uids for daemons on a spin

Martin Langhoff martin.langhoff at gmail.com
Mon Aug 4 08:52:29 UTC 2008 

On Mon, Aug 4, 2008 at 8:03 PM, Michael Schwendt <mschwendt at gmail.com> wrote:
> No word from you on whether you configured it for static gid/uid
> allocation.

Static? No mention of that in the wikipage so I don't know... I am
using it in its "default". The default value seems to be 300 for uid
and gid. Suits me ok - at least for the testing I am doing. And
looking at the bash -x output (_stop_ reading now and scroll back to
my earlier email - I flagged the relevant line to make it stand out),
it _is_ reading '300' and adding '3' and then tries to create the user
with id 303.

Except that it passes the '303' wrong to useradd. Oops!

and the 2nd script very purposefully discards the 303 without checking
anything. An elaborate ruse to discard the desired uid and gid? ;-)

> Yes. It's usage is controversial, though, as it's considered non-trivial
> and non-intuitive by some.

I find the concepts and documentation in the wiki easy enough for me,
and it will be no problem to use this strategy on the School Server
spin. If it works!

The code OTOH, is computing the right number and then meticulously
_discarding_ it. See

- /etc/fedora/usermgmt/scripts/groupadd - discards the gid
vs
- /etc/fedora/usermgmt/scripts.shadow-utils/groupadd  - uses the gid

So you would think that there's a branch in the controlling script
that based on some rule it will switch to "scripts.shadow-utils"
rather than "scripts". Not so - line 73 of
/usr/share/fedora-usermgmt/wrapper is our only chance, and it says...

  for i in "$BASE_DIR/scripts/$skin" "$BASE_DIR/$skin"; do

I just imported the cvs history into git and walked it up and down.
Unfortunately it's only 0.7 so packaging changes and no interesting
stuff. All the versions I can see in there are 100% bent on discarding
the user input.

Instead of using this script perhaps I can write the desired gid to
/dev/null and see if it works ;-)

Might still be a PEBKAC at my end, but I cannot see anyt hint that the
code in CVS has ever worked -

puzzled,



m
-- 
 martin.langhoff at gmail.com
 martin at laptop.org -- School Server Architect
 - ask interesting questions
 - don't get distracted with shiny stuff  - working code first
 - http://wiki.laptop.org/go/User:Martinlanghoff

More information about the fedora-devel-list mailing list