On Fri, Mar 09, 2007 at 01:31:13PM +0100, Michael Schwendt wrote:
Predictable means you can keep the uid/gid constant,
in a floating window.
"Constant" is the definition of a fixed uid. If there is need for a
fixed uid, ask for one (yes, there _seems_ to be currently no space, but
that is another issue), if not use useradd -r.
but still have an influence on where that is within your range of
values. Everytime you install a package again on a machine under
control of a configured fedora-usermgmt, the package allocates the
same uid/gid.
sure - oops, the admin forgot to configure fedora-usermgmt on machine
number 23. Now all uid/gid are messed up.
That's an extremly fragile design, and if it even involves using these
uid/gid in a security context a very fragile security setup.
From any POV I look at it, this design is flawed ...
The only alternative is useradd -u/groupadd -g with a larger range
of
uids/gids from which to occupy values per program per distribution.
As Enrico pointed out: You need to adjust or violate the LSB.
But we're fixing an issue which is none. I'm rather convinced that all
packages using fedora-usermgmt don't need fixed uids. Or at least
present a counter-example, where a package needs it. And then please
explain how it can need a fixed uid/gid and still have survived that
long in the fedora-usermgmt-defaults-to-useradd-r setup.
We're really just vapour-talking. fedora-usermgmt "fixes" something
that wasn't broken to begin with, and the fix is more broken than
anything we try to suggest fedora-usermgmt would be able to fix.
--
Axel.Thimm at
ATrpms.net