1 |
On Friday 16 May 2008, King Spook wrote: |
2 |
> I was looking at my users and groups on my box, and I realized that |
3 |
> certain services add user accounts with specific UIDs, but then just |
4 |
> gets the next GID for it's corresponding group. I know I, |
5 |
> personally, would like to have the UIDs and GIDs match (and I spent |
6 |
> the time with usermod, groupmod, and find fixing it so it was). |
7 |
> |
8 |
> I was wondering if there was any policy for this (and if so, should I |
9 |
> file bugs?), and how other people felt about this, and if there was |
10 |
> any reason not to have the UIDs and GIDs correspond. |
11 |
|
12 |
The reason is simple - it doesn't matter and you shouldn't concern |
13 |
yourself with such detail. uids map to usernames so that you can |
14 |
concentrate on meaningful names rather than meaningless 16 bit |
15 |
integers... |
16 |
|
17 |
There isn't a one-to-one correspondence between users and groups because |
18 |
this is usually pointless, and because of the following entirely |
19 |
realistic (but made up by me) type of scenario: |
20 |
|
21 |
postfix runs as the postfix user |
22 |
postfixadmin runs as the postfixadmin user |
23 |
mailscanner and spamassassin run as the mailscan user |
24 |
|
25 |
all three daemon users have the "mail" group as their primary group. |
26 |
|
27 |
At this point you have lost the synchronization between uid and gid |
28 |
sequencing and have to insert two blank groups to get it back. This is |
29 |
so grossly inelegant it defies description, utterly completely |
30 |
pointless and a total waste of dev time. |
31 |
|
32 |
Some of these accounts are defined in baselayout - the ones that can |
33 |
reasonably be assumed to be needed on almost all machines. The rest |
34 |
result from useradd/groupadd calls from the ebuild, which simply take |
35 |
the next one in sequence. |
36 |
|
37 |
The only broken app I have worked with in ages that required me to look |
38 |
up a uid/gid for it's config was postfixadmin, for all others I simply |
39 |
used the user/group name, which is totally sensible. |
40 |
|
41 |
By all means file a bug, but be aware Jakub will probably close it |
42 |
immediately as NOTABUG or WONTFIX |
43 |
|
44 |
-- |
45 |
Alan McKinnon |
46 |
alan dot mckinnon at gmail dot com |
47 |
|
48 |
-- |
49 |
gentoo-user@l.g.o mailing list |