Jun 14, 2026 08:21:17 Salvatore Bonaccorso <[email protected]>: > Hi Chris, > > On Fri, Jun 12, 2026 at 02:19:20PM +0200, Chris Hofstaedtler wrote: >> On Wed, Apr 30, 2025 at 06:02:52PM +0200, Salvatore Bonaccorso wrote: >>> Hi, >>> >>> On Fri, Apr 25, 2025 at 03:10:10PM +0000, Moritz Mühlenhoff wrote: >>>> On Wed, Apr 23, 2025 at 05:04:22PM -0500, Serge E. Hallyn wrote: >>>>> On Tue, Apr 22, 2025 at 09:46:14PM +0200, Chris Hofstaedtler wrote: >>>>>> … >>>>> >>>>> Maybe debian changelog? >>>> >>>> Or maybe simply add a note in the existing README.Debian? >>> >>> In my opinion if it can be added to upstream documentation that would >>> be ideal, but agree that for Debian purposes otherwise we can add a >>> note on the problem to the README.Debian (or both in the end). >>> >>> Chris, what do you think with you maintainer hat on here? >> >> I was hoping there would be some upstream activity on this. >> Unfortunately https://github.com/shadow-maint/shadow/issues/1157 >> seems completely stalled. >> >> Not sure it makes sense to keep tracking this. > > I asked in > https://github.com/shadow-maint/shadow/issues/1157#issuecomment-4701723167 > . I would say if there is no plan to otherwise handle it upstream with > a documentation update then it might be still worth as Moritz suggested > to a Debian specific README.Debian and be done with it. > > Regards, > Salvatore
I'm open to a note in the subid manpages. IMO in a zero trust architecture and with the ability to uid shift vfsmounts this is mostly a lazy regulator problem, but as I have seen the same issue in my workplace, i am sympathetic and have no issues with a balanced, brief discussion of the issue and ramifications there. Subuid manpage seems the best place, but I'm open to other suggestions. -serge
