...or you could simply replace the default eid.passwd file with one in your /etc/portage directory to reflect your company's "proper" UID/GID usage. It makes much more sense to have portage conform to your system in this way than to take the time/energy to create yet another almost unused feature. I don't mean to say this to insult at all. I just think the better method for anything of this type is to have a default that portage uses, which works for the masses, but can be overridden by files in /etc/portage (such as package.mask, package.unmask). It makes for a cleaner approach IMHO.
On Thu, 2004-01-29 at 12:55, [EMAIL PROTECTED] wrote: > On Thu, Jan 29, 2004 at 08:18:11AM -0800, Max Kalika wrote: > > Quoting [EMAIL PROTECTED]: > > > > > In our case, our account database is shared among Solaris, IRIX, Mac OS X, > > > BSD, and Linux boxes, so I can't have ebuilds using static ID numbers, as > > > there's a good chance they're already in use. > > > > This is all the more reason to have static UIDs/GIDs. I have all user > > "I can't eat eggs because I'm allergic." > > "All the more reason to eat eggs!" > > > accounts in mysql with UIDs and GIDs starting at 2000, however if I go > > install something that requires a system account which is not in > > baselayout's passwd or group file, this new account gets the the next > > available UID (i.e. proftpd is now running as 2203). Not cool. However, > > if it is explicit that all UIDs below, say, 500 are to be reserved for the > > system, and enewuser looks up the UID in PORTDIR/profiles/eid.passwd, the > > whole process of creating users is controlled and predictable. > > Only in the case where all your machines are Gentoo boxes. The uid you > just plucked out of eid.passwd may already be used by another OS for an > entirely different purpose. Now your sshd is running with httpd's uid, > or worse, as a non-system user because, say, Solaris only considers uids > under 250 to be system accounts. > > We have user and system account entries that predate Linus' first kernel. > We're certainly not going to chown all their files on hundreds of machines > (plus the backup tapes) just to conform to what Gentoo's idea of system > accounts should be. I don't think anyone else deploying Gentoo into an > existing Unix environment would warm to the idea either. > > > There are difficulties with other OSes, of course (Daniel referred to > > MacOSX in the bug that deals with this issue.) I don't know if it would be > > easier to try to solve all these problems ahead of time or come up with a > > solution for the "wider audience" now and try to convert later. > > It's not really a huge undertaking to provide a switch that lets folks do > their account management themselves if they need to. I'm not asking that > ebuilds should automagically know how to update my NIS maps or talk to your > MySQL server. > > -- > [EMAIL PROTECTED] mailing list -- Chris Gianelloni Developer, Gentoo Linux Games Team Is your power animal a pengiun?
signature.asc
Description: This is a digitally signed message part
