Simo Sorce <ssorce@xxxxxxxxxx> writes: >> > Why do we need fixed uids at all? is it so difficult to use >> > getpwnam() ?? >> >> Most filesystems store only the uid/gid, not the name of a user. > > Do you read what people write at all? yes > Do you know what getpwnam() do ? yes; getpwnam(3) works in userspace while permission checks in the filesystem are a kernel thing (which knows nothing about getpwnam(3)). > If I specify 2 different ranges on 2 machines Why would you do this? Just to prove that fedora-usermgmt is shit? coreutils are shit too. I can destroy my system with a simple 'rm -rf /'! >> 'fedora-usermgmt' is completely transparent transparent: either you know >> about it and use it, or it behaves like a plain 'useradd'. > > Do you realize this phrase means exactly that: > fedora-usermgmt == useradd > for all practical purposes ? No; there are existing installations with activated predictable-mode. Hence, 'all' is wrong. > I think it is even a danger for who is aware of it. What happen to > your scheme if you reserve 5000-6000 and then it happens that adding > normal users you end up going over that space? Any application that > rely on fedore-usermgmt at that point will break as it will try to use > normal user's uid/gids ... Without being the 640k guy, I think that the currently suggested window size of 500-1000 is enough for the next years. Nevertheless, when we really come over this limit an administrator can map hint-ids > 1000 into another window. Some sanity checks can be added to 'fedora-usermgmt' e.g. to abort or fallback when hint-id > 500 and there is no file /etc/fedora/hints-above-500-are-ok. Enrico
Attachment:
pgphug26mr7nA.pgp
Description: PGP signature
-- Fedora-maintainers mailing list Fedora-maintainers@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers
-- Fedora-maintainers-readonly mailing list Fedora-maintainers-readonly@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers-readonly