[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: system users



OoO En ce doux début de  matinée du samedi 15 novembre 2008, vers 08:49,
je disais:

> ,----[ http://wiki.debian.org/AccountHandlingInMaintainerScripts ]
> | A collision free way to  name system accounts should really be mentioned
> | in Debian policy to stop this uncontrolled growth of different methods.
> `----

> Is it  any progress on  this matter? While  more and more  daemon become
> unprivileged or "privilege separation"-able, we get more and more system
> users.

> On  some  systems  like  OpenBSD,  all those  users  are  starting  with
> underscore to avoid  collision with real users. On  Debian, I have never
> seen  this, even  for packages  that comes  from OpenBSD  (like openntpd
> which uses "ntpd"). Is there some drawbacks with underscore?

I wanted  to file a  wishlist bug against  policy about this  matter but
there is already one that exists:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=248809

The bug  is pretty old and the  discussion stopped a few  years ago. The
problem of  too long usernames  when using "Debian-" prefix  was already
mentioned.

The  possibility   to  use  "_${package}"   is  mentioned  once   as  an
example.

IMO, there are three advantages to using underscore:
 - it defines a namespace (like using "Debian-" prefix)
 - the name is kept short
 - it is easy to spot those system names in ps or other tools

Is there some  way to easily retrieve all postinst  scripts to check how
adduser is called?
-- 
printk("autofs: Out of inode numbers -- what the heck did you do??\n"); 
	2.0.38 /usr/src/linux/fs/autofs/root.c

Attachment: pgpfiFR7BgUdY.pgp
Description: PGP signature


Reply to: