X-Original-To: alpine-devel@mail.alpinelinux.org Delivered-To: alpine-devel@mail.alpinelinux.org Received: from mail.alpinelinux.org (dallas-a1.alpinelinux.org [127.0.0.1]) by mail.alpinelinux.org (Postfix) with ESMTP id 3840EDC0933 for ; Thu, 21 Apr 2016 07:14:38 +0000 (UTC) Received: from newmail.tetrasec.net (unknown [74.117.189.117]) by mail.alpinelinux.org (Postfix) with ESMTP id 161A6DC0330 for ; Thu, 21 Apr 2016 07:14:38 +0000 (UTC) Received: from ncopa-desktop.alpinelinux.org (229.63.200.37.customer.cdi.no [37.200.63.229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: n@tanael.org) by newmail.tetrasec.net (Postfix) with ESMTPSA id 1963E5A12F8; Thu, 21 Apr 2016 07:14:36 +0000 (GMT) Date: Thu, 21 Apr 2016 09:14:30 +0200 From: Natanael Copa To: =?ISO-8859-1?B?UHJ6ZW15cyphdyBQYXdlKmN6eWs=?= Cc: "alpine-devel" Subject: Re: [alpine-devel] UID+GID inconsistency for installed services Message-ID: <20160421091430.0de9dd2e@ncopa-desktop.alpinelinux.org> In-Reply-To: <154355df497.e6017f8d18572.7702314254654647251@zoho.com> References: <154355df497.e6017f8d18572.7702314254654647251@zoho.com> X-Mailer: Claws Mail 3.13.2 (GTK+ 2.24.28; x86_64-alpine-linux-musl) X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Virus-Scanned: ClamAV using ClamSMTP On Wed, 20 Apr 2016 22:30:30 +0200 Przemys*aw Pawe*czyk wrote: > Hi, >=20 > I noticed some inconsistency with UIDs and GIDs assigned for services. > It was possible thanks to crony's awful entry in my /etc/passwd: >=20 > chrony:x:100:1000:Linux User,,,:/var/log/chrony:/sbin/nologin >=20 > It is linux user, but not a human linux user, what is meant here. > The problem in this particular case is high GID, usually reserved for > users. ... =20 > There are 106 invocations of addgroup, 43 of them lack -S (system > group) option, but within them 1 provides low GID. >=20 > I think all these should be fixed, also in community and testing. > And I doubt there will be any opposition. I agree. We should fix this. > I may prepare all patches to not burden anyone with this, but question > is whether changes should be split per package, per category, maybe > one big patch would be fine? In this case i think a single patch would be fine. Please note that I am currently working on a more portable useradd/groupadd (see http://lists.busybox.net/pipermail/busybox/2016-February/083907.html) We should replace the adduser with useradd and addgroup with groupadd once that is in place. But I think it may be worth adding the '-S' like you suggest first. Or maybe even '--system' which should work with the useradd/groupadd. > Or maybe someone with commits rights prefers to do it herself/himself? Please feel free to send a patch. Also, please ping me in IRC once you've sent it as this patch will need to go in relatively fast as other updates will cause conflict. Thanks! -nc --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---