X-Original-To: alpine-devel@lists.alpinelinux.org Delivered-To: alpine-devel@lists.alpinelinux.org Received: from mail-ey0-f171.google.com (mail-ey0-f171.google.com [209.85.215.171]) by lists.alpinelinux.org (Postfix) with ESMTP id AD9CE1EBFF9 for ; Tue, 7 Dec 2010 16:18:14 +0000 (UTC) Received: by eyg5 with SMTP id 5so86429eyg.30 for ; Tue, 07 Dec 2010 08:18:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:sender:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :x-enigmail-version:content-type:content-transfer-encoding; bh=SWEeayuzTssT/PyKGL46XEF8QlexRGVg34MJFo890i0=; b=xllDxHHxALweBm4LKh3rjlhNqHQQX7rRKriWVydvrlUjwUYBxFa6xTL7hK3OwSwlqN Vl8NXUhCEhsz1kMjcNEqkvzORnwFLR9BdODq/cGfHcandm7HJCvL6b1Xa0thT8Jw/Wyn deZy9jogg+oCcIYN9SGZr7RpYYWNH8AM++qE4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:message-id:date:from:user-agent:mime-version:to:subject :references:in-reply-to:x-enigmail-version:content-type :content-transfer-encoding; b=POeJgHr9WDNRSKGdXBJi6Xpf6koN6IxkZbN7yxkriZfLAEfzHeN+hjPoI4sPWzv5j2 BsOo0vQH7hYny4IQy7hkcwFjGm0rWXm4Mz85XbmMCNrA72cxrQbwROj22lqocPSuB1io 6WZNTnnopOS9KKnu5lbG62n7c2QK38GUvwZ9o= Received: by 10.14.37.10 with SMTP id x10mr6536015eea.30.1291738692992; Tue, 07 Dec 2010 08:18:12 -0800 (PST) Received: from [10.26.34.2] (mail.fi.jw.org [83.145.235.193]) by mx.google.com with ESMTPS id x54sm5997856eeh.23.2010.12.07.08.18.12 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 07 Dec 2010 08:18:12 -0800 (PST) Sender: =?UTF-8?Q?Timo_Ter=C3=A4s?= Message-ID: <4CFE5E40.6030705@iki.fi> Date: Tue, 07 Dec 2010 18:18:08 +0200 From: =?UTF-8?B?VGltbyBUZXLDpHM=?= User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.12) Gecko/20101027 Thunderbird/3.1.6 X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 To: alpine-devel@lists.alpinelinux.org Subject: Re: [alpine-devel] system groups References: <20101207151943.60bfb747@alpinelinux.org> <1291737766.7439.8.camel@ncopa-desktop.nor.wtbts.net> In-Reply-To: <1291737766.7439.8.camel@ncopa-desktop.nor.wtbts.net> X-Enigmail-Version: 1.1.2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit On 12/07/2010 06:02 PM, Natanael Copa wrote: > On Tue, 2010-12-07 at 15:19 +0000, Natanael Copa wrote: >> Hi, >> >> We have introduced a special system group with gid 700. All users in >> this group will have permission to see all processes, network info and >> kernel symbols. The purpose of this is to have monitorig software like >> zabbix and nagios agents running as users that are in this group. >> >> I will update alpine-baselayout (which has not been touched for years) >> with a new group, called 'readproc', which will be used for gid 700. > > I should have picked a lower gid. Seems like 30 is free. Everybody ok > with me updating the kernel to use GID=30 and update > alpine-baselayout's /etc/group to hold 'readproc:x:30:'? Yes, that sounds better. Usually gid 100-1000 can be assigned by "addgroup --system". We would not want this GID to get autoassigned on systems where the entry does not exist. GID=30 sounds ok. - Timo --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---