Gentoo Archives: gentoo-dev

From: Michael Orlitzky <mjo@g.o>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] RFC acct-{user,group} for asterisk
Date: Sun, 10 Nov 2019 18:22:00
In Reply to: Re: [gentoo-dev] RFC acct-{user,group} for asterisk by Jaco Kroon
1 On 11/10/19 12:36 PM, Jaco Kroon wrote:
2 >
3 > What's the motivation for trying to match the UID and GID values from
4 > other distributions?
5 >
6 > I previously tried to motivate a "purely dynamic" allocation with -1,
7 > I'm showing this as an example where such an implementation would once
8 > more be beneficial.
9 >
11 When sharing resources between multiple systems, you need some sort of
12 centralized identity management. You can put the users in LDAP, for
13 example, and then force everything to authenticate against that. But,
14 doing that right is complicated, and is overkill if you just want to
15 share some files between two machines.
17 Having fixed UIDs and GIDs on all Gentoo systems gives you an easy way
18 to centralize that identity management: in portage, where the IDs are
19 hard-coded. Once GLEP81 has been implemented tree-wide, users can trust
20 that (on new installs, at least), every system user and group will have
21 the same ID. That gives you a simple way to e.g. mount shared apache
22 resources without having to learn LDAP.
24 If our IDs agree with other distributions, then to the extent possible,
25 the same thing works cross-distro.
27 We don't allow dynamic UIDs because it defeats this whole concept. You
28 might not care what the ID is, but some of your users will.


Subject Author
Re: [gentoo-dev] RFC acct-{user,group} for asterisk Jaco Kroon <jaco@××××××.za>