1 |
Quoting splite-gentoo@××××××××××××××××.edu: |
2 |
|
3 |
> In our case, our account database is shared among Solaris, IRIX, Mac OS X, |
4 |
> BSD, and Linux boxes, so I can't have ebuilds using static ID numbers, as |
5 |
> there's a good chance they're already in use. |
6 |
|
7 |
This is all the more reason to have static UIDs/GIDs. I have all user |
8 |
accounts in mysql with UIDs and GIDs starting at 2000, however if I go |
9 |
install something that requires a system account which is not in |
10 |
baselayout's passwd or group file, this new account gets the the next |
11 |
available UID (i.e. proftpd is now running as 2203). Not cool. However, |
12 |
if it is explicit that all UIDs below, say, 500 are to be reserved for the |
13 |
system, and enewuser looks up the UID in PORTDIR/profiles/eid.passwd, the |
14 |
whole process of creating users is controlled and predictable. We can |
15 |
probably go as far as mucking repoman to check that enew{user,group} calls |
16 |
are referencing "known" users and groups, and prevent commits which fail |
17 |
this restriction. (Just a thought). |
18 |
|
19 |
There are difficulties with other OSes, of course (Daniel referred to |
20 |
MacOSX in the bug that deals with this issue.) I don't know if it would be |
21 |
easier to try to solve all these problems ahead of time or come up with a |
22 |
solution for the "wider audience" now and try to convert later. |
23 |
|
24 |
-- |
25 |
max kalika |
26 |
.. public key: http://www.gentoo.org/~max/max.asc |
27 |
.. fingerprint: 2D59 74B5 8785 3C22 74F2 87B0 6DD4 E810 CBC3 AB79 |