[arch-dev-public] Merging UID/GID database into filesystem

Andrew Gregory andrew.gregory.8 at gmail.com
Wed Mar 11 18:25:51 UTC 2015


On 03/10/15 at 10:58am, Gaetan Bisson wrote:
> Dear all,
> 
> Following up on the User/Group management TODO list [1], I'd like to
> merge the users and group from the UID/GID Database [2] into the passwd
> and group files our filesystem package provides.
> 
> [1] https://www.archlinux.org/todo/usergroup-management/
> [2] https://wiki.archlinux.org/index.php/DeveloperWiki:UID_/_GID_Database
> 
> We all obviously think of these UID and GID as static, and Allan even
> argued that they should never be removed, so it makes little sense to
> create them dynamically in packages' post_install scriplets, especially
> since their values must already be hardcoded into the PKGBUILD to avoid
> the new pacman warnings (even before post_install creates the UID/GID).
> 
> So for those of my packages that have an entry in [2] I'd like to
> replace the UID/GID management part of the install scriptlet by entries
> in the passwd and group files in our filesystem package. And I'd also
> like to invite other devs to do the same.
> 
> Are there any objections, comments or suggestions on that?

It is improper for package scriptlets to remove UIDs or GIDs because
the scriptlet does not know if the user/group is still needed.  Users,
however, are free to prune unnecessary UIDs/GIDs after verifying that
they are unneeded.  That will no longer be possible for static
UIDs/GIDs if packages do not create them upon installation.

For what it's worth, this would also raise the risk of users blindly
removing UIDs/GIDs they still need when merging .pacnew files if we
were ever to remove a UID/GID from the stock config.

apg


More information about the arch-dev-public mailing list