From owner-freebsd-hackers@FreeBSD.ORG Tue Jun 28 20:21:09 2011 Return-Path: Delivered-To: hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5BB4F106564A for ; Tue, 28 Jun 2011 20:21:09 +0000 (UTC) (envelope-from jhellenthal@gmail.com) Received: from mail-iw0-f182.google.com (mail-iw0-f182.google.com [209.85.214.182]) by mx1.freebsd.org (Postfix) with ESMTP id 129768FC08 for ; Tue, 28 Jun 2011 20:21:08 +0000 (UTC) Received: by iwr19 with SMTP id 19so668165iwr.13 for ; Tue, 28 Jun 2011 13:21:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:content-transfer-encoding :in-reply-to; bh=Bs1QjnRa0xghFLHY9mqzlVU7OgjMoXYzwnymlL1Elvo=; b=CIDtQp28keaqS05iZ9UaNKlGeTQQUXZTgxnBaksSl4O6EnDZiKU1cfD5jFf1znCsZh uvmZ8/T8Y4Pgoy1/aEFvskuSAApATUy/I52xbU6OevOU+MUackt3mpeb08j9yOWYLaui ec74AELMD//q9WBGezB0+VsMS7IqtkptLg9WY= Received: by 10.42.138.199 with SMTP id d7mr9479400icu.197.1309290627089; Tue, 28 Jun 2011 12:50:27 -0700 (PDT) Received: from DataIX.net (adsl-99-190-86-179.dsl.klmzmi.sbcglobal.net [99.190.86.179]) by mx.google.com with ESMTPS id hp8sm375659icc.23.2011.06.28.12.50.21 (version=TLSv1/SSLv3 cipher=OTHER); Tue, 28 Jun 2011 12:50:22 -0700 (PDT) Sender: "J. Hellenthal" Received: from DataIX.net (localhost [127.0.0.1]) by DataIX.net (8.14.5/8.14.5) with ESMTP id p5SJoJd1002298 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 28 Jun 2011 15:50:19 -0400 (EDT) (envelope-from jhell@DataIX.net) Received: (from jhell@localhost) by DataIX.net (8.14.5/8.14.5/Submit) id p5SJoIo2002297; Tue, 28 Jun 2011 15:50:18 -0400 (EDT) (envelope-from jhell@DataIX.net) Date: Tue, 28 Jun 2011 15:50:18 -0400 From: jhell To: Chris Rees Message-ID: <20110628195018.GB65999@DataIX.net> References: <20110628165911.GC44024@dan.emsphone.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: Cc: hackers@freebsd.org, Dan Nelson Subject: Re: Default value for UIDs X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jun 2011 20:21:09 -0000 On Tue, Jun 28, 2011 at 06:30:23PM +0100, Chris Rees wrote: > On 28 June 2011 17:59, Dan Nelson wrote: > > In the last episode (Jun 28), Chris Rees said: > >> Hi all, > >> > >> [crees@zeus]~% tail -n 2 /usr/ports/UIDs > >> dbxml:*:949:949::0:0:dbXML user:/nonexistent:/sbin/nologin > >> nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/usr/sbin/nologin > >> [crees@zeus]~% grep crees /etc/passwd > >> crees:*:1001:1001:Chris Rees:/home/crees:/bin/tcsh > >> chris:*:1001:1001:Chris Rees:/home/crees:/bin/tcsh > >> [crees@zeus]~% > >> > >> I'm a little concerned at how close the ports UIDs are getting to the > >> username space... > > > > There are only 216 entries in UIDs, though, so if people are just using > > "last entry + 1" when adding new ones, they should probably start filling > > the gaps instead.  The 100s and 200s are pretty dense, but 350-399 only has > > 5 entries, 400-499 has 4, 600-699 has 7, 700-799 has 3, etc. > > > > Thank you for pointing that out (d'oh). > > However, perhaps we could still address the *potential* problems. To > use one example, Debian has (as long as I can remember) used 10001 for > the first username. When we have 65535 - 99 UIDs to play with, > expansion like this isn't a problem. > > Could it be worth it? Think of ten years down the line. > Best part would be to find every port that doesnt need a statically allocated UID/GID and just dynamically allocate them after a certain range '30000-50000' or whatever for ~20,000 ports and divide that namespace up by category. dbxml really does it really need to be static ? it just needs to run. Also: (stable/8) /usr/ports/UIDs dbxml:*:945:945::0:0:& user:/nonexistent:/sbin/nologin dbxml:*:949:949::0:0:dbXML user:/nonexistent:/sbin/nologin Which one of these are we planning on actually using here ? git, hg, undernet, vboxusers... for example.