On Sun, Nov 28, 2021 at 08:15:13PM +0100, Michał Górny wrote: > On Sun, 2021-11-28 at 13:06 -0600, William Hubbs wrote: > > On Sun, Nov 28, 2021 at 11:06:36AM +0100, Ulrich Mueller wrote: > > > > > > > > On Sun, 28 Nov 2021, William Hubbs wrote: > > > > > > > On Mon, Nov 15, 2021 at 09:36:32AM +0300, Eray Aslan wrote: > > > > > 1/ Static allocation does not really solve a problem. Not really not > > > > > nowadays > > > > > 2/ We cant keep adding new IDs to a distribution as new software gets > > > > > added - one side is unbounded. This is losing game. > > > > > > Not sure. In practice, the number of packages is limited. (And if the > > > argument was valid, it would apply to dynamic alloction too.) > > > > > > > > Switching back to dynamic allocation seems to be the best option. > > > > > > > I realize I'm very late to this party, but +1 from me also. > > > > > > > We should use dynamic uid/git assignment by default and maybe provide > > > > a way to force certain uids/gids to be constant if users want this. > > > > > > While the rationale for static allocation that made it into GLEP 81 [1] > > > is rather weak, several people had argued in favour of it on the mailing > > > list [2]. > > > > > > In any case, let's cross that bridge when we reach it. For now, we're > > > good with 250 additional IDs. > > > > It is inevitable that we will reach this bridge again -- whether or not > > it is in a month or a year, it will happen. > > > > Why are we just kicking the can down the road instead of admitting that > > static allocation wasn't a good idea and going back to dynamic > > allocation? Let's find out what the people who argued for static > > allocation think. > > > > Why are you assuming that something "wasn't a good idea" just because > you think so?
ulm and others on the thread also mentioned the possibility of going back to dynamic allocation, so it isn't just me who brought it up. I honestly am just looking for a discussion. Do other distros statically allocate all of their system users? If not, why do we by default? I understand why enterprise users might need to, and they can with the glep 81 eclasses by setting uids/gids in make.conf, but is there a reason we force the issue at the distro level and ban -1 as the setting for ACCT_USER_ID and ACCT_GROUP_ID? William
signature.asc
Description: PGP signature
