Re: qmail should use different uids
- To: firstname.lastname@example.org
- Subject: Re: qmail should use different uids
- From: "Mr. Christopher F. Miller" <email@example.com>
- Date: Wed, 1 Dec 1999 07:58:00 -0500
- Message-id: <19991201075800.B4787@maine.com>
- In-reply-to: <19991119020109.B5425@mors.net>; from firstname.lastname@example.org on Fri, Nov 19, 1999 at 02:01:09AM +0100
- References: <19991117183000.C19105@justice.loyola.edu> <Pine.LNX.3.96.991117175011.21481Aemail@example.com> <19991117220937.A8953@maine.com> <19991119020109.B5425@mors.net>
Well, new base-passwd in potato today. I thought I'd give
it the benefit of the doubt; after all, I'm sure it **is**
a better overall configuration.
First pass, base-passwd wanted to make 90+ changes. OK,
say Y. Segfault. --configure -a, next pass 20+ changes.
All the qmail userids were ripped out. <GRIN>Yes, it would
Don't get me wrong, I am sure it is a better configuration.
I've embedded enough mistakes in legacy code (read two weeks
old perl) to know there is always a better way and things
I don't think of.
A desktop user can wipe and reinstall; find and fix up userids:
though even that is non-trivial if what you are changing **to**
is also used. A few hours, break it and fix most of it. Pick
up the pieces as you find them.
We can't do that across every machine we maintain on our network
and in our clients shops. We've been running linux for nearly
6 years; yes, things have changed. In that scenario, base-passwd
is not workable conceptually. Just changing nobody:nogroup
from 512:16 to the current 65k+ was a month long bleed AFTER we
did our best planning and testing. We broke a lot of client code too.
So I return to my tongue-in-cheek suggestion about base-passwd-qmail:
how wacky an idea would it be to figure out a base-passwd-map
that would mediate between "official" userspace and any particular
specific installation? I'd guess that sounds like a terrible and
ugly idea to many but does it amount to more than guaranteeing that
packages always reference passwd file before installing files, eg
no static ids other than root?
On Fri, Nov 19, 1999 at 02:01:09AM +0100, Wichert Akkerman wrote:
> Previously Mr. Christopher F. Miller wrote:
> > We could make base-passwd a virtual package depending on either
> > base-passwd-qmail or base-passwd-non-qmail.
> That would be silly.
> > But seriously, I'd personally be a bit annoyed at having to reconfigure
> > several dozen systems.
> You wouldn't have to, it's perfectly possible to do this unattended.
> qmail is a special case since we should know exactly what files have
> which owner.
> The advantage is simple: if we get all references to non-free removed
> from main the FSF will distribute Debian as well. Having the qmail uids
> in the default passwd would clearly be unacceptable for them.
> / Generally uninteresting signature - ignore at your convenience \
> | firstname.lastname@example.org http://www.liacs.nl/~wichert/ |
> | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |
Christopher F. Miller, Publisher email@example.com
MaineStreet Communications, Inc 208 Portland Road, Gray, ME 04039
Database publishing, e-commerce, office/internet integration, Debian linux.