On 26 Jan 2024 09:21 -0500, from mst...@debian.org (Michael Stone): > In fact > the trend is more toward ephemeral runtime allocation rather than hardcoding > persistent IDs as more services/subsystems are designed to run in isolation.
Not only that, but also without persisting data to disk themselves. They might not be entirely stateless (for some, that's not even a reasonable aim; a completely stateless MTA would be of little use in practice, for example), but state persistence - and to some extent also configuration - is more and more often offloaded to, concentrated within and/or funneled through _another_ service. When there is nothing to persist to stable storage, persistent values for uid/gid becomes largely irrelevant precisely because everything can be (and often is) rebuilt from various images, whether binary executable or source code. All that remains is process isolation within the running operating system instance. I agree that this is a "solution in search of a problem" or x-y type of question. If you tell us about the _ultimate_ goal and maybe what software is involved, there's a good chance that someone can suggest an actual solution which works well in today's software ecosystem. Some reasonable suggestions have already been mentioned. -- Michael Kjörling 🔗 https://michael.kjorling.se “Remember when, on the Internet, nobody cared that you were a dog?”
