Mail archive
alpine-devel

[alpine-devel] UID+GID inconsistency for installed services

From: Przemysław Pawełczyk <przemoc_at_zoho.com>
Date: Wed, 20 Apr 2016 22:30:30 +0200

Hi,

I noticed some inconsistency with UIDs and GIDs assigned for services.
It was possible thanks to crony's awful entry in my /etc/passwd:

    chrony:x:100:1000:Linux User,,,:/var/log/chrony:/sbin/nologin

It is linux user, but not a human linux user, what is meant here.
The problem in this particular case is high GID, usually reserved for
users.

Looking at main alone in aports we have following situation right now.

    $ git grep adduser | wc -l
    108
    $ git grep adduser | grep -v -- ' -S' | wc -l
    39
    $ git grep adduser | grep -v -- ' -S' | grep -- ' -u' | wc -l
    3

There are 108 invocations of adduser, 39 of them lack -S (system user)
option, but within them 3 provide low UID.
So these 3 could be left intact, but for consistency it would be better
to add -S to all 39 adduser invocations lacking it.

    $ git grep addgroup | wc -l
    106
    $ git grep addgroup | grep -v -- ' -S' | wc -l
    43
    $ git grep addgroup | grep -v -- ' -S' | grep -- ' -g' | wc -l
    1

There are 106 invocations of addgroup, 43 of them lack -S (system
group) option, but within them 1 provides low GID.

I think all these should be fixed, also in community and testing.
And I doubt there will be any opposition.

I may prepare all patches to not burden anyone with this, but question
is whether changes should be split per package, per category, maybe
one big patch would be fine?

Or maybe someone with commits rights prefers to do it herself/himself?

Regards,
Przemek



---
Unsubscribe:  alpine-devel+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-devel+help_at_lists.alpinelinux.org
---
Received on Wed Apr 20 2016 - 22:30:30 UTC