[Fedora-packaging] Re: User IDs in Core packages?
Axel Thimm
Axel.Thimm at ATrpms.net
Thu Feb 1 13:28:31 UTC 2007
On Thu, Feb 01, 2007 at 03:17:50PM +0200, Sarantis Paskalis wrote:
> On Thu, Feb 01, 2007 at 01:03:19PM +0100, Axel Thimm wrote:
> > On Thu, Feb 01, 2007 at 01:18:52PM +0200, Sarantis Paskalis wrote:
> > > Is there any recommendation for mandating/enforcing/changing etc. user
> > > IDs in (previously) Core packages? There are some rpm packages in the
> > > upcomming merge that hardcode a specific UID in the specfile to use (I
> > > was looking at privoxy, which hardcodes the number 73).
> >
> > Hardcoding is OK, if the user/group has made it into the official list
> > which is /usr/share/doc/setup-*/uidgid. In there privoxy has indeed
> > the uid/gid of 73.
>
> Thanks for the pointer. I didn't know its existence. One issue that
> arises now is whether a merge of
> http://fedoraproject.org/wiki/PackageUserRegistry and this file
> (/usr/share/doc/setup-*/uidgid) is to be considered.
These are very different objects, the uidgid are fixed, absolute
uids/gids, while the wiki URL above is for the floating model of
adding uids/gids (e.g. there is some per-machine settable value that
is added).
Personally I strongly recommend against using the floating model,
because
a) the added base value is arbitrary
b) any change after the first install of the helper tool of this base
value will break all previous installs using this method
c) it isn't transparent to the user (admin) that some upper part of
his uid/gid space is reserved for this method, so he may be
accidentially using it.
--
Axel.Thimm at ATrpms.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-packaging/attachments/20070201/6618bdea/attachment.sig>
More information about the Fedora-packaging
mailing list