Re: UPG and the default umask

To: debian-devel@lists.debian.org
Cc: Santiago Vila <sanvila@unex.es>
Subject: Re: UPG and the default umask
From: Peter Palfrader <weasel@debian.org>
Date: Thu, 20 May 2010 14:10:46 +0200
Message-id: <[🔎] 20100520121046.GS13025@anguilla.noreply.org>
Mail-followup-to: debian-devel@lists.debian.org, Santiago Vila <sanvila@unex.es>
In-reply-to: <[🔎] 20100520100849.GC8057@rivendell>
References: <[🔎] alpine.DEB.1.10.1005170103200.6247@kolmogorov.unex.es> <[🔎] 84d3wvj7e5.fsf@sauna.l.org> <[🔎] alpine.DEB.1.10.1005171419450.12903@kolmogorov.unex.es> <[🔎] 844oi6k7x6.fsf@sauna.l.org> <[🔎] alpine.DEB.1.10.1005191903510.17907@cantor.unex.es> <[🔎] 4BF437F2.2090802@codelibre.net> <[🔎] alpine.DEB.1.10.1005200006430.8356@kolmogorov.unex.es> <[🔎] 4BF472B4.5090606@codelibre.net> <[🔎] alpine.DEB.1.10.1005201121130.18348@kolmogorov.unex.es> <[🔎] 20100520100849.GC8057@rivendell>

On Thu, 20 May 2010, Raphael Hertzog wrote:

> > So I agree that the sane thing to do here is, at least, to use the
> > same default range as /etc/adduser.conf (which in turn is the range
> > defined by policy).
> > 
> > I've just modified base-files accordingly to use the UID range 1000-29999.
> 
> I'm not sure this makes lots of sense.
> 
> hertzog@alioth:~$ id -u maximilinux-guest
> 220227
> 
> There are many installations out there with large numbers of users that
> simply can't respect the ranges set by the policy.
> 
> I would simply use a minimum of 500 or 1000 to differentiate system users
> from normal users. adduser is not a required step to create accounts when
> you manage your account database in LDAP/PostgreSQL (or whatever else).

System users can come out of ldap/NIS/etc too, and in such cases they
might not be in the 100-999 range either.

I fear anything which relies on ranges being used in some specific way
in deployed systems is fragile and prone to be wrong at least some of
the time.

-- 
                           |  .''`.  ** Debian GNU/Linux **
      Peter Palfrader      | : :' :      The  universal
 http://www.palfrader.org/ | `. `'      Operating System
                           |   `-    http://www.debian.org/

Reply to:

References:
- Re: UPG and the default umask
  - From: Santiago Vila <sanvila@unex.es>
- Re: UPG and the default umask
  - From: Timo Juhani Lindfors <timo.lindfors@iki.fi>
- Re: UPG and the default umask
  - From: Santiago Vila <sanvila@unex.es>
- Re: UPG and the default umask
  - From: Timo Juhani Lindfors <timo.lindfors@iki.fi>
- Re: UPG and the default umask
  - From: Santiago Vila <sanvila@unex.es>
- Re: UPG and the default umask
  - From: Roger Leigh <rleigh@codelibre.net>
- Re: UPG and the default umask
  - From: Santiago Vila <sanvila@unex.es>
- Re: UPG and the default umask
  - From: Roger Leigh <rleigh@codelibre.net>
- Re: UPG and the default umask
  - From: Santiago Vila <sanvila@unex.es>
- Re: UPG and the default umask
  - From: Raphael Hertzog <hertzog@debian.org>

Prev by Date: Re: Bug#582321: TAG: dirsum -- commandline directory summary
Next by Date: Re: UPG and the default umask
Previous by thread: Re: UPG and the default umask
Next by thread: Re: UPG and the default umask
Index(es):
- Date
- Thread