[aur-general] Assigning Numbers to User and Group
I've been working on an alternate PKGBUILD for speech dispatcher where it would run as a system wide service by default. In doing this, I created a user, speechd and a group, a11y so I could keep the speech environment secure through the unix domain socket. So far, it seems to be looking and working pretty good. Anyway, I don't know how numeric IDs are assigned to users and groups - especially those intended to be used by system daemons like mysql or postgreql. I have postgresql on my box and it does this same kind of thing with user and group creation. Do you know what values I should be using so I don't conflict with other potential packages? If you want an example of what I'm talking about, see the PKGBUILD script for postgreql it creates a user and group on the fly as needed. I plan to do the same with my project. Thanks for any help you can.
On Wed, Oct 13, 2010 at 04:07:38PM -0700, Steve Holmes wrote:
Anyway, I don't know how numeric IDs are assigned to users and groups - especially those intended to be used by system daemons like mysql or postgreql. I have postgresql on my box and it does this same kind of thing with user and group creation. Do you know what values I should be using so I don't conflict with other potential packages?
Make sure the user and group IDs don't conflict with those in the UID / GID Database [1]. [1] http://wiki.archlinux.org/index.php/DeveloperWiki:UID_/_GID_Database
On Thu, Oct 14, 2010 at 03:07:45AM +0200, Lukas Fleischer wrote:
Make sure the user and group IDs don't conflict with those in the UID / GID Database [1].
[1] http://wiki.archlinux.org/index.php/DeveloperWiki:UID_/_GID_Database
Thanks for the reference. I got a referal to that earlier in the day. What I wonder though is how we are supposed to clear these new IDs so someone else doesn't use it too. I understand it is difficult or impossible to update this list. Example: I might take user 111 and group 111 but there's no way for some other package developer to try and use the same ones in his or her project. I guess as long as those two packages don't end up on the system, no harm, no fowel:).
On 14/10/10 05:18, Steve Holmes wrote:
On Thu, Oct 14, 2010 at 03:07:45AM +0200, Lukas Fleischer wrote:
Make sure the user and group IDs don't conflict with those in the UID / GID Database [1].
[1] http://wiki.archlinux.org/index.php/DeveloperWiki:UID_/_GID_Database
Thanks for the reference. I got a referal to that earlier in the day. What I wonder though is how we are supposed to clear these new IDs so someone else doesn't use it too. I understand it is difficult or impossible to update this list. Example: I might take user 111 and group 111 but there's no way for some other package developer to try and use the same ones in his or her project. I guess as long as those two packages don't end up on the system, no harm, no fowel:).
Is it important that the UID/GID are well-known, i.e. are the same on all systems, that would be the case if they are hardcoded somewhere in the code? If that isn't the case then just create the UID/GID as system accounts instead. /M -- Magnus Therning (OpenPGP: 0xAB4DFBA4) magnus@therning.org Jabber: magnus@therning.org http://therning.org/magnus identi.ca|twitter: magthe
On Thu, Oct 14, 2010 at 06:52:46AM +0100, Magnus Therning wrote:
Is it important that the UID/GID are well-known, i.e. are the same on all systems, that would be the case if they are hardcoded somewhere in the code?
The actual numeric values don't matter to me all that much. From what I had seen in other scripts, I thought one had to know the numeric ID of a group to assign a user to it when doing the useradd command. I can look into that further.
If that isn't the case then just create the UID/GID as system accounts instead.
Yeah, I wouldn't mind doing it that way. I'll have to see what ways one can create users and specify the primary group without knowing the calculated numeric gid. Thanks for the suggestion.
On Thu, 14 Oct 2010 02:44:40 -0700 Steve Holmes <steve.holmes88@gmail.com> wrote:
On Thu, Oct 14, 2010 at 06:52:46AM +0100, Magnus Therning wrote:
Is it important that the UID/GID are well-known, i.e. are the same on all systems, that would be the case if they are hardcoded somewhere in the code?
The actual numeric values don't matter to me all that much. From what I had seen in other scripts, I thought one had to know the numeric ID of a group to assign a user to it when doing the useradd command. I can look into that further.
If that isn't the case then just create the UID/GID as system accounts instead.
Yeah, I wouldn't mind doing it that way. I'll have to see what ways one can create users and specify the primary group without knowing the calculated numeric gid.
You could use "useradd -r -U", which would create a group with the same name as the user (this is usually the best way for system-daemon users). Or, if you want another groupname, use "groupadd -r" and then use "useradd -r -g <groupname>" to create the user belonging to that group. Perhaps it would be a good idea to write a .install prototype for this? This question pops up every now an then, and I have seen quite some wrong ways to handle user/group creation on the AUR. -- Jinks
participants (4)
-
Alexander Duscheleit
-
Lukas Fleischer
-
Magnus Therning
-
Steve Holmes