Re: Seeking consensus for some changes in adduser

To: debian-devel@lists.debian.org
Subject: Re: Seeking consensus for some changes in adduser
From: Harald Dunkel <harald.dunkel@aixigo.com>
Date: Wed, 9 Mar 2022 14:10:04 +0100
Message-id: <[🔎] 40cca538-7b1b-c111-90a0-27c3948b4ba6@aixigo.com>
In-reply-to: <[🔎] YieJALY0ny0+07pw@torres.zugschlus.de>
References: <[🔎] YieJALY0ny0+07pw@torres.zugschlus.de>

On 2022-03-08 17:49:04, Marc Haber wrote:


(1a) would it be necessary to handle --system accounts differently? I
      think yes.


I think it would be helpful to define "system account" and "normal user".
Neither adduser(8) nor useradd(8) provide a sufficient definition,
especially wrt the existing network directory services (LDAP, AD, etc).
Is a "system user" supposed to be a local account, defined in /etc/passwd
only?

Related question: How are naming collisions between local entries and
the entries in a network directory service supposed to be handled?
Something like

	passwd: files sss

in /etc/nsswitch.conf is not helpful, if a postinst script fails to
create a local account due to the entry it has found in freeipa, for
example. Not to mention that such a service might fail at boot time,
if the directory service is not available (yet).


Regards

Harri

Reply to:

Follow-Ups:
- Re: Seeking consensus for some changes in adduser
  - From: Simon McVittie <smcv@debian.org>
- Re: Seeking consensus for some changes in adduser
  - From: Marc Haber <mh+debian-devel@zugschlus.de>

References:
- Seeking consensus for some changes in adduser
  - From: Marc Haber <mh+debian-devel@zugschlus.de>

Prev by Date: Bug#1006965: ITP: python-datetimerange -- library that handles time ranges
Next by Date: Re: Seeking consensus for some changes in adduser
Previous by thread: Re: Seeking consensus for some changes in adduser
Next by thread: Re: Seeking consensus for some changes in adduser
Index(es):
- Date
- Thread