[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: user private groups and a src group

In his message of Mon, 21 Mar 94 03:21 PST, Ian Jackson wrote:

> >         The one major system I came across recently where it wasn't done
> >         wished they had done it, but they couldn't now because they'd already
> >         assigned the uid/gid numbers and they were too hard to change.
> > 
> > This I don't understand.  What is the value of having gid=uid?  
> You've misunderstood me.  The reason they couldn't do it was because
> it would require changing users' passwd and group entries on too many
> different machines, etc., not because they'd already assigned the
> gids.

If you meant to say that userids and groups had already been set up,
then you should have said that the userids and groups had already
been set up, without referring to numbers.  Maybe you could also
explain what you meant when you said (in your message of 8 March):

> Please can we have this in before Debian 1.0 - otherwise we're going
> to find it virtually impossible to migrate, because all the
> installations will already have groups with the gids we're going to
> need to use.

On this note, Ian Jackson wrote on 23 March:

> [Paul Vojta wrote:]
> > His reasons were (A) we need uid==gid,
> Please stop calling it `uid==gid', you'll just confuse people
> (yourself included, it seems).
> >  and because of that (B) it's impossible to retrofit,
> No, I don't claim that your (B) follows from (A).

Stop calling what `uid==gid'?  I was referring to the _part_ of your
proposal saying that gid's of user private groups should equal the
user's uid, as a separate issue from other parts of your proposal.
If I wanted to refer to your proposal as a whole, I would have called
it Ian's proposal or the user private groups proposal.

Likewise when I say "user private groups should be optional" I mean
exactly that; I do not mean that the whole ball of wax should be

> > and take a hike.
> Unjustifiably pejorative language, and untrue.

That may be the case.  If so, blame Birkholz, not me; it's his choice
of language.  And don't quote me out of context.

> Password checking isn't needed at all sites, either - many if not most
> home machines can do fine without login, crypt and passwd.  So shall
> we remove those too ?

This analogy does not apply.  But, IF:

    1.  All known distributions of Unix were shipped sans login/crypt/passwd,
    2.	Only a few Unix systems implemented this on their own,

THEN I would argue that login/crypt/passwd could be included, but should
be optional.  Possibly after trying it, enough people would like it
that eventually a vote might be cast in favor of making it the default.


I could go on and counter other things Ian has said, but I've spent
enough time and bandwidth on this sort of thing.  At this stage I feel
it's more productive to spell out my viewpoint from scratch (cf. my
previous message) instead of letting it leak out in bits and pieces
as I respond to other people's arguments.

--Paul Vojta, vojta@math.berkeley.edu

Reply to: