* Bruno Friedmann email@example.com [2014-02-28 18:39]:
On Friday 28 February 2014 10.53:56 Guido Berhoerster wrote:
I'd like to propose the following addition to the packaging policy regarding users and groups (https://en.opensuse.org/openSUSE:Packaging_guidelines#Users_and_Groups):
The names of users and groups which are created by a package should be prefixed with an underscore "_". This creates a safe namespace for the distribution and avoids collisions between system group and usernames which are created by packages and regular group and usernames. Existing users and groups can be renamed with the following scriptlet: %pre getent group GROUP >/dev/null && groupmod -n _GROUP GROUP getent group _GROUP >/dev/null || groupadd -r _GROUP getent passwd USER >/dev/null && usermod -l _USER USER getent passwd _USER >/dev/null || useradd -r -g _GROUP -d HOMEDIR -s /sbin/nologin -c "user for PACKAGENAME" _USER
I'm not in favor of this kind of solution. Simply due to the fact that I already use _ as an identifier for customers groups used samba & nfs serveurs. It clearly separate my groups from anything coming from packages.
If you run your script there's a risk to have collision with my already setup group like a _www like inserting package user in a personal group
Well, we are actually trying to address exactly this problem, only the other way around. And after the transition you'll have the guarantee that there will never be a collision with package groups/user, something that you don't have right now. There is a list of all groups and users created by packages in Factory, so you can easily write a small script that checks for potential collisions and preemptively rename affected users/groups, e.g. _www to __www.
What about using % ? :-)
Not as a prefix, from useradd(8):
Usernames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes. They can end with a dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?