On Sat, Jul 05, 2003 at 12:41:22PM -0500, Manoj Srivastava wrote: > On Thu, 3 Jul 2003 10:56:41 -0500, Steve Langasek <vorlon@netexpress.net> said: > > If Debian ever hopes to have a policy beyond "all remaining uids and > > gids are reserved for local use", it's important to stake our claim > > *before* 32-bit ids are universally supported -- that is, before > > they're in widespread use at sites, and site admins have already > > deployed schemas that conflict with any default we might choose. > Is there a need for us to have a policy such as that? Is this > policy any good if it is in conflict with the other distributions and > other UNIX like machines in the environment? Are you suggesting that I should pick an id range for Samba's use in the absence of Policy's endorsement of the practice, or that attempting to implement this at all is untenable? I wish to make the Samba packages as useful to users as possible. I believe that enabling a default idmap range makes the packages more useful than not having one; and I believe that having the selection of such a range conspicuously documented is better than not. Policy provides a place to conspicuously document such a selection. I realize there's a non-zero chance that, regardless of what range we choose, it will conflict with the uid assignment scheme at some site. But then, there's a 100% chance that the uid assignment scheme currently employed by Debian conflicts with the uid assignment schemes at some sites. The goal is to make sure Debian's scheme is documented, consistent, and predictable, so that admins can accomodate it gracefully where needed. Between surveying administrators at large sites beforehand, coordinating with other vendors, and (as Michael Stone has suggested on IRC) validating the Samba id range at package install time to ensure it's not actively in use, I think this can be made at least as unintrusive as the existing uid policy. BTW, there's another mitigating factor here in that, the larger the site, the less likely they are to use the default Samba settings anyway: if they're trying to maintain consistent uids across a large number of systems, they're probably using network-attached storage and a distributed uid lookup service (Hesiod, NIS, LDAP, ...), which means they're also very likely to want to configure Samba to use a consistent idmap across machines -- and that requires a variety of changes to the default settings. > I seem to recall True64 has 32 bit uid's already. Indeed, which supports my argument that *if* Policy is going to address this, sooner is better than later. -- Steve Langasek postmodern programmer
Attachment:
pgpjVpk5N4djp.pgp
Description: PGP signature