rc040203@xxxxxxxxxx (Ralf Corsepius) writes: >> > I fail to see why system accounts should be shared across networks and >> > why there is any need to force unique UIDs on them. >> >> ok, some examples: >> >> * 'vdr' and 'vdradmin' (from livna) are running on different hosts as >> the 'vdr:video' user. Both share configuration files and data which is >> exported by NFS > Then these UID/GIDs probably better should be ordinary uids, instead of > system-user ids. These users are created by an rpm, this package contains files owned by them and they are set in global configuration files. So, they must be system accounts. >> * some data in a shared filesystem which shall be read by apache only >> but not by other users -> all affected machines will need the same >> uid/gid for apache > To me this is a classical case of a customized network setup. It's the > admin's responsibility to synchronize the uids. There is no way to see whether an rpm package creates an account or to determine the parameters of this account. >> * it is confusing and unesthetically when users are having different >> identities > Let me turn this coin around: You are trying to be stylish and seem to > be trying to project your personal conventions to the public. > > You are missing: > * These points are irrelevant in heterogenious networks. Each OS has > different conventions, so any convention is always somehow wrong and > requires hand-crafting. The uid/gid concept exists on all Posix compliant systems. 'fedora-usermgmt' would work fine e.g. on Solaris also. > * Using fixed uids unnecessarily restricts the number of available uids. > You will sooner or later face the problems of all fixed-table based > configuration approaches. I do not expect that the number of registered UIDs reaches a range where this is critical. And when you have really an environment without a free range of perhaps 1000-2000 uids, then write your own 'fedora-usermgmt' backend which calculates the resulting UID in a clever way. >> It is easy to create users with predictable uids and fedora-usermgmt >> offers a simple method doing this. I am not aware of any drawbacks, >> it solves the problem of unpredictable uids and without explicit >> configuration it is transparent to users because it has the same >> behavior as plain 'useradd' then. So I do not see reasons why it >> should not be used. > > Frankly speaking, I am no friend of fedora-usermgmt. To the same extent > it might help you, it interferes with my demands. Where does it interferes with your demands? When you did nothing (used fedora-usermgmt out-of-the-box), there is no difference to the plain 'useradd'. When you did something, you did it wrong perhaps or encountered a bug in fedora-usermgmt. Enrico -- Fedora-packaging mailing list Fedora-packaging@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-packaging
