| 1 |
...or you could simply replace the default eid.passwd file with one in |
| 2 |
your /etc/portage directory to reflect your company's "proper" UID/GID |
| 3 |
usage. It makes much more sense to have portage conform to your system |
| 4 |
in this way than to take the time/energy to create yet another almost |
| 5 |
unused feature. I don't mean to say this to insult at all. I just |
| 6 |
think the better method for anything of this type is to have a default |
| 7 |
that portage uses, which works for the masses, but can be overridden by |
| 8 |
files in /etc/portage (such as package.mask, package.unmask). It makes |
| 9 |
for a cleaner approach IMHO. |
| 10 |
|
| 11 |
On Thu, 2004-01-29 at 12:55, splite-gentoo@××××××××××××××××.edu wrote: |
| 12 |
> On Thu, Jan 29, 2004 at 08:18:11AM -0800, Max Kalika wrote: |
| 13 |
> > Quoting splite-gentoo@××××××××××××××××.edu: |
| 14 |
> > |
| 15 |
> > > In our case, our account database is shared among Solaris, IRIX, Mac OS X, |
| 16 |
> > > BSD, and Linux boxes, so I can't have ebuilds using static ID numbers, as |
| 17 |
> > > there's a good chance they're already in use. |
| 18 |
> > |
| 19 |
> > This is all the more reason to have static UIDs/GIDs. I have all user |
| 20 |
> |
| 21 |
> "I can't eat eggs because I'm allergic." |
| 22 |
> |
| 23 |
> "All the more reason to eat eggs!" |
| 24 |
> |
| 25 |
> > accounts in mysql with UIDs and GIDs starting at 2000, however if I go |
| 26 |
> > install something that requires a system account which is not in |
| 27 |
> > baselayout's passwd or group file, this new account gets the the next |
| 28 |
> > available UID (i.e. proftpd is now running as 2203). Not cool. However, |
| 29 |
> > if it is explicit that all UIDs below, say, 500 are to be reserved for the |
| 30 |
> > system, and enewuser looks up the UID in PORTDIR/profiles/eid.passwd, the |
| 31 |
> > whole process of creating users is controlled and predictable. |
| 32 |
> |
| 33 |
> Only in the case where all your machines are Gentoo boxes. The uid you |
| 34 |
> just plucked out of eid.passwd may already be used by another OS for an |
| 35 |
> entirely different purpose. Now your sshd is running with httpd's uid, |
| 36 |
> or worse, as a non-system user because, say, Solaris only considers uids |
| 37 |
> under 250 to be system accounts. |
| 38 |
> |
| 39 |
> We have user and system account entries that predate Linus' first kernel. |
| 40 |
> We're certainly not going to chown all their files on hundreds of machines |
| 41 |
> (plus the backup tapes) just to conform to what Gentoo's idea of system |
| 42 |
> accounts should be. I don't think anyone else deploying Gentoo into an |
| 43 |
> existing Unix environment would warm to the idea either. |
| 44 |
> |
| 45 |
> > There are difficulties with other OSes, of course (Daniel referred to |
| 46 |
> > MacOSX in the bug that deals with this issue.) I don't know if it would be |
| 47 |
> > easier to try to solve all these problems ahead of time or come up with a |
| 48 |
> > solution for the "wider audience" now and try to convert later. |
| 49 |
> |
| 50 |
> It's not really a huge undertaking to provide a switch that lets folks do |
| 51 |
> their account management themselves if they need to. I'm not asking that |
| 52 |
> ebuilds should automagically know how to update my NIS maps or talk to your |
| 53 |
> MySQL server. |
| 54 |
> |
| 55 |
> -- |
| 56 |
> gentoo-dev@g.o mailing list |
| 57 |
-- |
| 58 |
Chris Gianelloni |
| 59 |
Developer, Gentoo Linux |
| 60 |
Games Team |
| 61 |
|
| 62 |
Is your power animal a pengiun? |
Archives