| 1 |
>>>>> On Wed, 05 Jun 2019, Michael Orlitzky wrote: |
| 2 |
|
| 3 |
> Should we require a mailing list review for new user/group packages? |
| 4 |
> It's difficult to modify a user once you've settled on a UID, home |
| 5 |
> directory, and shell; so it pays to get things right the first time. |
| 6 |
|
| 7 |
> The need is more apparent with fixed UIDs: if a popular package "steals" |
| 8 |
> a UID that some other package needs, then that other package is going to |
| 9 |
> be difficult or impossible to install (especially if it ultimately |
| 10 |
> depends on the popular package). |
| 11 |
|
| 12 |
> A mailing list review could elicit a "hey, my package NEEDS that UID, |
| 13 |
> and yours doesn't care" before it's too late. |
| 14 |
|
| 15 |
Policy requires such a review since a long time, at least for hardcoded |
| 16 |
user and group IDs: |
| 17 |
https://devmanual.gentoo.org/ebuild-writing/users-and-groups/ |
Archives