On Sat, Mar 10, 2007 at 01:34:09PM +0100, Enrico Scholz wrote: > Axel Thimm <Axel.Thimm@xxxxxxxxxx> writes: > > >> >> >> When a package/daemon writes files and/or reads files which are > >> >> >> protected by file permissions, it is a good candidate for fixed > >> >> >> uids. > > ... > > Ok, let's bite. Please name a couple that would be candiates for doing > > so. > > * The *milt* and defang users; they are using unix sockets shared between > several vservers. vservers and chroots? Is this what this is all about? I'd say whoever setups vservers and chroots *himself* and keeps different passwd/group files across them should be able to deal with this. And this is really a very, tiny, infinitesimal small group of users. > * fnord (http server), twiki, tclhttpd sounds like a candidate For what it's worth, most http content is not placed under ownership of apache or similar, but under a different user's id. So even here this would need further investigation. twiki for example places its contents in a versioned db, and I don't even know if it supports multiple concurrent frontends. I know mediawiki for example doesn't (and doesn't even need a uid of its own either). > 'fedora-usermgmt' deals both with users who must have predictable uids, > who need predictable uids under some circumstances and who never need > predictable uids (although: say never "never"). Its flaws (causes lot of > discussion, is proprietary, nobody else uses it) are of non-technical > nature and negligible and I do not see why it should not be used for all > users. That's your POV. Exactly a year ago there was the same discussion about it draining brain power and volunteer time. And if we don't get it resolved again, we'll be reevaluating this next year again. > > If there are *real* use cases for sharing data across machines the > > packager should request a fixed uid/gid. > > I am really in doubt that the remaining free entries < 100 are enough. And > when can a uid be reserved there? When there is at least 1 installation > which needs a predictable uid, when there are 10, 100, 1000? Since we can't count it, it needs to be weighted on a case by case basis. But keep in mind, that we passed the 2 mio marker, so even 1000 users make 0.05%, and I doubt that 1000 users are even aware of fedora-usermgmt. I guess the number of admins using this mechanism is far less than 100, maybe even only you. ;) -- Axel.Thimm at ATrpms.net
Attachment:
pgp2SmTHYndGZ.pgp
Description: PGP signature
-- Fedora-maintainers mailing list Fedora-maintainers@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers
-- Fedora-maintainers-readonly mailing list Fedora-maintainers-readonly@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers-readonly
