Re: Bits from the release team: the plans for etch

To: Gabor Gombas <gombasg@sztaki.hu>
Cc: Steve Langasek <vorlon@debian.org>, debian-devel@lists.debian.org
Subject: Re: Bits from the release team: the plans for etch
From: Philippe Troin <phil@fifi.org>
Date: 04 Nov 2005 11:01:20 -0800
Message-id: <[🔎] 87r79ws0e7.fsf@ceramic.fifi.org>
In-reply-to: <[🔎] 20051103145831.GC18986@boogie.lpds.sztaki.hu>
References: <20051026091100.GA3940@javifsp.no-ip.org> <87ll0gs2pf.fsf@becket.becket.net> <20051026160623.GC30978@javifsp.no-ip.org> <20051026162439.GC31042@mails.so.argh.org> <435FBD38.8090308@almg.gov.br> <87u0f45fy5.fsf@becket.becket.net> <20051027093926.GA24247@freesources.org> <20051027122428.GA4576@moregruel.net> <20051027125316.GA9501@tennyson.dodds.net> <8764rfeg1i.fsf@ceramic.fifi.org> <[🔎] 20051103145831.GC18986@boogie.lpds.sztaki.hu>

Gabor Gombas <gombasg@sztaki.hu> writes:

> On Sat, Oct 29, 2005 at 10:21:13PM -0700, Philippe Troin wrote:
> 
> > An other issue that always annoyed me is that assuming a NIS server
> > and a NIS client which both install say exim.  I want to give some
> > users membership in the group Debian-exim.  I can't easily.
> > 
> > The UID picked by Debian-exim is not going to be the same for the NIS
> > server and all the NIS clients, so I cannot get it propagated by NIS.
> > And I don't want to have to maintain the group membership on all the
> > clients.
> 
> That is a local administration decision. You should have a clear policy
> wether you'll be allowing system groups in NIS _before_ creating the NIS
> domain. If you do, you should have a plan _before_ creating the NIS
> domain about how you will deal with the inevitable conflicts.
> 
> When I last administered a complex distributed environment (we used
> first NIS+ then LDAP, but that's not important), we had a policy that
> local software should never use user/group IDs coming from NIS+/LDAP,
> and software installed on shared filesystems should never use user/group
> IDs _not_ coming from NIS+/LDAP. Mixing local and remote IDs in group
> membership was forbidden as well. That worked quite well.

Although I agree with the above on principle, how do you manage
membership to the floppy, audio, video, etc groups?

Phil.

Reply to:

Follow-Ups:
- Re: Bits from the release team: the plans for etch
  - From: Gabor Gombas <gombasg@sztaki.hu>

References:
- Re: Bits from the release team: the plans for etch
  - From: Gabor Gombas <gombasg@sztaki.hu>

Prev by Date: Re: How to get rid of a poised version
Next by Date: Re: Debian based GNU/Solaris: pilot program
Previous by thread: Re: Bits from the release team: the plans for etch
Next by thread: Re: Bits from the release team: the plans for etch
Index(es):
- Date
- Thread