Re: standardize uid:gid?

To: debian-user@lists.debian.org
Subject: Re: standardize uid:gid?
From: David Wright <deblis@lionunicorn.co.uk>
Date: Fri, 19 Jan 2024 16:59:10 -0600
Message-id: <[🔎] Zar+vplt2yV11SnE@axis.corp>
Reply-to: debian-user@lists.debian.org
In-reply-to: <[🔎] ZakaCRMJmZo5BBu5@wooledge.org>
References: <[🔎] uoadgt$161g$1@ciao.gmane.io> <[🔎] ZakaCRMJmZo5BBu5@wooledge.org>

On Thu 18 Jan 2024 at 07:31:05 (-0500), Greg Wooledge wrote:
> On Thu, Jan 18, 2024 at 05:38:37AM -0000, David Chmelik wrote:
> > Couldn't Debian standardize uid:gid numbers for daemons?
> 
> The thing is, Debian has tens of thousands of packages, and any one
> of these packages is capable of creating new UIDs and/or GIDs if it
> feels like doing so.  There is no centralized place where all of the
> possible UIDs and GIDs are registered.  It's all ad hoc.
> 
> If a centralized UID/GID registry were to be created, the following
> results would occur:

Debian does have four very small ID registries, two are in
base-passwd: /usr/share/base-passwd/{passwd,group}.master.¹
At a purely local level, what would be the consequences of
extending those files to cover all the expected UID/GIDs on
a network of pet PCs (as opposed to cattle). Obviously this
would have to be done at the earliest opportunity.

>  * Every package that creates one would have to be updated in a
>    non-trivial manner.  By its maintainer.  Thousands of separate
>    maintainers.  A cat-herd of Debian developers, who do this work
>    in their spare time, as they get around to it.

A local sysadmin might try wrapping adduser/useradd, or whatever,
to insert/override choices. Or else new packages would have to be
examined before their installation, and UID/GIDs added manually.

>  * Every obscure, niche package's users and groups would have to be
>    added to every Debian system. [ … ]
>  * Did I mention that every Debian system in existence would have to
>    have ALL of its users and groups redone? [ … ]
>  * This change would have to be made by a human being running a
>    conversion script as root in single-user mode, [ … ]
> 
> This is one of those "the boat has already left the dock" situations.
> If this were going to happen, it would have to have happened in the
> early 1990s.  There is no feasible way to make it happen now.

Agreed, for any sort of Debian or non-local reconfiguration.

¹ There are some reserved high IDs documented in the README, which
  are set when the relevant packages are installed.

Cheers,
David.

Reply to:

References:
- standardize uid:gid?
  - From: David Chmelik <dchmelik@gmail.com>
- Re: standardize uid:gid?
  - From: Greg Wooledge <greg@wooledge.org>

Prev by Date: Re: File has unexpected size (x != y). Mirror sync in progress? [IP: ...] ...
Next by Date: Re: counting commas
Previous by thread: Re: standardize uid:gid?
Next by thread: Re: standardize uid:gid?
Index(es):
- Date
- Thread