Re: Too many default groups in Skolelinux' LDAP schema?
> > OTH it may be perfectly fine to mix them, just a little harder
> > to "group the groups" :-)
>
> UID GID
> ----------------------------------------------------------------------
> 0-500 OS assigned - I don't care 0-500 OS assigned - I don't care
> 500-600 Set aside for RH screwups 500-600 UPG for RH screwups
> 600-800 not currently assigned 600-800 UPG for same
> 800-900 system admins and "specials" 800-900 UPG for system admins
> 900-1000 wasted 900-1000 department special groups
> 1000-1200 wasted 1000-1200 normal groups
> 1200-1300 wasted 1200-1300 web server groups
> 1300-2000 wasted 1300-2000 future groups
> 2000-> normal users 2000-> UPG for normal groups
>
>
> i found this here. what i did not find was a good reasoning for
> having ranges for special groups/users like admins vs normal
> users etc.
Yes, I was looking out for exaclty the same reasoning. This scheme might
not be particulary practical for us, but it made me wonder if ranges
for system, hardware, admin and regular groups, separated from user
private group UID/GIDs might be beneficial.
One thing I could come up with as perhaps reasonable(?) is that it might
in some cases make it easier to sort users and groups. I.e. not showing
system and admin groups/users by default when offering a selection to
define the belonging of users to regular groups (student, teacher, class,
course, project,...)
Aka: "Too many default groups [visible] in Skolelinux' LDAP schema?"
=> Presenting hardware groups (sound, floppy, cdrecord, ...),
admin groups (root, admin, jr_admin,...) or even system/daemon groups
just if explicitly requested?
Reply to: