X-Original-To: alpine-devel@mail.alpinelinux.org Delivered-To: alpine-devel@mail.alpinelinux.org Received: from mail.alpinelinux.org (dallas-a1.alpinelinux.org [127.0.0.1]) by mail.alpinelinux.org (Postfix) with ESMTP id 0C7ABDCE5FE for ; Wed, 20 Apr 2016 20:30:34 +0000 (UTC) Received: from sender153-mail.zoho.com (sender153-mail.zoho.com [74.201.84.153]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mail.alpinelinux.org (Postfix) with ESMTPS id 23775DC9D2B for ; Wed, 20 Apr 2016 20:30:33 +0000 (UTC) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=zapps768; d=zoho.com; h=date:from:to:message-id:subject:mime-version:content-type:user-agent; b=DBcdN5MSxaSo9U+mTlV3iuXm0haB0c0baPqqeiP80dCaP14ZDyWIQdI2via3GKQ2sGQ4IehEJO4p V+w1MFe2NC+p4eIhxp5lmdWF3lN1WAHEGrz4kkTrT44f2lR3VwJv Received: from mail.zoho.com by mx.zohomail.com with SMTP id 1461184230606976.074069267786; Wed, 20 Apr 2016 13:30:30 -0700 (PDT) Received: from [89.74.38.183] by mail.zoho.com with HTTP;Wed, 20 Apr 2016 13:30:30 -0700 (PDT) Date: Wed, 20 Apr 2016 22:30:30 +0200 From: =?UTF-8?Q?Przemys=C5=82aw_Pawe=C5=82czyk?= To: "alpine-devel" Message-ID: <154355df497.e6017f8d18572.7702314254654647251@zoho.com> Subject: [alpine-devel] UID+GID inconsistency for installed services X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Priority: Medium User-Agent: Zoho Mail X-Mailer: Zoho Mail X-Virus-Scanned: ClamAV using ClamSMTP Hi, I noticed some inconsistency with UIDs and GIDs assigned for services. It was possible thanks to crony's awful entry in my /etc/passwd: chrony:x:100:1000:Linux User,,,:/var/log/chrony:/sbin/nologin It is linux user, but not a human linux user, what is meant here. The problem in this particular case is high GID, usually reserved for users. Looking at main alone in aports we have following situation right now. $ git grep adduser | wc -l 108 $ git grep adduser | grep -v -- ' -S' | wc -l 39 $ git grep adduser | grep -v -- ' -S' | grep -- ' -u' | wc -l 3 There are 108 invocations of adduser, 39 of them lack -S (system user) option, but within them 3 provide low UID. So these 3 could be left intact, but for consistency it would be better to add -S to all 39 adduser invocations lacking it. $ git grep addgroup | wc -l 106 $ git grep addgroup | grep -v -- ' -S' | wc -l 43 $ git grep addgroup | grep -v -- ' -S' | grep -- ' -g' | wc -l 1 There are 106 invocations of addgroup, 43 of them lack -S (system group) option, but within them 1 provides low GID. I think all these should be fixed, also in community and testing. And I doubt there will be any opposition. I may prepare all patches to not burden anyone with this, but question is whether changes should be split per package, per category, maybe one big patch would be fine? Or maybe someone with commits rights prefers to do it herself/himself? Regards, Przemek --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---