1 |
On 01/29/2017 12:22 PM, A. Wilcox wrote: |
2 |
> -----BEGIN PGP SIGNED MESSAGE----- |
3 |
> Hash: SHA256 |
4 |
> |
5 |
> On 29/01/17 11:05, Michael Orlitzky wrote: |
6 |
>> On 01/29/2017 03:26 AM, Alan McKinnon wrote: |
7 |
>>>> |
8 |
>>>> Can anyone think of an upgrade path for fixed UIDs? That issue |
9 |
>>>> aside, I may have convinced myself that fixed UIDs are better. |
10 |
>>> |
11 |
>>> The general process I would recommend is that if the ebuild finds |
12 |
>>> the user already exists, leave it, it's UID and it's file |
13 |
>>> ownerships alone, and keep them as they are. If the user does not |
14 |
>>> exist then create it. |
15 |
>> |
16 |
>> That's what I've got it doing now... |
17 |
>> |
18 |
>> |
19 |
>>> Preferably use a pre-assigned UID/GID so there is some |
20 |
>>> consistency with most other Gentoo things out there. |
21 |
>> |
22 |
>> This is the only point we have left to consider. To recap, there |
23 |
>> are three approaches to try: |
24 |
>> |
25 |
>> 1 Truly fixed IDs. Every user gets the UID it wants, or it doesn't |
26 |
>> get created. The UIDs are all determined beforehand. |
27 |
>> |
28 |
>> 2 Mostly random UIDs, and the few packages that need to specify |
29 |
>> one can do so. Usually installation will never fail, but if some |
30 |
>> user specifies a particular UID and doesn't get it, we die(). |
31 |
>> |
32 |
>> 3 Mostly fixed UIDs, but with a fallback to random ones if you |
33 |
>> don't get the UID you want. Here, everyone specifies their |
34 |
>> "preferred" UID, and we try that first. If it doesn't work, you get |
35 |
>> the random assignment. |
36 |
> |
37 |
> |
38 |
> You could easily start with #3, and after some years, move to #1. |
39 |
|
40 |
Yep. But, why can't (1) be selectable (now) as part of a profile, |
41 |
once that discussion on profiles is formalized into a pathway forward? |
42 |
|
43 |
|
44 |
> Anyone with a 20 year old Gentoo install (by that time) should expect |
45 |
> to have to do very heavy lifting. |
46 |
|
47 |
Just leave them alone for now, as gentoo systems can now have different |
48 |
gid/uid mappings. Migration strategies will emerge over time. We'd need |
49 |
some mechanism to determine if a given package attempts to set a |
50 |
contrarian uid/gid. Perhaps a flag for those packages could address |
51 |
uid/gid conflicts going forward in a one-off solution? |
52 |
|
53 |
|
54 |
> I for one am more than willing to do whatever shell commands necessary |
55 |
> to make all my Gentoo installs agree on UIDs and get #1 now, but I |
56 |
> realise most people are not. |
57 |
|
58 |
YES! I think after (1) is finalized, it should be part of the handbook |
59 |
installation as a default, but selectable. That way the migration |
60 |
is gently fast-tracked. Matching up with Debian, is a really good idea, |
61 |
as long as nothing is conflated by systemd. |
62 |
|
63 |
> - --arw |
64 |
|
65 |
|
66 |
hth, |
67 |
James |
68 |
|
69 |
> |
70 |
> - -- |
71 |
> A. Wilcox (awilfox) |
72 |
> Project Lead, Adélie Linux |
73 |
> http://adelielinux.org |
74 |
> -----BEGIN PGP SIGNATURE----- |
75 |
> Version: GnuPG v2 |
76 |
> |
77 |
> iQIcBAEBCAAGBQJYjiTOAAoJEMspy1GSK50UCgYP/j7zBRAiL6w7fACER+A+J/3x |
78 |
> keXe4OsBzlNsUxqC+BrQ/Y9tCSJnIHRIs6ozQCgEdfAKJfkLqkSmKAY3O3RT+mho |
79 |
> VzjUCibftf/UNGOnFf6BqXCeBEjtV1YA7URlYumNyHxdG/AFIICWYFSSTLwzJoR1 |
80 |
> 91wqJmbcUI3LtQXoXodaYC2nbUWvcbO8RyxpDmxZ33L8xj1lAgpuFNcdEs+Rscxp |
81 |
> oDK4zJC/K8wUYTUR2YO1Lb3lPF6qgJbMcX0YpQaXIGeYA2PXf4O+LqTXmGNr4O9r |
82 |
> DFM3dbPgq2YPuHORACUY5YsmPBjHiaJlgzJo2WrhnIc2D1MPhA430Xlloiua3kF9 |
83 |
> G7yqkz7mhBtJFrExoQ2MrtXMB5vwDUZ+3qrBzx/cKfxpSzsRck5NZ27eWK0oEpg2 |
84 |
> fAUFJT7iIwSD3WyLkQbc2HHQ5nnTlnrBHM56YgCIPgz1Y4aNSB7hA+tCfQj4CNZC |
85 |
> Y25d9VzBM2KclASiH6ROQLK5EyU0joMtZvTRx89b8SJV+AebLeaWtCsGe41KeF/W |
86 |
> iDSnPGXtKRLYZtdebxGCXZwbaUVCRu/cIH2TXMpWDjm0iw3GoFZ6jiLveRCns59U |
87 |
> UecZNQph5tPc/HBX2zCTTmH3jNfifSfb525aHVnUSVlyTWa8SQzw2jlnOuAkI33q |
88 |
> 8MY5++CHplEPGVCvYMrc |
89 |
> =99NE |
90 |
> -----END PGP SIGNATURE----- |
91 |
> |
92 |
> |
93 |
> |