From owner-freebsd-hackers  Wed Sep  1 18:24:29 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from smtp11.bellglobal.com (smtp11.bellglobal.com [204.101.251.53])
	by hub.freebsd.org (Postfix) with ESMTP id 6468814D2A
	for <hackers@FreeBSD.ORG>; Wed,  1 Sep 1999 18:24:25 -0700 (PDT)
	(envelope-from vanderh@ecf.toronto.edu)
Received: from localhost.nowhere (ppp6640.on.bellglobal.com [206.172.208.232])
	by smtp11.bellglobal.com (8.8.5/8.8.5) with ESMTP id VAA04878;
	Wed, 1 Sep 1999 21:25:30 -0400 (EDT)
Received: (from tim@localhost)
	by localhost.nowhere (8.9.3/8.9.1) id UAA18333;
	Wed, 1 Sep 1999 20:40:51 -0400 (EDT)
	(envelope-from tim)
Date: Wed, 1 Sep 1999 20:40:51 -0400
From: Tim Vanderhoek <vanderh@ecf.utoronto.ca>
To: Andrew Reilly <areilly@nsw.bigpond.net.au>
Cc: Pascal Hofstee <daeron@Wit401305.student.utwente.nl>,
	Doug <Doug@gorean.org>, Sheldon Hearn <sheldonh@uunet.co.za>,
	hackers@FreeBSD.ORG
Subject: Re: Proposal: Add generic username for 3rd-party MTA's
Message-ID: <19990901204051.A14974@mad>
Reply-To: hoek@FreeBSD.ORG
References: <Pine.BSF.4.10.9909011207240.31203-100000@dt010nb9.san.rr.com> <Pine.BSF.4.10.9909012249510.12931-100000@shadowmere.student.utwente.nl> <19990902082738.A46667@gurney.reilly.home>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.95i
In-Reply-To: <19990902082738.A46667@gurney.reilly.home>; from Andrew Reilly on Thu, Sep 02, 1999 at 08:27:38AM +1000
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Thu, Sep 02, 1999 at 08:27:38AM +1000, Andrew Reilly wrote:
> 
> Another data point: qmail adds _seven_ new users, and one new
> group.  It has a very paranoid security model.
> 
> I think that it uses a script to add them, but maybe I did it
> myself.  It was a while ago...

The qmail port uses a script.  The script uses pw.  Note that qmail
also has registered its uids and gids with the ports system.  Because
qmail has registered uids and gids, it is allowed to insist on getting
a specific uid or gid number.  I do not reccomend this for most ports.
Most ports which require a uid or gid do not require a specific
number (and thus do not require that the uid or gid be registered).
These ports need merely add the required username or groupname from
a pkg/INSTALL script.  Qmail is an exception; qmail compiles the
uid and gid numbers into itself.  This caused the Linux package
people much angst.  :-)

Of the many ports that require their own uid and gid, some of them are
not good examples to follow.  I believe qmail is ok (although it's
pkg/INSTALL uses perl, which is sub-ideal).


-- 
This is my .signature which gets appended to the end of my messages.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message