> There's a significant difference between changing group membership for
> a system user versus a user account that is used interactively.
> I don't think the handbook advises people to mess with system accounts.

>From my experience this is quite common for web-stuff and similar things, 
where you suddenly want to be daemon1 in the group of daemon2 so it can read 
it's files.

How about something like an EXTRA_GROUPS env var that one can set via profile? 
That could be set per package, acct-user templates could change that at merge 
time, or if USE=exact-groups is set even complain if the new and old group 
setting does not match. Or the other way round: always fail if the group 
membership of the given user is not exactly what the ebuild states + 
EXTRA_GROUPS, and let the user pass in USE=force-group for that ebuild to fix 
things up.


Attachment: signature.asc
Description: This is a digitally signed message part.

Reply via email to