[lsb-discuss] Fwd: Re: user naming proposal

Robert Schweikert rjschwei at suse.com
Mon Sep 8 13:25:26 UTC 2014 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1




- -------- Original Message --------
Subject: Re: [lsb-discuss] user naming proposal
Date: Wed, 21 May 2014 15:08:22 -0500
From: Bruce Dubbs <bruce.dubbs at gmail.com>
To: Robert Schweikert <rjschwei at suse.com>

Robert Schweikert wrote:
> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
> 
> Hi,
> 
> A while back an issue about user naming/numbering has surfaced.
> While in many cases it is immaterial to have the same name and
> uid/gid for a user on various installations there are cases where
> having the same name/uid/gid is important. Additionally there is a
> potential security issue with "user/sysadmin" assigned names and
> "system users" is there should be a "conflict" with user names. To
> address this topic the work group has created a proposal [1].
> 
> Before the proposal is solicited to various distributions it would
> be great if those following this list could take a look and
> provide feedback by end of next week. After weighing the provided
> feedback the proposal will then be solicited on the development
> mailing lists of various distributions.
> 
> Later, Robert
> 
> [1] 
> https://github.com/LinuxStandardBase/lsb/blob/master/documents/wip/userNaming.txt

First,
> 
let me say that the url above does not format very well.  There
are several lines that do not wrap and are cut off.  This can be worked
around or course, but it's inconvenient.

I do not see a decent solution that does not specify specific names with
UIDs and GIDs.  This will be a hard sell.  You will also need a dynamic
list similar to the IANA services list to accommodate new names.

Looking at the Debian list, for instance, shows names that many users do
not use or want.  Examples are sync, games, uucp, proxy, www-data.

Some of these are anachronisms (e.g. uucp).  Using 65534 for nobody is
also quite unnecessary.  I once tracked this down and found the root
problem was that the code for nfs used -2 for a UID if the user nobody
was undefined.  This then took on a life of it's own.

Using UIDs with high values creates some sparse support files
(/var/log/wtmp) that appear to be quite large via ls, but are generally
small via du.  I've found this to confuse some users.

Let me give you some alternative lists:

http://www.linuxfromscratch.org/lfs/view/stable/chapter06/createfiles.html

http://www.linuxfromscratch.org/blfs/view/stable/postlfs/users.html

  -- Bruce Dubbs
     linuxfromscratch.org


- -- 
Robert Schweikert                           MAY THE SOURCE BE WITH YOU
SUSE-IBM Software Integration Center                   LINUX
Tech Lead
Public Cloud Architect
rjschwei at suse.com
rschweik at ca.ibm.com
781-464-8147


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQEcBAEBAgAGBQJUDa5FAAoJEE4FgL32d2UkvioH/R8NIHifJTs9IfA9nikEKRut
W9d2MJQdXcCLWZ1ZuBfZkhNS4bREAgaK3qaY5oeF8yB13JM+NB9F2sIejsUlawIq
QxxLBvx13fV03ubLwvkbBjtffKoNSYyBr3FaoyXUSrfRrv/G+v8KLNvIvRgBRf2i
4siXl/ySL/53f4FoVQm7TLh1PGAHDGWsbYBYbI5McoTADkmQorD/0ph573qz663j
1vg5ujAmIXTawHmbAGA6AWJHimuV0kZ+6pVZaUgZa0GKitUBcwhneaawsFuVpwYv
H1/As3HziYcgMLlFZI6OK6sJQZGF6Gg33ul+/0WdXv+cwowkl0URRrm3AVYzPVA=
=7bVF
-----END PGP SIGNATURE-----

More information about the lsb-discuss mailing list