On Thu, 2007-06-14 at 10:41 +0200, Ralf Corsepius wrote: > On Wed, 2007-06-13 at 23:45 -0500, Tom "spot" Callaway wrote: > > I'm not quite sure I'm ready to bring this to the FPC for a vote, but > > I've been working on a modified version of Ville's draft: > > > > http://fedoraproject.org/wiki/TomCallaway/UsersAndGroupsDraft > > > > While this is more complicated, I think it more adequately covers the > > corner cases of adding users and groups. Thoughts? > > I am not convinced by your classification of cases: > <citation> > * The user/group does not exist on the system > * The user/group exists from a previous package creating it > * The user/group is a normal user, overlapping the namespace (e.g. > amanda) > * The user/group is pre-created by the administrator with a > specific UID/GID > <citation/> > > IMO, this is only covers small subset of > > * user/group does/does not exist on the system > * user/group has a privileged/non-privileged uid/gid > * user/group needs a privileged uid/gid > * user/group needs a fixed/doesn't need a fixed uid/gid > * user/group is meant to be used locally/network-wide If the user exists, do we care (from a package perspective) what the UID/GID is? I'd argue that we do not, as long as we can determine whether we added it in a previous update or it came from some other source. The user/group registries provide that functionality. If the user/group needs a privileged UID/GID, the admin should add it in advance. If the user/group needs a fixed UID/GID, the admin should add it in advance. If the user/group is meant to be used network-wide, the admin should add it in advance. A possible improvement I could see would be to change the tool to ask pam if the user exists, as opposed to simply looking in /etc/passwd, /etc/group, as that would better cover network user conflicts. ~spot -- Fedora-packaging mailing list Fedora-packaging@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-packaging
