Am Samstag, 17. Dezember 2011 schrieb Rüdiger Meier:
On Friday 16 December 2011, Pascal Bleser wrote:
> On 2011-12-15 09:30:56 (+0100), Ludwig Nussel wrote:
> > So what about mandating an extra prefix or suffix to (new)
> > system user names like 'daemon' or 'service'?
> That being said, won't it be a massive pain
in the bottom to
> migrate existing packages to that convention ?
> As well as for package upgrades ?
I guess there's a reason why Ludwig wrote "(new) system user" ;-)
I agree that changing the existing system users would be a pain.
OTOH avoiding possible conflicts at least for new system users is better
BTW: Should we do the same for the _groups_ used by daemons?
What about maintaining a blacklist of names reserved
for system users
only? useradd or yast could respect that list somehow.
Good idea. We have that list already  - copying it (automatically!)
to the YaST package shouldn't be too hard.
BTW has anybody of you ever hit such user name
conflict in practice?
And if so wouldn't you notice and fix that quickly?
That depends ;-)
If the system user exists first, you'll notice when you want to create
However if the "real" user exists first, the package installation will
re-use this existing user, which means giving the daemon read and write
access to the user's files...
Oh well, if this ever happens in practise and the daemon has an AppArmor
profile, I'll have a good argument to enable AppArmor by default again
 in the target package of
which I currently can't access (the build service errors out with
"bad gateway") - in other words: sorry, no package and file name ;-)
Es steht dir frei, dich auch auszutragen, damit du von
David, Thorsten, Bernd, ... nicht weiter belästigt wirst.
Und ich gehöre da nicht
[> Matthias Houdek und Florian Gross in suse-linux]
To unsubscribe, e-mail: opensuse-packaging+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-packaging+owner(a)opensuse.org