From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id kHc8NE7P71/GVwAA0tVLHw (envelope-from ) for ; Sat, 02 Jan 2021 01:41:34 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id eF3cL07P71/lTQAAB5/wlQ (envelope-from ) for ; Sat, 02 Jan 2021 01:41:34 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id CD24594038E for ; Sat, 2 Jan 2021 01:41:33 +0000 (UTC) Received: from localhost ([::1]:41276 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kvVv9-00062g-9w for larch@yhetil.org; Fri, 01 Jan 2021 20:41:31 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:33508) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kvVul-00062L-M0 for bug-guix@gnu.org; Fri, 01 Jan 2021 20:41:07 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:51769) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kvVug-0002Pq-0J for bug-guix@gnu.org; Fri, 01 Jan 2021 20:41:06 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1kvVuf-0007mB-UX for bug-guix@gnu.org; Fri, 01 Jan 2021 20:41:01 -0500 X-Loop: help-debbugs@gnu.org Subject: bug#45571: Fwd: Re: bug#45571: Support stable uids and gids for all accounts Resent-From: Danny Milosavljevic Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Sat, 02 Jan 2021 01:41:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 45571 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: Leo Prikler Received: via spool by 45571-submit@debbugs.gnu.org id=B45571.160955166029876 (code B ref 45571); Sat, 02 Jan 2021 01:41:01 +0000 Received: (at 45571) by debbugs.gnu.org; 2 Jan 2021 01:41:00 +0000 Received: from localhost ([127.0.0.1]:35082 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kvVud-0007lo-Oz for submit@debbugs.gnu.org; Fri, 01 Jan 2021 20:40:59 -0500 Received: from dd26836.kasserver.com ([85.13.145.193]:34162) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kvVub-0007lf-B6 for 45571@debbugs.gnu.org; Fri, 01 Jan 2021 20:40:58 -0500 Received: from localhost (80-110-127-104.cgn.dynamic.surfer.at [80.110.127.104]) by dd26836.kasserver.com (Postfix) with ESMTPSA id 61CD133609D6; Sat, 2 Jan 2021 02:40:56 +0100 (CET) Date: Sat, 2 Jan 2021 02:40:54 +0100 From: Danny Milosavljevic Message-ID: <20210102024054.158bb3ba@scratchpost.org> In-Reply-To: <90ec1e8c2daab55d0e41b0fcd61706418789b2a8.camel@student.tugraz.at> References: <58174c197a7b42b29927c492d25e28c684d199ea.camel@student.tugraz.at> <90ec1e8c2daab55d0e41b0fcd61706418789b2a8.camel@student.tugraz.at> X-Mailer: Claws Mail 3.17.8 (GTK+ 2.24.32; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="Sig_/.3wCljM+PBkrfyvcyd/Aa46"; protocol="application/pgp-signature"; micalg=pgp-sha512 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: 45571@debbugs.gnu.org Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" X-Migadu-Flow: FLOW_IN X-Migadu-Spam-Score: -2.43 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Migadu-Queue-Id: CD24594038E X-Spam-Score: -2.43 X-Migadu-Scanner: scn1.migadu.com X-TUID: rZ4biit9vhYd --Sig_/.3wCljM+PBkrfyvcyd/Aa46 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hi Leo, On Sat, 02 Jan 2021 00:16:45 +0100 Leo Prikler wrote: > > And it indeed is possible to add (uid 4711) in the literal and it > > will work > > just fine. =20 > I'm aware you're joking, or at least I hope you are,=20 What? It's perfectly reasonable for a distribution to have stable system user ids. That's what Debian supports, too: https://www.debian.org/doc/debian-policy/ch-opersys.html#uid-and-gid-classes >0-99: >Globally allocated by the Debian project, the same on every Debian system.= These ids will appear in the passwd and group files of all Debian systems,= new ids in this range being added automatically as the base-passwd package= is updated. >Packages which need a single statically allocated uid or gid should use on= e of these; their maintainers should ask the base-passwd maintainer for ids. [...] >60000-64999: >Globally allocated by the Debian project, but only created on demand. The = ids are allocated centrally and statically, but the actual accounts are onl= y >created on users=E2=80=99 systems on demand. >[...] And so does FreeBSD, see https://www.freebsd.org/doc/en/books/porters-handbook/users-and-groups.= html and https://github.com/freebsd/freebsd-ports/blob/master/UIDs for the actua= l registry. For that matter, IANA does this for ports and many other things. And so on. Stable defaults are *good*. Right now, the Guix service user user-account record specifies 99% of the /etc/passwd entry. I indeed propose to make it 100% for system users for G= uix system services. >but I shouldn't have to point out why hardcoding ids into those literals i= s a >bad idea. You have to point that out to us--especially since Guix service user accoun= ts of the account-service-type extension can only be instantiated once anyway. --Sig_/.3wCljM+PBkrfyvcyd/Aa46 Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEds7GsXJ0tGXALbPZ5xo1VCwwuqUFAl/vzyYACgkQ5xo1VCww uqUbsAgAjLphtZlJJ10DEg8c6typg0Rq5EWdyRhaMoSFRDfCO2wXX9vOdAQBiN23 /8bjCJ9Lh5so8E3jrY1xjCKtrkI+oNL9JjhJ/1rBwPCeq9EX2k73uzaXmWndDbE1 vMo7rwrKDxde6DsOAivgLdHWRnxwOxbOK+2IMNjWqPX7rJiPGpNntVTbZauZCTB4 CTkoHbHIdwws8VPIhfoRH1nT5kb6jVQHcjOjuB57lkhhzmb33RCXvS/yGbuazxSH m1VGWYN5mJAg0TFMWR4K1AANHASECnF7k0jKGGB21WV+JgFKwpspCdvcv77IHMB4 RE7k53vfolCQ/VQ/g+78BbA8LB8gUw== =6948 -----END PGP SIGNATURE----- --Sig_/.3wCljM+PBkrfyvcyd/Aa46--