Re: Using the user nobody in my package
-----BEGIN PGP SIGNED MESSAGE-----
Sam Morris wrote:
> More at <http://www.debian.org/doc/debian-policy/ch-opersys.html#s9.2.2>.
> Of course, I guess you'd have to persuade whoever maintains the allocation
> list that you really do need a static UID assignment. :)
How could I make such request? If it takes too much time to do such
requests, I think it's best to make it so I don't need to ask, even if
later I can fix it once I get an answer to my request.
martin f krafft wrote:
> Why nobody? Why don't you create your own user? Other daemons run as
> nobody and can hence access and manipulate files, potentially.
Also, for the purpose of understanding: our control panel does NOT have
a running daemon. It's a bunch of php and sh scripts, and there is no
need to have a silly daemon running (for what? after all, Apache is
supposed to be always running, right?).
Anyway, I'm starting to modify our control panel so it uses a user
called "dtc", and see how it goes.
Richard Laager wrote:
> How often do you really move sites? In that case, you
> could just do the move with something that'll preserve ownership by
> name rather than UID/GID. Also, for us, we end up creating our
> servers the same way, so the UIDs end up matching anyway.
I wont be the only one using the panel, in fact, since the time the
panel is reporting anonymous stats (about 1 month now), there is about
400 setup recorded, so it's spreading and being used... :) I'm sure
people WILL need to move from one server to another, I just don't want
to make it too hard.
If I'm not mistaking "tar" only stores UID and not user names, and
that's also one of my concerns. All your servers MIGHT be matching,
because you are managing them all. This works in a ONE company env, but
it doesn't work if the panel is spread to many users like we are trying
to do (if shipped under standard Debian (Etch???)).
Thanks all for your replies, seems you all agreed that it was a design
error to use the user nobody, so I'll fix.
P.S: No need to send me as copy, I'm subscribed and reading every day!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----