Re: Unix group to handle CDD roles?

To: debian-custom@lists.debian.org
Cc: Custom Debian Distributions <debian-custom@lists.debian.org>
Subject: Re: Unix group to handle CDD roles?
From: Andreas Tille <tillea@rki.de>
Date: Wed, 7 Apr 2004 12:57:51 +0200 (CEST)
Message-id: <[🔎] Pine.LNX.4.56.0404071251390.16720@wr-linux02.rki.ivbb.bund.de>
In-reply-to: <[🔎] 20040407095136.GA2602@answer.42.it>
References: <[🔎] 20040406213723.GA6068@answer.42.it> <[🔎] 20040407000606.GB3661@sanctuary.nslug.ns.ca> <[🔎] Pine.LNX.4.56.0404070908170.16720@wr-linux02.rki.ivbb.bund.de> <[🔎] 20040407095136.GA2602@answer.42.it>

On Wed, 7 Apr 2004, Cosimo Alfarano wrote:

> I fear LDAP is too complicated to be used in a generic/generalised
> infrastructure like CDD aims to be.
Same for me.  (If you have read the mails from Debian-Jr Ben was quoting
you will notice that I was always in favour of groups, but I surely admit
that this aproach has some constraints which have to be solved).

> But since I'm a LDAP supporter :), if there will be consensus on using
> it, there'll be no problem to study a solution with it as a custom
> distro directory.
Good to know that we have knowledged people in the boat. ;-)
Perhaps we should consider LDAP as an configuration option: The tools
which have to be developed for a common cdd package could read some
configuration file and if there is a "USELDAP=yes" option than go
this way and leave user groups for the more simple setups.  (Again:
I'm not really sure whether this suggestion makes sense.)

> 1) it's widely probable that some CDD projects need unix group in
>    addition to the role handling, and in this case it should maintain
>    two parallel list with the same users inside.
Hmmm, maintaining lists of same information is error prone, IMHO.

> 2) it's quite unprobable that the case of GID shortage could verifies on
>    a med-dent single computer installation, but only on big clusters
>    with plenty of users, where group ownerships is anyway needed by its
>    own structure, independelty from how many CDD are installed in the
>    cluster.
>    ie: subsetting users is anyway needed, CDD groups is only an helper
>
> 3) I do not think that, even a big cluster, would install more then 3/4
>    CDD projects at the same time (it means 3/4 unix groups).
ACK.

> I do not think so bad to use dynamically allocated groups for this
> purpose.
> Surely LDAP would be a more cleany and unix-like (and funny? :)
> solution to consider.
Uhm, I think I have a bad sense of humor because I do not regard
LDAP as funny. ;-))

> I do not know other group handling methods except the home-made ones,
> with the problem of system integration.
I'd like to avoid home-made things.

Kind regards

         Andreas.

Reply to:

Follow-Ups:
- Re: Unix group to handle CDD roles?
  - From: Ben Armstrong <synrg@sanctuary.nslug.ns.ca>
- Re: Unix group to handle CDD roles?
  - From: Cosimo Alfarano <kalfa@debian.org>

References:
- Unix group to handle CDD roles?
  - From: Cosimo Alfarano <kalfa@debian.org>
- Re: Unix group to handle CDD roles?
  - From: Ben Armstrong <synrg@sanctuary.nslug.ns.ca>
- Re: Unix group to handle CDD roles?
  - From: Andreas Tille <tillea@rki.de>
- Re: Unix group to handle CDD roles?
  - From: Cosimo Alfarano <kalfa@debian.org>

Prev by Date: Re: Unix group to handle CDD roles?
Next by Date: Re: Unix group to handle CDD roles?
Previous by thread: Re: Unix group to handle CDD roles?
Next by thread: Re: Unix group to handle CDD roles?
Index(es):
- Date
- Thread