Re: UPG and the default umask

[Roger Leigh <rleigh@codelibre.net>]

On 20/05/2010 20:43, Steve Langasek wrote:
> On Thu, May 20, 2010 at 08:31:36PM +0100, Roger Leigh wrote:
> > Do we have any actual users of this space?  I didn't see anything in
> > Policy.  Is there a central database listing the assignments?  If
> > so, where may it be found?
>
> /usr/share/doc/base-passwd/README

Thanks.  Looking at the list, there's only 10 packages in total.  9 
create just one user/group, and one (qmail, which AFIACT isn't even in 
Debian) creates six.  I'm unsure why these 9 packages need a static 
allocation, given that every other service just creates/removes them 
dynamically.  Given the miniscule usage of this reserved range, is 
static allocation justifiable?

> > The main justification I would have for this change is that keeping
> > the old 16-bit-constrained assignments fragments the 32-bit range
> > space unnecessarily.  For checks such as being discussed, having a
> > contiguous user range makes things much simpler for both us and
> > admins.  I accept that we can't change things for existing systems
> > where these are already being used, but it sucks to be stuck with a
> > 16-bit legacy for evermore even for new installs.
>
> I don't think it's practical to ever get rid of the legacy UID range
> fragmentation in the 16-bit space.  Better would be to plan a transition to
> where we start numbering new user accounts from 65536 by default, instead of
> from 1000.

Something probably best left until after Squeeze!  I think the simple 
check we have now will be robust enough until after then.


Regards,
Roger