From owner-freebsd-ports@FreeBSD.ORG Mon Nov 13 17:53:16 2006 Return-Path: X-Original-To: freebsd-ports@FreeBSD.org Delivered-To: freebsd-ports@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 651BF16A4D0; Mon, 13 Nov 2006 17:53:16 +0000 (UTC) (envelope-from dmitry@atlantis.dp.ua) Received: from postman.atlantis.dp.ua (postman.atlantis.dp.ua [193.108.47.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id 96E0C43D7B; Mon, 13 Nov 2006 17:52:45 +0000 (GMT) (envelope-from dmitry@atlantis.dp.ua) Received: from smtp.atlantis.dp.ua (smtp.atlantis.dp.ua [193.108.46.231]) by postman.atlantis.dp.ua (8.13.1/8.13.1) with ESMTP id kADHqMmx073919; Mon, 13 Nov 2006 19:52:23 +0200 (EET) (envelope-from dmitry@atlantis.dp.ua) Date: Mon, 13 Nov 2006 19:52:22 +0200 (EET) From: Dmitry Pryanishnikov To: Sergey Skvortsov In-Reply-To: <45588754.9030809@FreeBSD.org> Message-ID: <20061113192742.N44966@atlantis.atlantis.dp.ua> References: <20061111210303.A92042@atlantis.atlantis.dp.ua> <20061111203731.GL1006@zaphod.nitro.dk> <45588754.9030809@FreeBSD.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-ports@FreeBSD.org, "Simon L. Nielsen" Subject: Re: UID/GID dynamic allocation in net/isc-dhcp3-server: why? X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Nov 2006 17:53:16 -0000 Hello! On Mon, 13 Nov 2006, Sergey Skvortsov wrote: >> Personally I have it precisely the other way around - I find the >> static allocations rather annoying since they are bound to collide >> with existing UID's at some point. > > I disagree because static allocation is _very_ useful when you install > many similar applications into several jails on the same host machine. > > Otherwise, if you'll use dynamic *ID allocation even simple "top" on > host machine may show very strange and inadequate results if identical > services are running with different UIDs. Yes, I've almost forgotten about jails. It's very important to keep the same [ug]ids for the same installed ports in different jails. This simplifies jail management a lot. E.g., one can uniformly allow/deny traffic for the same port-installed applications by just writing 'pass tcp .... uid clamav'. So yes, it seems that static [ug]id allocation is the right way to go. > Sergey Skvortsov > mailto: skv@FreeBSD.org Sincerely, Dmitry -- Atlantis ISP, System Administrator e-mail: dmitry@atlantis.dp.ua nic-hdl: LYNX-RIPE