On Wed, May 22, 2013 at 02:16:34PM -0700, Russ Allbery wrote: > Daniel Walrond <deb...@djw.org.uk> writes: > > > As per policy 10.9 - Permissions and owners[0], opensmtpd requires > > some system users for running non-root-privileged processes. I propose > > to user the following dynamic accounts; opensmtpd, opensmtpq, opensmtpf. > > We currently have no good policy about how to name system users, but > despite that I personally would recommend against using simple > alphanumeric usernames like those. (They are longer than eight > characters, which avoids some local namespaces, but not all.) > > There are two conventions that other packages have used to make it less > likely that system accounts will conflict with local usernames: > > * Append "Debian-" to the username, as in Debian-opensmtpd > * Append an underscore, as in _opensmtpd > > I personally mildly prefer the latter just because it's simple, although > it isn't as informative or robust against any namespace issue. Note that > you will have to pass --force-badname to adduser to let you use an > underscore in the name.
The upstream package defaults to _smtpd since all the daemons in OpenBSD start with a "_". It seems like a good convention to avoid local namespace clashes, although I haven't seen any package within Debian using it. The regex in a default install is ^[a-z][-a-z0-9_]*\$, so I think it's best to stick within that. Thanks for the input, I'll stick with opensmtpd. Dan -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130527174221.ga3...@sumdoave.com
