Re: More on UIDs
Bruce Dubbs wrote: In the book, we create a lot of users and groups. Almost none of them have uids/gids specified. Right now, if a user/group is created without specifying, a uid value 1000 or a gid value 100 is used. The LSB says system uids/gids should be below 100. I am proposing a book wide coordinated set of numbers: snip This is a really good idea, IMO. I boot several different systems - with different root partitions - on my workstation box. However, I always mount the same /home partition so that I can get at my mail archives etc from whatever system I'm running. It really heps if the UID/GIDs are the same! Otherwise you find your wife owns all your mail files! R. -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: UID issue
Randy McMurchy wrote: Jeremy Huntwork wrote these words on 04/21/05 07:23 CST: I'm just curious what causes this, whether it's a 2.6.x issue or a ps issue. Belgarath which runs a 2.4 kernel and procps 3.1.8 doesn't seem to have this problem. My username is longer than 8 characters and it always shows a chopped version of my username in 'ps aux', not the UID. It's coincidental you say this. I first noticed this issue when I noticed your processes when logged into Anduin, which uses a 2.6 kernel. The kernel version has nothing to do with the display of usernames. It doesn't even know about usernames--only uids and gids. It has to be in the ls/ps code. -- Bruce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: UID issue
Jeremy Huntwork wrote: Bruce Dubbs wrote: Randy McMurchy wrote: The kernel version has nothing to do with the display of usernames. It doesn't even know about usernames--only uids and gids. It has to be in the ls/ps code. That makes sense. Might shadow have an effect on this as well? No. Shadow does not affect ps. I just did an experiment. I created a user 'averylongname' and ps does indeed change this to a number, but ls -l adjusts the column width to accomodate the long name. Investigating... -- Bruce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
D-Bus
Hi all, Sooner or later, the D-Bus package will need to be added to BLFS. I've worked on it a little, however, not really enough to be fully confident in the setup and configuration. Here are issues I have so far. 1. The socket and PID created by the daemon do not get cleanup up when the daemon is stopped. I put rm commands in the init script 'stop' section to fix this. 2. The daemon is designed to be started via init as a 'system daemon', then started by users as a 'session daemon'. I do not have a good handle on this 'session daemon' stuff, yet. 3. I do not have a good handle on the system configuration file used by the 'system daemon'. The default configuration file is enough to start the daemon, however, I've not used D-Bus facilities yet to know if it works as it's supposed to. 4. The bindings for Python and Qt cannot be installed (as best I could tell) because the configuration cannot find parts of Python and Qt. This is not a show-stopper. 5. I moved the path for the system daemon socket to /var/lib/dbus, but I don't know if we can use 750 permissions on this directory as I would think users need access to this socket. 6. The default directory for session sockets (created by the individual user 'session-daemon') is /tmp. I tried to move this to ~/.dbus, but cannot pass the correct parameter to configure so that make will use an escaped ~. Even though I pass \\~/.dbus to configure and configure reports that the session socket dir will use \~/.dbus, make chokes because it says the ~ is not escaped. The package documentation can be found by following the 'Docs' links at http://www.freedesktop.org/wiki/Software_2fdbus Now, all this said, I have two things. 1. If anyone has anything to contribute about any of these issues, and can help me/us get these things worked out, I would appreciate it. 2. Should we introduce D-Bus to BLFS now, or wait until we have a better handle on these issues. It very well could be that others are very comfortable and knowledgeable about D-Bus, however, I am not. So I'm asking for help and guidance from the community about this package. TIA. -- Randy rmlscsi: [GNU ld version 2.15.94.0.2 20041220] [gcc (GCC) 3.4.3] [GNU C Library stable release version 2.3.4] [Linux 2.6.10 i686] 10:43:01 up 19 days, 10:16, 3 users, load average: 0.00, 0.00, 0.00 -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: UID issue
Bruce Dubbs wrote: I just did an experiment. I created a user 'averylongname' and ps does indeed change this to a number, but ls -l adjusts the column width to accomodate the long name. Investigating... Investiation complete. The following comment is in the procps source at line 1018 of ps/output.c: // The Open Group Base Specifications Issue 6 (IEEE Std 1003.1, 2004 Edition) // requires that user and group names print as decimal numbers if there is // not enough room in the column, so tough luck if you don't like it. // // The UNIX and POSIX way to change column width is to rename it: // ps -o pid,user=CumbersomeUserNames -o comm // The easy way is to directly specify the desired width: // ps -o pid,user:19,comm // There are a few ways to handle this: 1. Live with it. :) 2. Create an alias for the ps format you want to use and specify a column width you want to use for UID. 3. Specify a format using the PS_FORMAT environment variable. 4. Hack the source. Adding the following code at line 1037 of ps/output.c works: (outbuf+max_rightward) = 0; return max_rightward; -- Bruce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: UID issue
Bruce Dubbs wrote: Investiation complete. The following comment is in the procps source at line 1018 of ps/output.c: // The Open Group Base Specifications Issue 6 (IEEE Std 1003.1, 2004 Edition) // requires that user and group names print as decimal numbers if there is // not enough room in the column, so tough luck if you don't like it. // // The UNIX and POSIX way to change column width is to rename it: // ps -o pid,user=CumbersomeUserNames -o comm // The easy way is to directly specify the desired width: // ps -o pid,user:19,comm // There are a few ways to handle this: Very interesting. Thanks for the research Bruce. -- Jeremy Huntwork -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: More on UIDs
In the book, we create a lot of users and groups. Almost none of them have uids/gids specified. Right now, if a user/group is created without specifying, a uid value 1000 or a gid value 100 is used. The LSB says system uids/gids should be below 100. I am proposing a book wide coordinated set of numbers: *snipped* Actually, my suggestion would be for those system users that are associated with network daemons, to use a group to match the port they open...i.e. apache assigned 80, ssh assigned 22, etc. No real reason, except to try to have SOME rhyme/reason to assignment - those that don't do network stuff can be assigned somewhat arbitrarily. -J- -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: More on UIDs
Jeremy Utley wrote: In the book, we create a lot of users and groups. Almost none of them have uids/gids specified. Right now, if a user/group is created without specifying, a uid value 1000 or a gid value 100 is used. The LSB says system uids/gids should be below 100. I am proposing a book wide coordinated set of numbers: *snipped* Actually, my suggestion would be for those system users that are associated with network daemons, to use a group to match the port they open...i.e. apache assigned 80, ssh assigned 22, etc. No real reason, except to try to have SOME rhyme/reason to assignment - those that don't do network stuff can be assigned somewhat arbitrarily. Not a bad idea, but we have several ftp and email servers. I thought about using the same number for all the ftp servers and the same numbers of all the mail servers, but that would make the different packages conflict. I opted for making the numbers of related apps close together. Also it doesn't work for things like pop (110). It does work for apache, ssh, and named and I can do that. The implementation I was thinking about is to add a page to Chapter 2 or Chapter 3 named About uids and gids that sumarizes uid/gid issues. It should also discuss User Private Groups and mention the interaction and possible update of /etc/login.defs. -- Bruce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: More on UIDs/Permissions
Bruce Dubbs wrote: Jeremy Utley wrote: In the book, we create a lot of users and groups. Almost none of them have uids/gids specified. Right now, if a user/group is created without specifying, a uid value 1000 or a gid value 100 is used. The LSB says system uids/gids should be below 100. I am proposing a book wide coordinated set of numbers: *snipped* Actually, my suggestion would be for those system users that are associated with network daemons, to use a group to match the port they open...i.e. apache assigned 80, ssh assigned 22, etc. No real reason, except to try to have SOME rhyme/reason to assignment - those that don't do network stuff can be assigned somewhat arbitrarily. Not a bad idea, but we have several ftp and email servers. I thought about using the same number for all the ftp servers and the same numbers of all the mail servers, but that would make the different packages conflict. They're going to conflict anyway :) Only one FTP server can bind to port 21, only one mail server can bind to 25, etc. And, in all technicality, there's no reason why, for example, vsftpd and proftpd couldn't both use the same username ftp :) I opted for making the numbers of related apps close together. Also it doesn't work for things like pop (110). It does work for apache, ssh, and named and I can do that. The implementation I was thinking about is to add a page to Chapter 2 or Chapter 3 named About uids and gids that sumarizes uid/gid issues. It should also discuss User Private Groups and mention the interaction and possible update of /etc/login.defs. On a similar note, I'd like to see something that goes into other method's of device permission handling. Right now, for example, you've got the audio group handling access to audio permissions and so on. Kevin Fleming, back when the big discussion about groups happened, mentioned something about a way of having the user logged into the console always having access to the devices, but the same user when logged in remotely wouldn't. That I'd definately be interested in seeing! -J- -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: More on UIDs/Permissions
Jeremy Utley wrote: Bruce Dubbs wrote: Not a bad idea, but we have several ftp and email servers. I thought about using the same number for all the ftp servers and the same numbers of all the mail servers, but that would make the different packages conflict. They're going to conflict anyway :) Only one FTP server can bind to port 21, only one mail server can bind to 25, etc. And, in all technicality, there's no reason why, for example, vsftpd and proftpd couldn't both use the same username ftp :) That is true, however it it technically possible to run multiple servers on different ports. I've never heard of anyone actually doing it though. I'm willing to put all the ftp servers on the same uids/gids but I'd like more opinions. On a similar note, I'd like to see something that goes into other method's of device permission handling. Right now, for example, you've got the audio group handling access to audio permissions and so on. Kevin Fleming, back when the big discussion about groups happened, mentioned something about a way of having the user logged into the console always having access to the devices, but the same user when logged in remotely wouldn't. That I'd definately be interested in seeing! Sounds reasonable, but I would like to have someone write up a draft. -- Bruce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
