On 2021-01-04 16:55, David Seifert wrote:
This is what we agree on. We need an escape hatch, and it needs to be off by default. Any sysadmin overriding it gets to keep the pieces, but they need to have that option.
See Mike's example again.In last chapter of Gentoo's handbook (Finalization) we recommend user to call 'usermod' to put themselves into important groups like wheel or portage.
Now guess what's happening? Whenever acct-user/portage will get remerged, PM will remove that user from portage group (luckily groups like wheel don't have users...).
Do you really want to extend handbook and tell everyone, "OK, as last step, please create an overlay and fork acct-user/portage...". In case the answer will be yes, we now have successfully killed the idea of allowing maintainers to fix a user/group if this will ever be necessary which will add some kind of slap stick to the whole idea.
That's why I am saying that we don't just need an opt-out option, that's why I am argue that all this stuff has to be opt-in by default. It's something special and unique in Gentoo.
-- Regards, Thomas Deutschmann / Gentoo Linux Developer fpr: C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5
OpenPGP_signature
Description: OpenPGP digital signature
