From owner-freebsd-ports@freebsd.org Wed Feb 17 08:25:52 2016 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B4658AAAF52 for ; Wed, 17 Feb 2016 08:25:52 +0000 (UTC) (envelope-from idefix@fechner.net) Received: from anny.lostinspace.de (anny.lostinspace.de [80.190.182.2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 76ECD1190 for ; Wed, 17 Feb 2016 08:25:52 +0000 (UTC) (envelope-from idefix@fechner.net) Received: from server.idefix.lan (aftr-185-17-205-252.dynamic.mnet-online.de [185.17.205.252]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: idefix@fechner.net) by anny.lostinspace.de (Postfix) with ESMTPSA id 004A91BCBB6 for ; Wed, 17 Feb 2016 09:25:41 +0100 (CET) DMARC-Filter: OpenDMARC Filter v1.3.1 anny.lostinspace.de 004A91BCBB6 Authentication-Results: anny.lostinspace.de; dmarc=none header.from=fechner.net DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=fechner.net; s=default; t=1455697542; bh=tOID4iATvodm7Lwau+TQ9speiC7qgC+5vP2Ksss5Sew=; h=Subject:To:References:From:Date:In-Reply-To; b=YdYMFaqr3F79LrHtq2XcU/RGy3FGc/SAB0KyKN1vvH9J9wftKu2K66QqTQrD0DitY V3SbBSa6IschKrQ+t7dzqHKKjXZnCK76WqTRTppOWI2Qb5SVdzwOFMfMUb/ioZMo0w ZDncorXclV7I4mJs5L4u+eiVZOY3aWSbdEIRwkSk= Received: from [192.168.0.151] (aftr-185-17-205-252.dynamic.mnet-online.de [185.17.205.252]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by server.idefix.lan (Postfix) with ESMTPSA id 3AD90E3E5D for ; Wed, 17 Feb 2016 09:25:41 +0100 (CET) Subject: Re: New user/group in /usr/ports/UIDs and /usr/ports/GIDs To: freebsd-ports@freebsd.org References: <56BF0836.6050507@fechner.net> <56C19E13.70203@fechner.net> <20160215094919.GI26283@home.opsec.eu> <56C1E8B3.8090301@fechner.net> <20160215152445.GK26283@home.opsec.eu> <56C25563.2090806@fechner.net> <56C25AAB.6000501@gmail.com> <56C2DB83.2090801@fechner.net> <56C37737.3040600@gmail.com> From: Matthias Fechner Message-ID: <56C42E79.4040300@fechner.net> Date: Wed, 17 Feb 2016 09:25:29 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1 MIME-Version: 1.0 In-Reply-To: <56C37737.3040600@gmail.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Feb 2016 08:25:52 -0000 Am 16.02.2016 um 20:23 schrieb Douglas Thrift: > While your arguments for user isolation make sense, they really only > make sense if you were to be using gitolite or gitosis at the same time > as gogs which I imagine would not be that common. I am not opposed to > you having a gogs user on your system, but I think that the default user > defined by the port should reflect a reasonable default for most people, > and that user is git not gogs, even the gogs documentation directs you > to use the git user. the default git user will not work, it has its homedir in /usr/local/git but gogs expect it on /var/db/gogs/home. I know, here is a second user generated but if I look on the pros and cons I think using a dedicated gogs user is here more secure (for security and also for the upgrade path in the future). Gruß Matthias -- "Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the universe trying to produce bigger and better idiots. So far, the universe is winning." -- Rich Cook