On Thu, Sep 20, 2012 at 08:43:35AM -0600, Eric Blake wrote: > On 09/20/2012 07:31 AM, Marcelo Cerri wrote: > >>> possible ambiguities (since it is legal [although stupid] to have a user > >>> name consisting of all digits and worse having the name differ from the > >>> underlying uid), > > >> The other option (that I prefer more) would be to document this > >> behavior and leave it as proposed in this patch. Or maybe just > >> reverse the order of resolving so that the numerical parsing is done > >> before name parsing. > >> > >> If we warn the user, that specifying numerical values will result > >> into using them as UID and GID and strings being translated we > >> filter out the ambiguity by our design. > >> > >> I don't think it's worth spending this effort on such a weird corner case. > > > > I agree with Peter here. These ambiguities will be very rare and a > > well-documented behavior should be enough for this scenario. However > > reversing the order still can lead to ambiguities, because it's never > > possible to be sure if a sequence of digits is a username or not. But > > again, we just need to make this point clear in docs. > > The coreutils' solution in chown is that a name parse is attempted > before numeric parse, and that a leading '+' (which is not valid in > names) is the way to force a numeric parse. If anything, we should copy > that approach for consistency. I really like this approach. > > >>> except that what happens if I want to mix number and name between uid > >>> and gid? > >>> > >> > >> Mixing them will work in my approach presented here. > > You still didn't answer my bigger question - when migrating, do we care > about the case where the same user name has different uid on the two > machines, and if so, do we make it possible for the user to choose > between migrating with constant uid vs. migrating with constant name? > If we always parse names into uids up front, then we are preventing the > user from migration by name. With the current implementation, if names are given then names will be honored in a migration and if IDs are given then IDs will be honored. So, if a user has different IDs in different hosts and the seclabel was defined using names, the owner's uid will be replaced when this guest is migrated. > > -- > Eric Blake eblake@xxxxxxxxxx +1-919-301-3266 > Libvirt virtualization library http://libvirt.org > -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list