[aur-general] Prefered way to create users/groups and handle files ownership
thomas at archlinux.org
Tue Feb 4 10:29:01 EST 2014
Am 25.01.2014 17:13, schrieb Maxime Gauduin:
> The reason why permissions should be set in the PKGBUILD is because that
> way pacman can track them. Then it's up to the maintainer to choose
> UIDs/GIDs that do not conflict with official packages, and to the user to
> check that they don't already use that particular UID/GID ,before
> installing an AUR package.
This is not optimal, but there's a list of UIDs and GIDs:
Beyond that, there's two comments I have:
1) Software shouldn't really rely on files being owned/writable by
certain users. An application is either a system service, which can
adjust the needed permissions at runtime before dropping privileges -
thus no need to hardcode uids or even user names. If the application is
a user application, then it writes with the user's permissions anyway.
If an admin wants a user application to run system-wide, it's his job to
set up user and working directory.
In short: apart from very few system-specific groups, the package
manager should not be involved here, and packages that need files owned
by special non-root users should be fixed.
2) *If* we really need specific UIDs, then pacman should gain a feature
where it translates ownership during package extraction.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 901 bytes
Desc: OpenPGP digital signature
More information about the aur-general