On Wed, 2019-06-12 at 22:21 -0400, Michael Orlitzky wrote:
> On 6/9/19 7:39 AM, Michał Górny wrote:
> > +
> > +All new users and groups must have unique UIDs/GIDs assigned
> > +by developers.  The developer adding them is responsible for checking
> > +for collisions.
> > 
> > ...
> > 
> > +All user and group packages must define preferred fixed UIDs/GIDs,
> > +and they must be unique within the repository.  The packages should
> > +indicate whether the value needs to be strictly enforced, or whether
> > +another UID/GID is acceptable when the user exists already or requested
> > +UID/GID is taken.
> > +
> Maybe we should loosen this in the case of enforced UIDs. If two
> user-packages truly do require the same fixed UID (for whatever godawful
> reason), then obviously they can't be installed on the same machine, but
> we could otherwise support both in the repository.

I'd rather not permit it up front.  We can revisit this if it ever
becomes really necessary.

> I don't want to encourage people to add such badly-written software to
> the repo, but the alternative is also pretty ugly: if we require the
> UIDs to be unique, and if two packages require the same enforced UID,
> then whoever commits to ::gentoo first will prevent the other guy from
> adding his package later on.

The alternative is to prevent user from installing the second package
without manually fixing his UID/GID table.  This is horrible UX.
I suppose patching one of the packages to use another UID/GID is
probably better.

Best regards,
Michał Górny

Attachment: signature.asc
Description: This is a digitally signed message part

Reply via email to