From owner-freebsd-arch  Thu Oct 18 10:50:26 2001
Delivered-To: freebsd-arch@freebsd.org
Received: from femail32.sdc1.sfba.home.com (femail32.sdc1.sfba.home.com [24.254.60.22])
	by hub.freebsd.org (Postfix) with ESMTP
	id 2698437B407; Thu, 18 Oct 2001 10:50:21 -0700 (PDT)
Received: from laptop.baldwin.cx ([24.2.39.156])
          by femail32.sdc1.sfba.home.com
          (InterMail vM.4.01.03.20 201-229-121-120-20010223) with ESMTP
          id <20011018175020.BVNK26359.femail32.sdc1.sfba.home.com@laptop.baldwin.cx>;
          Thu, 18 Oct 2001 10:50:20 -0700
Message-ID: <XFMail.011018105020.jhb@FreeBSD.org>
X-Mailer: XFMail 1.4.0 on FreeBSD
X-Priority: 3 (Normal)
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0
In-Reply-To: <20011018211949.B68031@nagual.pp.ru>
Date: Thu, 18 Oct 2001 10:50:20 -0700 (PDT)
From: John Baldwin <jhb@FreeBSD.org>
To: "Andrey A. Chernov" <ache@nagual.pp.ru>
Subject: Re: cvs commit: src/etc group master.passwd
Cc: Christopher Masto <chris@netmonger.net>,
	Mike Barcroft <mike@FreeBSD.org>, arch@FreeBSD.org
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-arch.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-arch>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-arch>
X-Loop: FreeBSD.ORG

[ moved to -arch ]

On 18-Oct-01 Andrey A. Chernov wrote:
> On Thu, Oct 18, 2001 at 09:41:36 -0700, John Baldwin wrote:
>> 
>> I request that the www user and group be backed out.  If we had a web server
>> in
>> the base system, this might be different (like the bind user and the
>> presently
>> non-existent but potential sendmail/smtp/mail user), but since web servers
>> are
>> currently all in ports, the ports install is where the user add belongs.
> 
> Look, we already have "pop" user in the system under the same conditions 
> and you don't complain for years.

Yeah, it snuck in before I was around. :)  It's commit log also doesn't
indicate that it was ever discussed anywhere.

> The second thing is that it will be easy to transfer web server from 
> machine to machine or run in NFS'ed environment for single uid case. 
> Picking random UID produce nightmare for all of that.

Some people already _use_ UID 80 for other things.  Do we just screw those
people over?  Besides, it's not like any competent sysadmin is incapable of
editing the password file on the new machine to add a new user.  Also, as many
people have been pointing out, the user the server runs under shouldn't own any
files, but many people already have existing www:www uid/gid's that own the
content.

> The third thing that we almost have Apache in the system, at least at 
> sysinstall level which especially tuned for it.

We do?  Geez, of my 9 FreeBSD boxes at home, only 1 has apache on it.  That's a
whopping 11%, hardly 'almost all' (which is what I assume you meant to say).
Granted, my machines aren't representative of all FreeBSD machines, but you
can't assume that all FreeBSD machines are webservers.

> -- 
> Andrey A. Chernov
> http://ache.pp.ru/

-- 

John Baldwin <jhb@FreeBSD.org> -- http://www.FreeBSD.org/~jhb/
PGP Key: http://www.baldwin.cx/~john/pgpkey.asc
"Power Users Use the Power to Serve!"  -  http://www.FreeBSD.org/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message