[arch-dev-public] Fixing groupadd
Allan McRae
allan at archlinux.org
Mon Feb 22 10:19:32 EST 2010
Hi,
At the moment, groupadd always creates system groups with GID=99.
(http://bugs.archlinux.org/task/16092).
We can fix this by adding something quite standard like:
SYS_UID_MIN = 100
SYS_GID_MIN = 100
SYS_UID_MAX = 999
SYS_GID_MAX = 999
in /etc/login.defs
But this will lead to possible issues with packages using fixed GID >=
100. e.g. I could create a bunch system groups and then install a
package who has predetermined that an already used group ID is for it.
There are two possible solutions:
1) Set SYS_{U,G}ID_MIN to (e.g.) 500 and have all packages use numbers
below 500.
2) Have the packages create a group without a specified ID. Anything
requiring a fixed group ID at compile time (e.g. mailman) must use a
number < 100.
I am in favour of #2 (slightly) as it seems the better solution, but #1
would only require shadow to be fixed and no rebuilds for other packages
(the number of rebuilds for #2 would be very small). Opinions?
Allan
More information about the arch-dev-public
mailing list