[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#3189: nvi over-cautious about .exrc?

> At the very least, let's not enforce creating a new user account before
> dselect is run.  This would at least make it possible for the user to
> edit /etc/adduser.conf first and turn off USERGROUPS if they wish so.

We really do have to create a new user account as soon as the system is
brought up, because until we do that we have no good destination for
root and postmaster mail, and we _don't_ want that user to spend a lot
of time logged in as root for obvious reasons. After dselect runs,
there are a number of system accounts and one user account, and a user
who is concerned with this can edit /etc/passwd and /etc/group and
change the group of that one account without much trouble at all.

As a policy, I would prefer to make the most general case work very
well, and make the more esoteric cases do-able with some amount of user
effort. I think that's where we are now - all users are set up with a
useful group that they can use to provide access to their own files to
selected others. To make group quotas work more effectively, you might
consider adding a script to the quota package that the user could run
to convert the entire system so that users (not system accounts) all
had the same primary GID. The script would also have to change the GIDs
on files belonging to the converted users.


Pixar's Toy Story: Over 1/3 Billion dollars world box office so far.

Bruce Perens AB6YM          Bruce@Pixar.com            http://www.hams.com/

Reply to: