This one time, at band camp, Tuukka Hastrup said: > On Sat, 9 Dec 2006, Stephen Gran wrote: > > This one time, at band camp, Tuukka Hastrup said: > > > According to the policy, UIDs and GIDs less than 100 are the same > > > on all Debian systems and come from the base-passwd package. The > > > adduser man page says adduser and addgroup "are friendlier front > > > ends to tools like useradd, groupadd and usermod programs, > > > choosing Debian policy conformant UID and GID values --." However, > > > the programs don't enforce this policy item or remind about it in > > > the documentation. > > > > I understand you to be saying that when you override adduser's > > defaults, it allows you to create a user with uid < 100 ? Is that > > correct? > > Yes, it provides mechanisms for that and doesn't inform the user of > the consequences. That is, as adduser promises to be a friendly front > end, it shouldn't expect the local system administrator to know the > traps in the Debian Policy.
So, you want adduser to warn the admin that it's doing what it's been told to do? I'm not yett convinced, sorry. I'm also not completely sure what actual harm comes of this, unless you combine several willfull steps to make something go wrong. If you can demonstrate consequences, I think I'll be more inclined to agree that something should be done about it. You see, I think there's a balance between making adduser helpful to people who don't want to have to care about policy compliant user management, and making it a useful general purpose user management tool for people who know the risks and still want to do unusual things. I'm worried this will make it more irritating for the second group, without providing much benefit to the first group. Take care, -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : [EMAIL PROTECTED] | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
signature.asc
Description: Digital signature
