[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: conflict between system user and normal user

On 10/02/14 13:46, Kevin Chadwick wrote:
> So I'd agree with the underscore but see the not allowing the local
> sysadmin to create accounts easily with it as a bad thing as they could
> perfectly well want to avoid collisions with packages as much as a
> debian dev.

A concrete example, please? If you (as local sysadmin) always create
accounts matching [a-z]*, and Debian packages always create accounts
matching _*, then your local actions can't collide with Debian packages.

If you're creating and installing a local .deb package, then you could
use exactly the same mechanism that Debian developers do; there's no
functional difference between an official Debian .deb, an Ubuntu .deb,
and a locally-created .deb.

You presumably control the namespace in which your users are allowed to
create accounts, so if you're worried about collisions between your
users' account names and your local system accounts' names, you can use
whatever namespacing you want to. For instance, I use accounts with "-"
in for "service" accounts, like smtp-foo and backup-foo to receive
authenticated SMTP submissions and periodic backups from machine foo,
and I don't create "real person" accounts with "-" in them.

> It is the admins system primarily after all and purposefully getting
> in the way is completely wrong in my opinion, warnings even with
> relentless beeping if you must.

You can always force it with adduser --force-badname if you need to.

If we standardize on "_*" (or capital letters or whatever) for packaged
accounts, then "adduser --system" could also start accepting "_*"
without needing --force-badname, if desired.


Reply to: