ports adding users
Jonathan McKeown
jonathan at hst.org.za
Thu Oct 12 07:04:07 PDT 2006
This is, I guess, a philosophical question.
Twice in the last couple of weeks I have been bitten by ports adding users or
groups. In setting up my laptop, I created my user account in sysinstall
without creating my group. My ~ was created with the GID corresponding to my
UID, but in building KDE, comms/gnokii used pw groupadd and was allocated
`my' GID, resulting in my ~ being group-owned by gnokii.
More seriously, we are moving our user accounts into LDAP and I now have a
problem on a server where I installed net/isc-dhcp3-server before configuring
pam_ldap and nss_ldap. As a result the dhcpd user (in /etc/passwd) and one of
my user accounts (in LDAP) have the same UID and GID. Disentangling these is
going to be... interesting.
After some digging about, I see I can effectively reserve a block of UIDs/GIDs
by starting my UID numbering at (1001 + x), and creating /etc/pw.conf with
reuseuids yes
reusegids yes
to use the UIDs/GIDs between 1000 and (1000 + x) (otherwise pw just allocates
a UID/GID higher than any in use, which puts it right back in my reserved
range). Perhaps I should also set the maxuid/maxgid options too, just in
case?
That's one option.
Another is to expect dozens of busy port maintainers to cover for me by
reserving UIDs/GIDs instead of creating random users.
Another is to arrange somehow that the ports infrastructure provide a pw.conf
which can be used when pw is called by ports, that limits the range of
UIDs/GIDs that a port can be allocated so that it doesn't overlap with the
range generally used for user accounts.
Thoughts?
Jonathan
More information about the freebsd-questions
mailing list