Re: UPG and the default umask

To: Santiago Vila <sanvila@unex.es>
Cc: debian-devel@lists.debian.org
Subject: Re: UPG and the default umask
From: Raphael Hertzog <hertzog@debian.org>
Date: Thu, 20 May 2010 12:08:49 +0200
Message-id: <[🔎] 20100520100849.GC8057@rivendell>
Mail-followup-to: Santiago Vila <sanvila@unex.es>, debian-devel@lists.debian.org
In-reply-to: <[🔎] alpine.DEB.1.10.1005201121130.18348@kolmogorov.unex.es>
References: <[🔎] 87pr0vg07c.fsf@windlord.stanford.edu> <[🔎] alpine.DEB.1.10.1005170103200.6247@kolmogorov.unex.es> <[🔎] 84d3wvj7e5.fsf@sauna.l.org> <[🔎] alpine.DEB.1.10.1005171419450.12903@kolmogorov.unex.es> <[🔎] 844oi6k7x6.fsf@sauna.l.org> <[🔎] alpine.DEB.1.10.1005191903510.17907@cantor.unex.es> <[🔎] 4BF437F2.2090802@codelibre.net> <[🔎] alpine.DEB.1.10.1005200006430.8356@kolmogorov.unex.es> <[🔎] 4BF472B4.5090606@codelibre.net> <[🔎] alpine.DEB.1.10.1005201121130.18348@kolmogorov.unex.es>

Hi,

On Thu, 20 May 2010, Santiago Vila wrote:
> So I agree that the sane thing to do here is, at least, to use the
> same default range as /etc/adduser.conf (which in turn is the range
> defined by policy).
> 
> I've just modified base-files accordingly to use the UID range 1000-29999.

I'm not sure this makes lots of sense.

hertzog@alioth:~$ id -u maximilinux-guest
220227

There are many installations out there with large numbers of users that
simply can't respect the ranges set by the policy.

I would simply use a minimum of 500 or 1000 to differentiate system users
from normal users. adduser is not a required step to create accounts when
you manage your account database in LDAP/PostgreSQL (or whatever else).

Having a different behaviour betweent accounts simply because some are
above the maximal limits and some are below would be counter productive.

The policy was written when uid/gid were only 16 bits but our systems cope
with greater number of users nowadays... maybe the policy should be
revised on that point.

Cheers,
-- 
Raphaël Hertzog

Like what I do? Sponsor me: http://ouaza.com/wp/2010/01/05/5-years-of-freexian/
My Debian goals: http://ouaza.com/wp/2010/01/09/debian-related-goals-for-2010/

Reply to:

Follow-Ups:
- Re: UPG and the default umask
  - From: Peter Palfrader <weasel@debian.org>
- Re: UPG and the default umask
  - From: Santiago Vila <sanvila@unex.es>

References:
- Re: UPG and the default umask
  - From: Russ Allbery <rra@debian.org>
- Re: UPG and the default umask
  - From: Santiago Vila <sanvila@unex.es>
- Re: UPG and the default umask
  - From: Timo Juhani Lindfors <timo.lindfors@iki.fi>
- Re: UPG and the default umask
  - From: Santiago Vila <sanvila@unex.es>
- Re: UPG and the default umask
  - From: Timo Juhani Lindfors <timo.lindfors@iki.fi>
- Re: UPG and the default umask
  - From: Santiago Vila <sanvila@unex.es>
- Re: UPG and the default umask
  - From: Roger Leigh <rleigh@codelibre.net>
- Re: UPG and the default umask
  - From: Santiago Vila <sanvila@unex.es>
- Re: UPG and the default umask
  - From: Roger Leigh <rleigh@codelibre.net>
- Re: UPG and the default umask
  - From: Santiago Vila <sanvila@unex.es>

Prev by Date: Re: Bug#582321: TAG: dirsum -- commandline directory summary
Next by Date: Re: Bug#582321: TAG: dirsum -- commandline directory summary
Previous by thread: Re: UPG and the default umask
Next by thread: Re: UPG and the default umask
Index(es):
- Date
- Thread