| 1 |
On 11/10/19 12:36 PM, Jaco Kroon wrote: |
| 2 |
> |
| 3 |
> What's the motivation for trying to match the UID and GID values from |
| 4 |
> other distributions? |
| 5 |
> |
| 6 |
> I previously tried to motivate a "purely dynamic" allocation with -1, |
| 7 |
> I'm showing this as an example where such an implementation would once |
| 8 |
> more be beneficial. |
| 9 |
> |
| 10 |
|
| 11 |
When sharing resources between multiple systems, you need some sort of |
| 12 |
centralized identity management. You can put the users in LDAP, for |
| 13 |
example, and then force everything to authenticate against that. But, |
| 14 |
doing that right is complicated, and is overkill if you just want to |
| 15 |
share some files between two machines. |
| 16 |
|
| 17 |
Having fixed UIDs and GIDs on all Gentoo systems gives you an easy way |
| 18 |
to centralize that identity management: in portage, where the IDs are |
| 19 |
hard-coded. Once GLEP81 has been implemented tree-wide, users can trust |
| 20 |
that (on new installs, at least), every system user and group will have |
| 21 |
the same ID. That gives you a simple way to e.g. mount shared apache |
| 22 |
resources without having to learn LDAP. |
| 23 |
|
| 24 |
If our IDs agree with other distributions, then to the extent possible, |
| 25 |
the same thing works cross-distro. |
| 26 |
|
| 27 |
We don't allow dynamic UIDs because it defeats this whole concept. You |
| 28 |
might not care what the ID is, but some of your users will. |
Archives