Re: user private groups and a src group
Daniel Quinlan wrote:
>[ Ian Jackson wrote: ]
>> Please can we have this in before Debian 1.0 - otherwise we're going
>> to find it virtually impossible to migrate, because all the
>> installations will already have groups with the gids we're going to
>> need to use. This arrangement is quite hard to retrofit, but very
>> easy and straightforward to do from the beginning.
>
> I've already made my point about waiting until 0.9x, but I'd like to
> see someone other than Ian Murdock (someone very familiar with this)
> handle the necessary changes, including the preparation of a list of
> things which need to be changed or rewritten, and then rewriting them.
The only things that should need changing are:
* /etc/passwd and /etc/group: change the default gid of the default
user and create their group, and possibly remove other conflicting
groups.
* adduser needs to arrange to create people's groups as well as their
passwd entries. It should also be written to skip a uid/gid if it is
allocated in /etc/group as well as if it is in /etc/passwd, though
one should allocate user groups and project groups in different
ranges. An addgroup script might be nice; alternatively prominently
leaving a large gap between assigned uids/gids and the start of the
users might be enough.
* Zillions of directories (almost all, in fact) should have the setgid
bit set. This includes at least
- user home directories
- /usr/src
- The entire /usr/local tree (which should presumably be group src)
In fact, it might be easier to
find / -type d -print0 | xargs -0 chmod -R g+s
and then fix up the exceptions by hand. The only ones I can think of
at the moment are /tmp and /var/tmp, though there may be others,
especially belonging to some obscure packages.
Ian.
Reply to: