Re: ITP: opensmtpd -- Simple Mail Transfer Protocol daemon
On Wed, May 22, 2013 at 02:16:34PM -0700, Russ Allbery wrote:
> Daniel Walrond <debian@djw.org.uk> writes:
>
> > As per policy 10.9 - Permissions and owners[0], opensmtpd requires
> > some system users for running non-root-privileged processes. I propose
> > to user the following dynamic accounts; opensmtpd, opensmtpq, opensmtpf.
>
> We currently have no good policy about how to name system users, but
> despite that I personally would recommend against using simple
> alphanumeric usernames like those. (They are longer than eight
> characters, which avoids some local namespaces, but not all.)
>
> There are two conventions that other packages have used to make it less
> likely that system accounts will conflict with local usernames:
>
> * Append "Debian-" to the username, as in Debian-opensmtpd
> * Append an underscore, as in _opensmtpd
>
> I personally mildly prefer the latter just because it's simple, although
> it isn't as informative or robust against any namespace issue. Note that
> you will have to pass --force-badname to adduser to let you use an
> underscore in the name.
The upstream package defaults to _smtpd since all the daemons in OpenBSD
start with a "_". It seems like a good convention to avoid local
namespace clashes, although I haven't seen any package within Debian
using it. The regex in a default install is ^[a-z][-a-z0-9_]*\$, so I
think it's best to stick within that.
Thanks for the input, I'll stick with opensmtpd.
Dan
Reply to: