On Sat, May 12, 2007 at 12:52:05PM +0300, Ville Skyttä wrote: > On Saturday 12 May 2007, Axel Thimm wrote: > > On Sat, May 12, 2007 at 12:18:09PM +0300, Ville Skyttä wrote: > > > On Friday 11 May 2007, Axel Thimm wrote: > > > > "If you think that your package really requires allocation of global > > > > static uids/gids (because you need to hardwire these values into the > > > > binaries) then contact <the maintainer of "setup"? the fpc? fesco?> > > > > and ask for such an allocation. Only very few packages require a > > > > global static uid/gid, so verify that you indeed need one before > > > > contacting <>". > > > > > > Adding users/groups to the "setup" package in the distro is an upgrade > > > problem - /etc/passwd and friends will end up as *.rpmnew > [...] > > We wouldn't change anything in today's procedures, we're just writing > > them down. > > Note that your phrasing above mentions contacting the maintainer of the setup > package. This implies to me as if adding users/groups to the distro setup > package would be a possibility. That's certainly not today's procedure - > there has been no user additions to /etc/passwd since RHL 6.2 (maybe even > earlier?), and only the "lock" group was added to /etc/group in 7.2, > otherwise no new groups in it since RHL 6.2 either. Yes, you are right, but still passwd changed as well for other reasons like the passwd field of root or home of news. So while this package is being held rather stable (and it will continue to, we are discouraging static uids if there is not a real need for one) there are changes made to the files of this package. OTOH the content of passwd are *always* modified in post install (all passwd fields are x'd), so you never get a passwd upgrade, which is a really bad mechanism of the "setup" package, IMHO. Can we assume that the uid/gids < 100 were always considered sacred to the users, e.g. only to be set/modified by the vendor and not misused for local purposes? In other words, can we assume that these uid/gid are under the authority of the "setup" package? If we can answer this with yes (which IMHO we should), then we can have "setup" upgrade passwd/group by removing all uid/gid < 100 in the files found on the system and insert its fresh ones. This would not only solve the issues at hand, but is an important mechanism to have in place for the "setup" package in general. -- Axel.Thimm at ATrpms.net
Attachment:
pgpGNc8JnoUDn.pgp
Description: PGP signature
-- Fedora-packaging mailing list Fedora-packaging@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-packaging
