[Fedora-packaging] packages which add user accounts: is fedora-usermgmt the way?
Matthew Miller
mattdm at mattdm.org
Sun Jul 3 13:43:34 UTC 2005
On Sun, Jul 03, 2005 at 12:08:32PM +0200, Enrico Scholz wrote:
> > for Fedora Extras packages. We could make it start at 300 to be less
> > likely to conflict with random "useradd -r" done earlier.
> Assigning fixed IDs in this range would violate LSB which states
>
> | The system User IDs from 100 to 499 should be reserved for dynamic
> | allocation by system administrators and post install scripts using
> | useradd.
> [http://www.linuxbase.org/spec//book/LSB-generic/LSB-generic/uidrange.html]
Well, that leaves us with stuffing Extras system UIDs into 0-99, or
violating the above-500 space, which is worse. Note that the LSB doesn't say
"must" -- it says "should", so it's a recommendation, not a requirement.
Since we've got a need that's not really covered, goint against this
recommendation is better than having the worse problem of dynamic system IDs
(a nightmare for upgrades and for enterprise deployment).
> That's why it would be a bad idea when Fedora Extras claims fixed UIDs
> there. I agree with you that every large organisation has its assigned
> UID ranges and it will not be possible to find a free range which can be
> assigned to Fedora Extras.
>
> Perhaps we could find such a range in the 32bit UID space which is allowed
> by Linux; but I am not sure whether we cause portability problems.
OpenAFS makes this same (wrong) assumption that the higher numbers present
some sort of unused dumping ground. The 32-bit UID space isn't a bunch of
secret numbers for fun to play with. It's needed because some places
actually require that many accounts. Let's not go there.
--
Matthew Miller mattdm at mattdm.org <http://www.mattdm.org/>
Boston University Linux ------> <http://linux.bu.edu/>
Current office temperature: 77 degrees Fahrenheit.
More information about the packaging
mailing list