions

diff --git a/build/rpmfc.c b/build/rpmfc.c
index aaf0f7a42..c5db6dc82 100644
--- a/build/rpmfc.c
+++ b/build/rpmfc.c
@@ -21,6 +21,7 @@
 #include <rpm/rpmfi.h>
 #include <rpm/rpmstrpool.h>
 
+#include "lib/rpmug.h"
 #include "lib/rpmfi_internal.h"		/* rpmfiles stuff for now */
 #include "build/rpmbuild_internal.h"
 
@@ -1604,18 +1605,44 @@ rpmRC rpmfcGenerateDepends(const rpmSpec spec, Package pkg)
     /* Extract absolute file paths in argv format. */
     fmode = xcalloc(ac+1, sizeof(*fmode));
 
+    fc = rpmfcCreate(spec->buildRoot, 0);
+    freePackage(fc->pkg);
+    fc->pkg = pkg;
+    fc->skipProv = !pkg->autoProv;
+    fc->skipReq = !pkg->autoReq;
+
     fi = rpmfiInit(fi, 0);
     while ((idx = rpmfiNext(fi)) >= 0) {
 	/* Does package have any %config files? */
 	genConfigDeps |= (rpmfiFFlags(fi) & RPMFILE_CONFIG);
 	fmode[idx] = rpmfiFMode(fi);
-    }
 
-    fc = rpmfcCreate(spec->buildRoot, 0);
-    freePackage(fc->pkg);
-    fc->pkg = pkg;
-    fc->skipProv = !pkg->autoProv;
-    fc->skipReq = !pkg->autoReq;
+	if (!fc->skipReq) {
+	    const char *user = rpmfiFUser(fi);
+	    const char *group = rpmfiFGroup(fi);
+	    rpmsenseFlags ugfl = (RPMSENSE_SCRIPT_PRE|RPMSENSE_SCRIPT_POSTUN);
+	    rpmTagVal deptag = RPMTAG_REQUIRENAME;
+
+	    if (rpmExpandNumeric("%{?_use_weak_usergroup_deps}"))
+		deptag = RPMTAG_RECOMMENDNAME;
+
+	    /* filter out root and current user/group */
+	    if (user && !rstreq(user, UID_0_USER) &&
+			!rstreq(user, rpmugUname(getuid()))) {
+		rpmds ds = rpmdsSingleNS(fc->pool, deptag, "user",
+					user, NULL, ugfl);
+		rpmdsMerge(packageDependencies(pkg, deptag), ds);
+		rpmdsFree(ds);
+	    }
+	    if (group && !rstreq(group, GID_0_GROUP) &&
+			 !rstreq(group, rpmugGname(getgid()))) {
+		rpmds ds = rpmdsSingleNS(fc->pool, deptag, "group",
+					group, NULL, ugfl);
+		rpmdsMerge(packageDependencies(pkg, deptag), ds);
+		rpmdsFree(ds);
+	    }
+	}
+    }
 
     if (!fc->skipProv && genConfigDeps) {
 	/* Add config dependency, Provides: config(N) = EVR */
diff --git a/macros.in b/macros.in
index 3a1306bcb..ad2d51ca4 100644
--- a/macros.in
+++ b/macros.in
@@ -235,6 +235,9 @@ Supplements:   (%{name} = %{version}-%{release} and langpacks-%{1})\
 #	Is ignored when SOURCE_DATE_EPOCH is not set.
 %clamp_mtime_to_source_date_epoch 0
 
+#	If enabled, dilute user() and group() requires into recommends
+#%__use_weak_usergroup_deps 1
+
 #	The directory where newly built binary packages will be written.
 %_rpmdir		%{_topdir}/RPMS
 
diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at
index 64e255d9c..9fb3febc9 100644
--- a/tests/rpmsigdig.at
+++ b/tests/rpmsigdig.at
@@ -174,9 +174,9 @@ done
 runroot rpmkeys -Kv /build/RPMS/noarch/attrtest-1.0-1.noarch.rpm
 ],
 [0],
-[SHA256HEADER: aea98a6189cb03335d1ad2f9d492e6c9a161ef2164b290d26fea8168703d66a8
-SHA1HEADER: a20de3d08d52fc490a0711e6ccc09c501b0b13ce
-SIGMD5: e709f698474a3ec1690506db23826164
+[SHA256HEADER: 6b1d3d1d6ea120889b2b42a6a9afdcbe3f0eeac80d557fd518d74c5e66035c67
+SHA1HEADER: 88f59ac1630076e57cad80d4ed962ff0b75bfa29
+SIGMD5: c8e33191825e21ea60b583f16a94e1cd
 PAYLOADDIGEST: 116ce41ebb72f1877cda3d7dedaf5b78770e202d6389ade4e415d78548d703a8
 PAYLOADDIGESTALT: 116ce41ebb72f1877cda3d7dedaf5b78770e202d6389ade4e415d78548d703a8
 /build/RPMS/noarch/attrtest-1.0-1.noarch.rpm: