1 |
Hi, |
2 |
|
3 |
On 2019/11/10 20:21, Michael Orlitzky wrote: |
4 |
> On 11/10/19 12:36 PM, Jaco Kroon wrote: |
5 |
>> What's the motivation for trying to match the UID and GID values from |
6 |
>> other distributions? |
7 |
>> |
8 |
>> I previously tried to motivate a "purely dynamic" allocation with -1, |
9 |
>> I'm showing this as an example where such an implementation would once |
10 |
>> more be beneficial. |
11 |
>> |
12 |
> When sharing resources between multiple systems, you need some sort of |
13 |
> centralized identity management. You can put the users in LDAP, for |
14 |
> example, and then force everything to authenticate against that. But, |
15 |
> doing that right is complicated, and is overkill if you just want to |
16 |
> share some files between two machines. |
17 |
> |
18 |
> Having fixed UIDs and GIDs on all Gentoo systems gives you an easy way |
19 |
> to centralize that identity management: in portage, where the IDs are |
20 |
> hard-coded. Once GLEP81 has been implemented tree-wide, users can trust |
21 |
> that (on new installs, at least), every system user and group will have |
22 |
> the same ID. That gives you a simple way to e.g. mount shared apache |
23 |
> resources without having to learn LDAP. |
24 |
> |
25 |
> If our IDs agree with other distributions, then to the extent possible, |
26 |
> the same thing works cross-distro. |
27 |
> |
28 |
> We don't allow dynamic UIDs because it defeats this whole concept. You |
29 |
> might not care what the ID is, but some of your users will. |
30 |
|
31 |
Happy. That makes sense. |
32 |
|
33 |
May I proceed to use UID+GID 242 then for asterisk? |
34 |
|
35 |
Seeing that 42 is apparently off limits by the above argument, and 142 |
36 |
could theoretically also end up being problematic. |
37 |
|
38 |
Kind Regards, |
39 |
Jaco |