Date: Mon, 13 Nov 2006 19:52:22 +0200 (EET) From: Dmitry Pryanishnikov <dmitry@atlantis.dp.ua> To: Sergey Skvortsov <skv@FreeBSD.org> Cc: freebsd-ports@FreeBSD.org, "Simon L. Nielsen" <simon@FreeBSD.org> Subject: Re: UID/GID dynamic allocation in net/isc-dhcp3-server: why? Message-ID: <20061113192742.N44966@atlantis.atlantis.dp.ua> In-Reply-To: <45588754.9030809@FreeBSD.org> References: <20061111210303.A92042@atlantis.atlantis.dp.ua> <20061111203731.GL1006@zaphod.nitro.dk> <45588754.9030809@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello! On Mon, 13 Nov 2006, Sergey Skvortsov wrote: >> Personally I have it precisely the other way around - I find the >> static allocations rather annoying since they are bound to collide >> with existing UID's at some point. > > I disagree because static allocation is _very_ useful when you install > many similar applications into several jails on the same host machine. > > Otherwise, if you'll use dynamic *ID allocation even simple "top" on > host machine may show very strange and inadequate results if identical > services are running with different UIDs. Yes, I've almost forgotten about jails. It's very important to keep the same [ug]ids for the same installed ports in different jails. This simplifies jail management a lot. E.g., one can uniformly allow/deny traffic for the same port-installed applications by just writing 'pass tcp .... uid clamav'. So yes, it seems that static [ug]id allocation is the right way to go. > Sergey Skvortsov > mailto: skv@FreeBSD.org Sincerely, Dmitry -- Atlantis ISP, System Administrator e-mail: dmitry@atlantis.dp.ua nic-hdl: LYNX-RIPE
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061113192742.N44966>