[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: qmail should use different uids

Well, new base-passwd in potato today.  I thought I'd give
it the benefit of the doubt; after all, I'm sure it **is**
a better overall configuration.

First pass, base-passwd wanted to make 90+ changes.  OK,
say Y.  Segfault.  --configure -a, next pass 20+ changes.
All the qmail userids were ripped out.  <GRIN>Yes, it would
run unattended.</GRIN>

Don't get me wrong, I am sure it is a better configuration.
I've embedded enough mistakes in legacy code (read two weeks
old perl) to know there is always a better way and things
I don't think of.

A desktop user can wipe and reinstall; find and fix up userids:
though even that is non-trivial if what you are changing **to** 
is also used.  A few hours, break it and fix most of it.  Pick 
up the pieces as you find them.

We can't do that across every machine we maintain on our network
and in our clients shops.  We've been running linux for nearly 
6 years; yes, things have changed.  In that scenario, base-passwd 
is not workable conceptually.  Just changing nobody:nogroup
from 512:16 to the current 65k+ was a month long bleed AFTER we
did our best planning and testing. We broke a lot of client code too.

So I return to my tongue-in-cheek suggestion about base-passwd-qmail:
how wacky an idea would it be to figure out a base-passwd-map
that would mediate between "official" userspace and any particular
specific installation?  I'd guess that sounds like a terrible and
ugly idea to many but does it amount to more than guaranteeing that
packages always reference passwd file before installing files, eg
no static ids other than root?



On Fri, Nov 19, 1999 at 02:01:09AM +0100, Wichert Akkerman wrote:
> Previously Mr. Christopher F. Miller wrote:
> > We could make base-passwd a virtual package depending on either 
> > base-passwd-qmail or base-passwd-non-qmail.
> That would be silly.
> > But seriously, I'd personally be a bit annoyed at having to reconfigure 
> > several dozen systems. 
> You wouldn't have to, it's perfectly possible to do this unattended.
> qmail is a special case since we should know exactly what files have
> which owner.
> The advantage is simple: if we get all references to non-free removed
> from main the FSF will distribute Debian as well. Having the qmail uids
> in the default passwd would clearly be unacceptable for them.
> Wichert.
> -- 
>    ________________________________________________________________
>  / Generally uninteresting signature - ignore at your convenience  \
> | wichert@liacs.nl                    http://www.liacs.nl/~wichert/ |
> | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0  2805 3CB8 9250 2FA3 BC2D |


Christopher F. Miller, Publisher                             cfm@maine.com
MaineStreet Communications, Inc         208 Portland Road, Gray, ME  04039
1.207.657.5078                                       http://www.maine.com/
Database publishing, e-commerce, office/internet integration, Debian linux.

Reply to: