Bug#329701: Local (non-NIS) users and groups
Mark Brown <broonie@sirena.org.uk> writes:
> > And it's not like this would be changed on a running system,
> > right?
>
> That is not the case. /var/yp/Makefile is a conffile and so will be
> updated if it hasn't been modified.
Oh, I see. Sorry. (Hmm, the installation scripts would have to check
for preexisting GIDs in the range 500-999 then, and warn
appropriately.)
> > (From what I can see, absolutely no one on -policy cares about
> > this, since I have asked about this on two occasions now and both
> > times gotten no reply whatsoever.)
>
> You might find that coming up with a concrete proposal for policy
> might help there.
I have the feeling that all that would happen is that maybe someone
would ask the maintainers for the affected packages what *they* think,
and hold off on any policy change until the packages are changed. But
it would be easy to write a specific change proposal, so I'll do that
once someone actually needs one.
> > If you want to avoid even that remote possibility, this change
> > should be coordinated with a change in the "adduser" package to
> > lower LAST_SYSTEM_UID in /etc/adduser.conf.
>
> That would probably help too. A patch implementing support for the
> new GID range you want to add might also be helpful.
Support? You mean something like "adduser --system-shared"? That's a
bit more than I am asking for; I just wanted to have the range
*available* as a general policy, not necessarily have a nice UI to it.
But thank you for the suggestion.
> > Is this what you want? Would you be willing to make the change if
> > the maintainers for "adduser" were, too?
>
> What I want is for any change in the default handling of UID and GID
> ranges in NIS to be made in other parts of Debian too.
Fair enough, but what parts other than "adduser" are there? (And
don't say "debian-policy", please.)
> You are asking me to have the NIS package take part of an existing
> GID range and give it a new meaning without updating anything else
> in Debian to understand this. I don't think that's a good idea.
All right, but I think you are overestimating the impact this would
have. No other package (except for "adduser") even cares about the ID
ranges in question, from what I can see. But I'll jump through
whatever hoops are necessary to have this proposal actually
considered.
> It is very easy for people who want this behaviour to change their
> local configuration suitably. Doing it in NIS alone will at best
> provide a small part of what you are asking for
(Actually, it would solve all my problems. This change is the only
one I need to apply to use this GID range the way I want.)
I mean, I have already solved my problems by making the change locally
(on a number of systems). But I don't like making such changes to a
system policy, and Debian doesn't provide for a way to do what I want,
so I'm therefore trying to make Debian adopt my policy. If I succeed,
it's one thing less odd about my systems compared to a standard
install. I'll even be just as happy if Debian decides to adopt some
other way to do the same thing, just as long as I can do what I want
on my systems with minimal change to system policy.
> and may actually cause breakage.
Extremly unlikely, in my opinion. But I'll approach things the Right
Way, as long as someone can say what way that is. But not as long as
everybody keeps pointing at someone else.
To summarize:
Would you be OK with making this change if the "adduser" package was
changed too? (Of course, after both packages are changed, the Debian
Policy would be approachable for change, after which everything would
be nice again.) Or are there more parts of Debian that, in your
opinion, need to be changed in concert? I would need to know this if
I am to approach maintainers with this proposal.
/Teddy
Reply to: