hst/grp_pwd: specify new uid format

This leaves slots available for additional uid ranges in Rosa OS.

This breaks all existing installations! Users are required to fix ownership manually.

Closes #18.

Signed-off-by: Ophestra <cat@gensokyo.uk>

internal/outcome/hsu.go

@@ -95,7 +95,3 @@ func (h *Hsu) MustID(msg message.Msg) int {
 		return -0xdeadbeef // not reached
 	}
 }
-
-// HsuUid returns target uid for the stable hsu uid format.
-// No bounds check is performed, a value retrieved by [Hsu] is expected.
-func HsuUid(id, identity int) int { return 1000000 + id*10000 + identity }

internal/outcome/main_test.go

@@ -40,7 +40,7 @@ func TestOutcomeMain(t *testing.T) {
 		wantSys    *system.I
 		wantParams *container.Params
 	}{
-		{"template", new(stubNixOS), hst.Template(), checkExpectInstanceId, system.New(panicMsgContext{}, message.New(nil), 1000009).
+		{"template", new(stubNixOS), hst.Template(), checkExpectInstanceId, system.New(panicMsgContext{}, message.New(nil), 10009).
 			// spParamsOp
 			Ensure(m("/tmp/hakurei.0"), 0711).
 
@@ -215,7 +215,7 @@ func TestOutcomeMain(t *testing.T) {
 			0x96, 0xd7, 0xbc, 0x15,
 			0xbd, 0x01, 0x78, 0x0e,
 			0xb9, 0xa6, 0x07, 0xac,
-		}, system.New(t.Context(), msg, 1000000).
+		}, system.New(t.Context(), msg, 10000).
 			Ensure(m("/tmp/hakurei.0"), 0711).
 			Ensure(m("/tmp/hakurei.0/runtime"), 0700).
 			UpdatePermType(system.User, m("/tmp/hakurei.0/runtime"), acl.Execute).
@@ -339,7 +339,7 @@ func TestOutcomeMain(t *testing.T) {
 			0xb1, 0x75, 0x91, 0x17,
 			0x82, 0xd4, 0x13, 0x36,
 			0x9b, 0x64, 0xce, 0x7c,
-		}, system.New(t.Context(), msg, 1000009).
+		}, system.New(t.Context(), msg, 10009).
 			Ensure(m("/tmp/hakurei.0"), 0711).
 			Ensure(m("/tmp/hakurei.0/runtime"), 0700).UpdatePermType(system.User, m("/tmp/hakurei.0/runtime"), acl.Execute).
 			Ensure(m("/tmp/hakurei.0/runtime/9"), 0700).UpdatePermType(system.User, m("/tmp/hakurei.0/runtime/9"), acl.Read, acl.Write, acl.Execute).
@@ -493,7 +493,7 @@ func TestOutcomeMain(t *testing.T) {
 			0x66, 0xda, 0xbe, 0x57,
 			0x4c, 0xf0, 0x73, 0xbd,
 			0xb4, 0x6e, 0xb5, 0xc1,
-		}, system.New(t.Context(), msg, 1000001).
+		}, system.New(t.Context(), msg, 10001).
 			Ensure(m("/tmp/hakurei.0"), 0711).
 			Ensure(m("/tmp/hakurei.0/runtime"), 0700).UpdatePermType(system.User, m("/tmp/hakurei.0/runtime"), acl.Execute).
 			Ensure(m("/tmp/hakurei.0/runtime/1"), 0700).UpdatePermType(system.User, m("/tmp/hakurei.0/runtime/1"), acl.Read, acl.Write, acl.Execute).

internal/outcome/outcome.go

@@ -128,7 +128,7 @@ func (s *outcomeState) populateLocal(k syscallDispatcher, msg message.Msg) error
 
 	s.identity = newInt(s.Identity)
 	s.mapuid, s.mapgid = newInt(s.Mapuid), newInt(s.Mapgid)
-	s.uid = newInt(HsuUid(s.UserID, s.identity.unwrap()))
+	s.uid = newInt(hst.ToUser(s.UserID, s.identity.unwrap()))
 
 	return nil
 }

internal/outcome/shim_test.go

@@ -123,7 +123,7 @@ func TestShimEntrypoint(t *testing.T) {
 	templateState := outcomeState{
 		Shim:      newShimParams(),
 		ID:        &checkExpectInstanceId,
-		Identity:  hst.IdentityMax,
+		Identity:  hst.IdentityEnd,
 		UserID:    10,
 		Container: hst.Template().Container,
 		Mapuid:    1000,

internal/outcome/spx11_test.go

@@ -60,7 +60,7 @@ func TestSpX11Op(t *testing.T) {
 			call("lookupEnv", stub.ExpectArgs{"DISPLAY"}, "unix:/tmp/.X11-unix/X0", nil),
 			call("stat", stub.ExpectArgs{"/tmp/.X11-unix/X0"}, (*stubFi)(nil), os.ErrNotExist),
 		}, newI().
-			ChangeHosts("#1000009"), nil, nil, insertsOps(nil), []stub.Call{
+			ChangeHosts("#10009"), nil, nil, insertsOps(nil), []stub.Call{
 			// this op configures the container state and does not make calls during toContainer
 		}, &container.Params{
 			Ops: new(container.Ops).
@@ -84,7 +84,7 @@ func TestSpX11Op(t *testing.T) {
 			call("stat", stub.ExpectArgs{"/tmp/.X11-unix/X0"}, (*stubFi)(nil), nil),
 		}, newI().
 			UpdatePermType(hst.EX11, m("/tmp/.X11-unix/X0"), acl.Read, acl.Write, acl.Execute).
-			ChangeHosts("#1000009"), nil, nil, insertsOps(nil), []stub.Call{
+			ChangeHosts("#10009"), nil, nil, insertsOps(nil), []stub.Call{
 			// this op configures the container state and does not make calls during toContainer
 		}, &container.Params{
 			Ops: new(container.Ops).
@@ -107,7 +107,7 @@ func TestSpX11Op(t *testing.T) {
 			call("stat", stub.ExpectArgs{"/tmp/.X11-unix/X0"}, (*stubFi)(nil), nil),
 		}, newI().
 			UpdatePermType(hst.EX11, m("/tmp/.X11-unix/X0"), acl.Read, acl.Write, acl.Execute).
-			ChangeHosts("#1000009"), nil, nil, insertsOps(nil), []stub.Call{
+			ChangeHosts("#10009"), nil, nil, insertsOps(nil), []stub.Call{
 			// this op configures the container state and does not make calls during toContainer
 		}, &container.Params{
 			Ops: new(container.Ops).

internal/store/store.go

@@ -136,7 +136,7 @@ func (s *Store) Segments() (iter.Seq[SegmentIdentity], int, error) {
 				si.Err = &hst.AppError{Step: step, Err: err,
 					Msg: "skipped non-identity entry " + strconv.Quote(ent.Name())}
 				goto out
-			} else if v < hst.IdentityMin || v > hst.IdentityMax {
+			} else if v < hst.IdentityStart || v > hst.IdentityEnd {
 				si.Err = &hst.AppError{Step: step, Err: syscall.ERANGE,
 					Msg: "skipped out of bounds entry " + strconv.Itoa(v)}
 				goto out

internal/store/store_test.go

@@ -339,7 +339,7 @@ func TestStoreAll(t *testing.T) {
 
 			{ID: (hst.ID)(bytes.Repeat([]byte{0xfe}, len(hst.ID{}))), PID: 0xbed, ShimPID: 0xfff, Config: func() *hst.Config {
 				template := hst.Template()
-				template.Identity = hst.IdentityMax
+				template.Identity = hst.IdentityEnd
 				return template
 			}(), Time: time.Unix(0, 0xcafebabe0)},
 			{ID: (hst.ID)(bytes.Repeat([]byte{0xfc}, len(hst.ID{}))), PID: 0x1bed, ShimPID: 0x1fff, Config: func() *hst.Config {