Re: Policy 9.2.2: s/should/must/ for add{user,group} --system?
On Sat, Feb 07, 2004 at 02:55:06PM +0100, Siggy Brentrup wrote:
> On Sat, Feb 07, 2004 at 02:07:50PM +0100, Bill Allombert wrote:
> > May I ask which ?
>
> When realizing it, I had the following groups (FTTOMH):
> sslwrap:1001:
> snort:1002:
> postfix:1003:
> postdrop:1004:
Thanks! Writing a lintian check could be an option.
> > It is my understanding that the `should' above refer specifically to the
> > use of `adduser --system', and not of the 100-999 range.
> >
> > I would regard any violation of the uid/gid range given in this section
> > as a serious policy violation by regard of the amount of breakage it
> > cause.
>
> Seconded, but still there is no 'must' or 'required' in 9.2.2
Policy 9.2.2 read (enphasize added):
Because some packages need to include files
which are owned by these users or groups, or need the ids compiled
into binaries, these ids *must* be used on any Debian system only for
the purpose for which they are allocated.
I think this is sufficient. Whether we should require the use of
`adduser --system' over any others means to achieve a similar result
is a separate matter, though I would tend to agree.
Cheers,
--
Bill. <ballombe@debian.org>
Imagine a large red swirl here.
Reply to: