Date: Thu, 18 Oct 2001 22:07:18 +0200 (CEST) From: Cyrille Lefevre <clefevre@citeweb.net> To: Mario Sergio Fujikawa Ferreira <lioux@uol.com.br> Cc: Dag-Erling Smorgrav <des@ofug.org>, Sheldon Hearn <sheldonh@starjuice.net>, "Andrey A. Chernov" <ache@nagual.pp.ru>, ports@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: nobody war (was Re: HEADS UP: Apache port change from nobody:nogroup to www:www planned) Message-ID: <200110182007.f9IK7Jl05225@gits.dyndns.org> In-Reply-To: <20011018162214.A65563@exxodus.fedaykin.here>
next in thread | previous in thread | raw e-mail | index | archive | help
Mario Sergio Fujikawa Ferreira wrote:
> On Thu, Oct 18, 2001 at 07:54:30PM +0200, Dag-Erling Smorgrav wrote:
> > Cyrille Lefevre <clefevre@citeweb.net> writes:
> > > how about setiathome, dnetc and junkbuster which also run as nobody.
> > > setiathome and dnetc own files respectively in /var/db/setiathome and
> > > /usr/local/distributed.net.
> > >
> > > I'm not running it, but squid is probably running as nobody as well since
> > > /usr/local/squid/{logs,cache} are owned by nobody.
> >
> > I am not responsible for other people's broken software.
>
> I run squid as squid:squid and http as www:www with no
> problems. I don't understand what's the point of this discussion.
> Since we stablished that running as nobody is not a good thing,
> we should be discussing what to replace it with.
> I vote to creating uid:gid for all appropriate services:
I'm all w/ you. how about uid:gid numbering ?
> mail or smtp
which packages use these user names ?
> www
no comment.
> squid
does it require static uid:gid numbers or follow the postfix dynamic
rule ?
/usr/ports/mail/postfix/pkg-install seem to be a good starting
point to create uid:gid dynamically and is BATCH (aka PACKAGE_BUILDING)
compliant. /usr/ports/mail/qmail/pkg-install is a little bit
complicated but seems to be also BATCH compliant.
could we stated that all packages using user nobody should be
switched to package name uid:gid (such as setiathome -> seti,
dnetc -> dnetc, etc.) and use some sort of script ?
Cyrille.
--
Cyrille Lefevre mailto:clefevre@citeweb.net
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200110182007.f9IK7Jl05225>