Gentoo Archives: gentoo-dev

From: "Michał Górny" <gentoo@××××××××××.pl>
To: gentoo-dev@l.g.o
Subject: [gentoo-dev] A policy to support random superuser account names
Date: Fri, 30 Apr 2010 18:06:36
Message-Id: 20100430200726.298ae94c@pomiot.lan
1 Hello,
3 I would like to put an emphasis on the fact that many eclasses
4 and ebuilds in gx86 are relying on an assumption that the superuser
5 account is always supposed to be named 'root'.
7 In fact, no such constraint exists. Although most users will never even
8 think of changing the superuser account name, it is perfectly legit
9 to do so, and to use any name for that account. Moreover, it is
10 perfectly legit to name an unprivileged user 'root' too.
12 Thus, the above assumption is clearly incorrect and may result in many
13 issues with ebuilds using it. These range from builds failing because
14 of chown 'invalid user' error to packages being installed with
15 incorrect file ownership.
17 From what I've heard already, similar problem has hit Gentoo/*BSD users
18 already, with superuser group not being named 'root'. Although some
19 files were fixed to properly use numeric GID in the specific case,
20 no UID-related changes were done.
22 Moreover, not all developers agree with the case being an issue,
23 and they even refuse patches clearly fixing it [1]. Thus, I guess that
24 a clear policy regarding referencing the superuser account should be
25 enforced.
27 In my opinion, that policy should clearly indicate that the numeric
28 UID/GID should be always used for referencing the superuser account
29 as they are fixed unlike the names.
31 [1]
33 --
34 Best regards,
35 Michał Górny
37 <>
38 <xmpp:mgorny@××××××.ru>


File name MIME type
signature.asc application/pgp-signature