-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thursday 29 January 2004 10:31, Robin H. Johnson wrote:
> I'm sorry, but that is wrong, for several reasons. While it is
> definetly true that packages shouldn't have hardcoded numeric uid/gid
> in the package, actually really do want specific numeric uid/gid in
> the ebuilds, or somewhere within the control of the distribution. The
> simplest of cases for this is GRP. For example: Take qmail as a
> package, and say it's users weren't already in baselayout (where they
> are presently), but rather assigned the next available values when
> pkg_preinst is done. Tar stores uid/gids numerically as opposed to
> names, so there is no gaurentee that install accross two systems at
> different stages will produce a installed package that works. Doing
> lots of chown calls after the package is merged, while possible, is
> more of a pain in the posterior than anything else.
This seems a tar problem to me. As tar is actually originally a backup
tool it is correct behaviour for that. It is however not correct
behaviour for cross-system functionality. Actually from the tar info
page it says following:
`--numeric-owner'
This option will notify `tar' that it should use numeric user and
group IDs when creating a `tar' file, rather than names.
It seems that names is the default. Else it should be for binary
packages.
> Another problem case is applications that resolve usernames/groupnames
> into numeric values at compile time, they also won't take kindly to
> being moved over systems as compiled packages, when the uid/gid values
> vary.
Those are the applications I think should be patched. Packages should
never depend on certain numerical uid's. If they do, they are broken.
> One final case, more for convenience in data recovery than anything
> else. Say you loose your /etc/passwd and /etc/group due to some reason
> (filesystem corruption, user error, etc.), but /usr and /var are
> still intact, distribution constant uid/gid values make recovery a
> _lot_ easier.
I can agree with that. I think it is no reason though to have a broken
implementation. It should be configurable which uid a package has. Also
there are more daemons in the world than there are "special" uid's
available, so it will not even work correctly in the end.
Basically numbers are only keys by which the kernel identifies users.
This because numbers are computationally more "nice" than names. In
normal operation packages should never care about the numbers. They can
retrieve them when they need to interact with the kernel or for internal
efficiency, but to assume that the numbers are equal all the time is a
mistake, just as assuming that users exist in /etc/passwd (why not
ldap?) and groups in /etc/group.
Paul
- --
Paul de Vrieze
Gentoo Developer
Mail: [EMAIL PROTECTED]
Homepage: http://www.devrieze.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFAGNjcbKx5DBjWFdsRAv6CAJ409SjSD/IzpClJFoQMIgfA1kfWKQCfVRQ3
f5mkga1O5HRaM2YvDj64fJg=
=wuSd
-----END PGP SIGNATURE-----
--
[EMAIL PROTECTED] mailing list
