From owner-freebsd-hackers Thu Sep 2 9:12:43 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from dt011n65.san.rr.com (dt010nb9.san.rr.com [204.210.12.185]) by hub.freebsd.org (Postfix) with ESMTP id 1B2C714BE0 for ; Thu, 2 Sep 1999 09:12:38 -0700 (PDT) (envelope-from Doug@gorean.org) Received: from gorean.org (master [10.0.0.2]) by dt011n65.san.rr.com (8.9.3/8.8.8) with ESMTP id JAA42532; Thu, 2 Sep 1999 09:10:34 -0700 (PDT) (envelope-from Doug@gorean.org) Message-ID: <37CEA17A.6774BE6E@gorean.org> Date: Thu, 02 Sep 1999 09:10:34 -0700 From: Doug Organization: Triborough Bridge & Tunnel Authority X-Mailer: Mozilla 4.61 [en] (X11; U; FreeBSD 4.0-CURRENT-0826 i386) X-Accept-Language: en MIME-Version: 1.0 To: Sheldon Hearn Cc: Markus Stumpf , hackers@freebsd.org Subject: Re: Proposal: Add generic username for 3rd-party MTA's References: <25760.936280900@axl.noc.iafrica.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Sheldon Hearn wrote: > > On Thu, 02 Sep 1999 15:42:56 +0200, Markus Stumpf wrote: > > > The numeric id IS important. > > How do you think NFS maintains privileges across machines? > > I have no idea how NFS works. :-) > > I _do_ know that, if machines across the network need to know about > magical IDs on their peers, then it's nothing like how SMTP works, and > thus irrelevant to the username I think we should add. You can't say on the one hand that there are no rational arguments against your proposal (as you did in another post) and then on the other say that you choose to ignore arguments you don't understand. As I see it there are three groups of people relevant to this change. One is a fairly small group who use exim or postfix as their MTA who would benefit from this change. Next is a group (including myself) who are responsible from maintaining freebsd in heterogenous network environments who would be penalized by this change. With no hard data to support my position I'd say that these two groups are roughly equal. Finally there is a whole big chunk of people for whom this change provides no benefit. So at best, it's a wash, at worst it's a bad idea. > > This also has nothing to do with emotions ... it's my experience from > > the time I worked at the computing staff at the univ, where we had to > > maintain a few thousand users on a few hundred machines of all types. > > The tools which help you add users default to a minimum UID of 1000. If > users have been added with very low UID's, they've been added manually. > This change won't be uncomfortable for people who have their hands that > deep into the system. > > More to the point, though, who cares whether the user's ID is 25 on one > box, 12 on another and 2525 on a third? The _name_ is what we're looking > for, here. As already pointed out, the system doesn't know anything about the names. All it cares about are the numbers. > > In some perspectives ($HOMEs, mail, standard programs, shared document > > space) the machines had to look and feel alike for the users. > > > > We noticed that the predefined uids/gids on the systems were nearly > > useless for that tasks (as they were all different) > > ID's _are_ useless for the task of look'n'feel. That's what usernames > are for. Again, you've completely missed the point. > > If in such an environemt the uid 25 is already used for some other > > service it's a pain to integrate new FreeBSD machines from the > > moment FreeBSD comes shipped with uid 25 allocated to a user smtp. > > I'm not catering for people who create accounts with low UID's and then > try to > > 1) Merge in master.passwd entries from subsequent FreeBSD > releases without using their eyes. > > 2) Install STABLE packages on RELEASE systems. But that's just the problem. You're violating POLA for something that provides no clear benefit, except to a small handful of people for whom there is already an appropriate and painless solution. And ultimately -Stable will become -Release, so your argument here is absurd on its face. Please understand, this is not a personal attack. I'm sure that your proposal was motivated by good intentions, but those of us who see the harm in it and understand the issues involved are trying to explain why it's a bad idea. Doug To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message