From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 7F86E139085 for ; Sun, 29 Jan 2017 02:54:28 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 9B16423407F; Sun, 29 Jan 2017 02:54:19 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 526B323402D for ; Sun, 29 Jan 2017 02:54:19 +0000 (UTC) Received: from [192.168.1.100] (c-98-218-46-55.hsd1.md.comcast.net [98.218.46.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: mjo) by smtp.gentoo.org (Postfix) with ESMTPSA id 72446341667 for ; Sun, 29 Jan 2017 02:54:18 +0000 (UTC) Subject: Re: [gentoo-dev] Requirements for UID/GID management To: gentoo-dev@lists.gentoo.org References: <9558d41c-17c0-4bbd-e2f8-02575c6d0ecd@gentoo.org> <20170127183752.500f8910@patrickm> <4a8204d4-929e-6260-957a-dcf8f82f4b24@gentoo.org> From: Michael Orlitzky Message-ID: <6bac1312-60f9-3ce1-542b-0635b4a37c6b@gentoo.org> Date: Sat, 28 Jan 2017 21:54:16 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Archives-Salt: 8a876b1a-ede8-46eb-a6ae-87d7dc891057 X-Archives-Hash: d01b1437d54ac3f02642b179e4ce724b On 01/28/2017 09:22 PM, Rich Freeman wrote: > > Honestly, I really will say "so what" here. :) > I forgot to mention a few of the advantages of having really-fixed UIDs. First, it makes the code simpler. Yup, cool. It also lets us play a nice trick and use the UID as a subslot, so that if some sys-user/foo package ever changes its UID, everything depending on it can be rebuilt to use the new UID. Finally, it makes the installed image deterministic. Right now to prevent file collisions, we have to read stuff from /etc/passwd in order to generate a file that gets installed to /var/lib. The installed image of a package shouldn't change on-the-fly like that, and it wouldn't if the UID was truly fixed. We don't get any of those benefits if we're falling back to random UIDs.