From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 17AA7138334 for ; Thu, 20 Jun 2019 13:54:13 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id B8CEAE0AA7; Thu, 20 Jun 2019 13:54:09 +0000 (UTC) Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 43C6FE098F for ; Thu, 20 Jun 2019 13:54:09 +0000 (UTC) Received: from [127.0.0.1] (unknown [50.120.197.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: grknight) by smtp.gentoo.org (Postfix) with ESMTPSA id D4764346558 for ; Thu, 20 Jun 2019 13:54:06 +0000 (UTC) Subject: Re: [gentoo-dev] [PATCH v3] glep-0081: User and group management via dedicated packages To: gentoo-dev@lists.gentoo.org References: <20190609113955.19208-1-mgorny@gentoo.org> From: Brian Evans Openpgp: preference=signencrypt Autocrypt: addr=grknight@gentoo.org; prefer-encrypt=mutual; keydata= mQENBFMOffsBCAC1yeQP2IkMoAlVzs2DXurf+eFYxYtFnh3/jIzLa/tM1hiTUHG47lOuZUf5 R13iTVJ8jWXjsQvSQuf/3wLBjZjBBE8iVp+WIYLGaAtRVx8bI2ssPKGNMggv+jR4TrzdZ5+l GJJT9CmCAwU4UD0BipbJDQjes9I0s1BIndAAMGSBx+rHnlINWaT93276rfEP7Z53r8gzoG22 HHmwIUi522rsCpqwlhy6AAiN2HOE06eQLtgZKgwwo4C1xL4FuuSyPMGGU/nKmUJbMgrb2xV7 OKXL8JjF3mGQ0cf648k3CnVojOPqJ5xQoHLQorzIweFylB5NhzRaj1paljQxqkIUEalrABEB AAG0IUJyaWFuIEV2YW5zIDxncmtuaWdodEBnZW50b28ub3JnPokBVwQTAQgAQQIbAwIeAQIX gAIZAQUJCwqcLxYhBE/DMQh1XidTY/2y/04V4vFnx44dBQJYQYD3BQsJCAcDBRUKCQgLBRYD AgEAAAoJEE4V4vFnx44dRkoIAKrSLvZpQ+DosolEO9uYadJCIuSKczDHuHS223Pyb50BN5vT vnG88rFyPLMQAbwPT1jhMoYnSRY7zFFTswGkBeBrK5n3Bq5KXKgQDRWJAYg9uV3gfSDINd1i MqRy4VCQ/PKH4jz07wFJ5ZM08tlw6ff0CPS8psT2Q2ty/3etSvx1+w+S+R7Y3WXBq6jmtlvh rSC9wUUBa6hjrdVoCjrfCZn7MUJwUm+ImgMCXc9E0M8/J2hKFLYv3G/tl188nmQmkwIq+Ndj XeJgatjAZIAGXxxO9O1Yi8Iy8CH+/+RTMsBTWZe/h6iZMNjKzUDkkHXrjRLt0y34XxZr7mRX 3RLLq3a5AQ0EUw59+wEIANSN1xXeQGYpGpHzeoqfCGQD73DdxMiHYHgVBEMH5+H/fN2mQcTg 6HCZBQaqgXOo+6KeN3ugYZLJbaLvQyIDKVcaoBJcUe1+7REhZUZqXn/ag9K2UeSc4zzuIWFu IhrlBQj8ZSMfe00f6e7wYZVgmy8ftcNmxxQTXM4nc5afxPuxUsZyTKCfK5rxeSPm2NvKo4Zu Mad/MX10cVgwnA/dny2504vkQA6LITtUFQ+FSW1BN//ZHy5TnMG13yEot6ak5RMB+VJjvd1K L/igBZAFjiM9Rv2ZFHvE4d/CZtFNQZoYg6UZ5BTVPfwU7AKsC59fH0AyYTRuFNLPtIS8p/1j zDcAEQEAAYkBHwQYAQIACQUCUw59+wIbDAAKCRBOFeLxZ8eOHdXaCACWkn09qVw1u99THMdK 2H5R3vWvbqVDbUCulCOqwrJfPsuzjG+hZyaLRjQxj1aHNfLkd+7s+maf131e1eTjUZ1asv4P nfXWRyoVHPv2K2NS18Tq0sdt8mUWBFpkIeQZAULfraMMYMUh1ZPsHPRFGpg2x4zZpTEXPN4t mPhiwK/6pbcHJpGOtzIDMA4olEf7skJ+Qld9mIhLfbbLaJUxOX6hsBU9y+4gZ1gsfR0RRVN5 MQjkWajnOHLuFq8IihW9t5hU8rjRT9ErlIkjB7Us1n9tqSF6F2i8fiKwOTqBOsdXHAuv+t8E 4bBzP3AwRnD6RZWTqBaZO51oWOeN4FYAjckDuQINBFSzFbQBEADlMT3apoH1VzDn0UIHKMLu o0fKeSvrfQWrVWhu8vyF86TbuhhDAoDuu/cttcMtCdtV5NyeRlcsl37nEQ00uA9v3QSea0kJ TIcZem/VRvlxCeURruc/Gx6aJyMXFctmPoO4KssBYWFLsBPuP/DKn40oAHnjIxJhY8SgQ0LB 4NJvS05REty8QyMV8juGjad5db+36p8Y4GlIg2xnLj3znlJHitMzirmAYQZ6HdvGT2nu4qYF f83hKs5SiFn12To5jJYT732l4b2M2P/SkPrQ7UDxyStOuaoaxGLHArMOZXPyiddlb1WoH4xQ CokVnZ+FyFcYzVRBBry/IppCVGvDCi9It+cKZjkhiGA9ONrqoD0Yke+yoI+toQXHy3zcZa6B WB70H7QltbPljrMEViyi9nUt4WqjAMEoZ8j0ZdAcI6VySLvYUANw4kwknO25EIYDTjZw4i4g cKFx+jL3yTzo7gVjRuJtvIcnb8E14t/fmOANeiA6DFWqIdNoSn2SSFx51WBFXqSYRwhrAWjj yAgfFeDacMyaVV4YfOnIuAzZNZ0+uKwKdw5ZIJHPmSLrtiPA8TrJmtd18Nof93PrTIBJw5gW aCaKW3GMLcv0dEZ2ZaMj7LELVu0MKoF2c6j0rRL56yHnmt5lAPK3hjv0cfQyyI8qDc9Jbevo Kh86+CcEWckuyQARAQABiQNEBBgBAgAPBQJUsxW0AhsCBQkB4TOAAikJEE4V4vFnx44dwV0g BBkBAgAGBQJUsxW0AAoJENH3ge/59KO2RMwP/3q6hbzRLT+3gBwO6dcOzJdiltirtJrdSZKY 5x5ZFZsmcT7AZanQOJWREWIEmOCrHfFvulFdN1c7AAhpj0LkBVos01Wfru5+atF4+Uav7rou xBBlgZL9x52goTwuw3Gr3f4POBfAGxLSQYPk+A7p+g1o5PRiayYVNDjFhOzXh62Gd1pv9cQg ABtXcldcyxqF6L0PrYqC4OweUZp6APSxuaDRtSPvw2FEioXpWEHYYEDaK7JiFSiEEWGxWzPf A0RDpJLduDZHIwTYcdIy6GA5nwxNEgd3xlbuLiKjtf+fhWFBV31IlUIhNlouP20m27ept08T RL9PQ/NzXEmU879u/44b3SgL8WayDzx7qOsYLAwHyIM7+LzCUOdk+q/XmrBfX5QrM81+h3vE C8RZaiIaMC1x42sSdyifbLn82DN00ncC6edY1aWaiqD+d5eJJoyW7rJMcvoSdZZfKoEvvwO9 9rpFyv2ZVTVrKKukNJmwzMyGni42dMTTfyMt1zUOBlsN1PZIXxkO37r4jff+s8teX+vwbYGE YSlcY555PwP2P5Abe1UBklvh6DhDUIy4AAnOr5gEGSpFtu11B5V5ogmPCYBMPIFrtzDJP909 FyAY40TYyR7I8p5EYP2FBXoXqkBPu1x/CLVeVQH0w48VLU0H0jJwopfyLiv7GGfNFrXWMNrz ttUH/0tNnIurcqRam6bc03g6ql2nmDneEJmD/TYYD1iUeiyqA6Wy+atz3vcpZUHiZd/HMy24 6VzFCsnhd+iB04sEYLKec6pt0mk9WukEUFvDSOOHbPOQ1d1z/ES5B5c/YczhDUGSrRIMFook iS9/B0ZVUFNZP0/m1ZqprUfgE3KasJlwvCRut7NOZ/lwKWrt2ay8npmdGmf+x4xZyD81HB5I +RDzgJPPpyfapwwXq8ZqZ2IICVGGH4okeVZP8nx5gyPLIbkeChHCVvHpFM51tGkgeAnGrZoD V56ABowQgy2nHFMsSQ9j4r40NiLgkhC6s8/Z2LXTXwd8JO8iReoOmefn9d6JA0QEGAEIAA8C GwIFAlZxdGoFCQOfkjYCKcFdIAQZAQIABgUCVLMVtAAKCRDR94Hv+fSjtkTMD/96uoW80S0/ t4AcDunXDsyXYpbYq7Sa3UmSmOceWRWbJnE+wGWp0DiVkRFiBJjgqx3xb7pRXTdXOwAIaY9C 5AVaLNNVn67ufmrRePlGr+66LsQQZYGS/cedoKE8LsNxq93+DzgXwBsS0kGD5PgO6foNaOT0 YmsmFTQ4xYTs14ethndab/XEIAAbV3JXXMsahei9D62KguDsHlGaegD0sbmg0bUj78NhRIqF 6VhB2GBA2iuyYhUohBFhsVsz3wNEQ6SS3bg2RyME2HHSMuhgOZ8MTRIHd8ZW7i4io7X/n4Vh QVd9SJVCITZaLj9tJtu3qbdPE0S/T0Pzc1xJlPO/bv+OG90oC/Fmsg88e6jrGCwMB8iDO/i8 wlDnZPqv15qwX1+UKzPNfod7xAvEWWoiGjAtceNrEncon2y5/NgzdNJ3AunnWNWlmoqg/neX iSaMlu6yTHL6EnWWXyqBL78Dvfa6Rcr9mVU1ayirpDSZsMzMhp4uNnTE038jLdc1DgZbDdT2 SF8ZDt+6+I33/rPLXl/r8G2BhGEpXGOeeT8D9j+QG3tVAZJb4eg4Q1CMuAAJzq+YBBkqRbbt dQeVeaIJjwmATDyBa7cwyT/dPRcgGONE2MkeyPKeRGD9hQV6F6pAT7tcfwi1XlUB9MOPFS1N B9IycKKX8i4r+xhnzRa11jDa8wkQThXi8WfHjh0ykggArePXzpTGAYDMfkH+xRxPP83CmaLt GSvV8mFO8DALE6fbls5VUvlDz1UGQypS7rsP4BY73yttwa/RxxlDqJqFSA7MmjRNntTuJtd4 MkUmuhpCkWLAy0zz8NODo0pjOkmsW8uDQPDObvmkC8TcmMIHfAAhuf3dhvsk3gjsRvWi7MaN AIuyUCTZoAmXanNckfuVah2+ZztIgE/jV31Bk4A4ZGiY5jOFaRv9o2DsP5BwgkvjTx/0NQiZ z6aY/pUE97rxZkY0/pCyHQaGHizD5Pwc5oVAPXz0PZjqVDOim7RK76oB0Yc42v5jAGSUAFxF +r6VnuzBSZonUYuqhYd/LllS6IkDWwQYAQgAJgIbAhYhBE/DMQh1XidTY/2y/04V4vFnx44d BQJYQXv3BQkFb5nDAinBXSAEGQECAAYFAlSzFbQACgkQ0feB7/n0o7ZEzA//erqFvNEtP7eA HA7p1w7Ml2KW2Ku0mt1JkpjnHlkVmyZxPsBlqdA4lZERYgSY4Ksd8W+6UV03VzsACGmPQuQF WizTVZ+u7n5q0Xj5Rq/uui7EEGWBkv3HnaChPC7Dcavd/g84F8AbEtJBg+T4Dun6DWjk9GJr JhU0OMWE7NeHrYZ3Wm/1xCAAG1dyV1zLGoXovQ+tioLg7B5RmnoA9LG5oNG1I+/DYUSKhelY QdhgQNorsmIVKIQRYbFbM98DREOkkt24NkcjBNhx0jLoYDmfDE0SB3fGVu4uIqO1/5+FYUFX fUiVQiE2Wi4/bSbbt6m3TxNEv09D83NcSZTzv27/jhvdKAvxZrIPPHuo6xgsDAfIgzv4vMJQ 52T6r9easF9flCszzX6He8QLxFlqIhowLXHjaxJ3KJ9sufzYM3TSdwLp51jVpZqKoP53l4km jJbuskxy+hJ1ll8qgS+/A732ukXK/ZlVNWsoq6Q0mbDMzIaeLjZ0xNN/Iy3XNQ4GWw3U9khf GQ7fuviN9/6zy15f6/BtgYRhKVxjnnk/A/Y/kBt7VQGSW+HoOENQjLgACc6vmAQZKkW27XUH lXmiCY8JgEw8gWu3MMk/3T0XIBjjRNjJHsjynkRg/YUFeheqQE+7XH8ItV5VAfTDjxUtTQfS MnCil/IuK/sYZ80WtdYw2vMJEE4V4vFnx44d78MH/2kjo3d0EZSznoghIEjncruGb04uoKQ1 BGMv82HMit3TUw0Bp58fSHSOKqHCVE8CQXzaMn4VudQIVzF5yM8sLHGnQbpz17zj4MFo/Bf9 A+IcvC7vE1Vd1vRms+URzj5A+YL3O36ZOwGId1SxS8jX7LUAAcBzsfIr6VCBI3yh3Sb2I/0r wjEPUjSD/g1cT7pRxb7tjpRV6uhvpbGAR0ufqUmubnxXx0nftZBO4wu7hOP6sLAJx+3iaWbA F9O0dA7HaqEVu90QhaymjNDFvCVIE08uru5iofPCh5UzYgqSEpUqKZYz4WNAHE5fBI8Kj92v bUCI/aYL35fMQ4+TXcbBQy2JA1sEGAEIACYCGwIWIQRPwzEIdV4nU2P9sv9OFeLxZ8eOHQUC WiQv8gUJB1JNvgIpwV0gBBkBAgAGBQJUsxW0AAoJENH3ge/59KO2RMwP/3q6hbzRLT+3gBwO 6dcOzJdiltirtJrdSZKY5x5ZFZsmcT7AZanQOJWREWIEmOCrHfFvulFdN1c7AAhpj0LkBVos 01Wfru5+atF4+Uav7rouxBBlgZL9x52goTwuw3Gr3f4POBfAGxLSQYPk+A7p+g1o5PRiayYV NDjFhOzXh62Gd1pv9cQgABtXcldcyxqF6L0PrYqC4OweUZp6APSxuaDRtSPvw2FEioXpWEHY YEDaK7JiFSiEEWGxWzPfA0RDpJLduDZHIwTYcdIy6GA5nwxNEgd3xlbuLiKjtf+fhWFBV31I lUIhNlouP20m27ept08TRL9PQ/NzXEmU879u/44b3SgL8WayDzx7qOsYLAwHyIM7+LzCUOdk +q/XmrBfX5QrM81+h3vEC8RZaiIaMC1x42sSdyifbLn82DN00ncC6edY1aWaiqD+d5eJJoyW 7rJMcvoSdZZfKoEvvwO99rpFyv2ZVTVrKKukNJmwzMyGni42dMTTfyMt1zUOBlsN1PZIXxkO 37r4jff+s8teX+vwbYGEYSlcY555PwP2P5Abe1UBklvh6DhDUIy4AAnOr5gEGSpFtu11B5V5 ogmPCYBMPIFrtzDJP909FyAY40TYyR7I8p5EYP2FBXoXqkBPu1x/CLVeVQH0w48VLU0H0jJw opfyLiv7GGfNFrXWMNrzCRBOFeLxZ8eOHRBrB/4jgqbB8nXmEkwJhjEMmZtCODnuq66lqzxB 4CQTA1HIn2nlacgTPCzi5vbAzf9OqO4ecbRUCmRYMJlnupG/4m5rK9cJYGr9fbyhxYgpQU6r EYKLoJ1V42YEFwVqsBfCywbfRMwj6Tx0M016cwIr4Xpab4Uz+OCk52ovY+ZHiinkKKQINIqU Ig1PqD8WmxJbNqvGoE6VDDAsd5R99wtUCsfwWkJ5pZGBMxBwSIMY5mR+yDx9ZmZSFMNDqQei qyate0Xdz1OroDm2SYMM1Cy56nuleIQ3n3i3HBSm2B4jS0+plRRKfQDbm77QlqEfKx+yxXaI rfKwIpa6Y053VO8Z0i7OiQNbBBgBCAAmAhsCFiEET8MxCHVeJ1Nj/bL/ThXi8WfHjh0FAlun 1z8FCQloS4sCKcFdIAQZAQIABgUCVLMVtAAKCRDR94Hv+fSjtkTMD/96uoW80S0/t4AcDunX DsyXYpbYq7Sa3UmSmOceWRWbJnE+wGWp0DiVkRFiBJjgqx3xb7pRXTdXOwAIaY9C5AVaLNNV n67ufmrRePlGr+66LsQQZYGS/cedoKE8LsNxq93+DzgXwBsS0kGD5PgO6foNaOT0YmsmFTQ4 xYTs14ethndab/XEIAAbV3JXXMsahei9D62KguDsHlGaegD0sbmg0bUj78NhRIqF6VhB2GBA 2iuyYhUohBFhsVsz3wNEQ6SS3bg2RyME2HHSMuhgOZ8MTRIHd8ZW7i4io7X/n4VhQVd9SJVC ITZaLj9tJtu3qbdPE0S/T0Pzc1xJlPO/bv+OG90oC/Fmsg88e6jrGCwMB8iDO/i8wlDnZPqv 15qwX1+UKzPNfod7xAvEWWoiGjAtceNrEncon2y5/NgzdNJ3AunnWNWlmoqg/neXiSaMlu6y THL6EnWWXyqBL78Dvfa6Rcr9mVU1ayirpDSZsMzMhp4uNnTE038jLdc1DgZbDdT2SF8ZDt+6 +I33/rPLXl/r8G2BhGEpXGOeeT8D9j+QG3tVAZJb4eg4Q1CMuAAJzq+YBBkqRbbtdQeVeaIJ jwmATDyBa7cwyT/dPRcgGONE2MkeyPKeRGD9hQV6F6pAT7tcfwi1XlUB9MOPFS1NB9IycKKX 8i4r+xhnzRa11jDa8wkQThXi8WfHjh0+RAgAqLzRbSAGJLO1vukhz1ZOIG+rUIi8JFAJ0uN6 0r8P6fT2NXR1QI3kJCLshGQKLNJYmYd+/5FbsxDu0/cgk27JhVWwXLxquBG9MI97eDlA9y9x Az7neLuOSLqt3xOy7FDELofvS988HCHzSTHGg8Il8az+VILrV47YXP92pkYPiVVbrXqofwaW Q2J+7pADpaOVl7twdQJZ1LDHHiqXiygeDAi4iXbW/8wVVtL3A1h390stp64bSzPgBanLcf9J P5BMpJMaEabdAvyLMNlWhQlscErZh8QOOf91rn29djvBAgSDaTPu6OjX/ByQsSgAFAGYXcDv a8/gYDSbO+/P6G4g+Q== Message-ID: <8d6601e6-a295-778e-5dc8-5d9f01701c7d@gentoo.org> Date: Thu, 20 Jun 2019 09:53:46 -0400 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.7.1 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 In-Reply-To: <20190609113955.19208-1-mgorny@gentoo.org> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="SKnoVos9uFwb7lIXfzm8FEAi3oVj8LaBO" X-Archives-Salt: 77b98ae4-dde3-4554-b85f-b6100e9c3b8b X-Archives-Hash: b8ff38fd5d1186165845aff60c14f2fb This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --SKnoVos9uFwb7lIXfzm8FEAi3oVj8LaBO Content-Type: multipart/mixed; boundary="lr8HNfApnJZXPCFy26Cvvezr8I7dvChCy"; protected-headers="v1" From: Brian Evans To: gentoo-dev@lists.gentoo.org Message-ID: <8d6601e6-a295-778e-5dc8-5d9f01701c7d@gentoo.org> Subject: Re: [gentoo-dev] [PATCH v3] glep-0081: User and group management via dedicated packages References: <20190609113955.19208-1-mgorny@gentoo.org> In-Reply-To: <20190609113955.19208-1-mgorny@gentoo.org> --lr8HNfApnJZXPCFy26Cvvezr8I7dvChCy Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 6/9/2019 7:39 AM, Micha=C5=82 G=C3=B3rny wrote: > +Specification > +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > + > +Policy > +------ > + > +Following the acceptance of this GLEP, all new users and groups must > +be created via user/group packages as defined in this GLEP. The old > +method may still be used for existing users/groups, in existing > +packages. > + > +All new users and groups must have unique UIDs/GIDs assigned > +by developers. The developer adding them is responsible for checking > +for collisions. What significance will such numbers have when a daemon uses a new UID/GID and really doesn't care what it is? Why do we have to go through the effort of assigning fixed IDs at random? > + > +Before adding a new user and/or group, the developer must send a RFC > +to the ``gentoo-dev`` mailing list. This paragraph should go away. It is a complete waste of time. > + > + > +Logical structure > +----------------- > + > +In this proposal, system users and groups are represented by regular > +packages. Those packages logically represent the ownership of > +the respective users and group, and technically implement their > +creation. > + > +User packages are placed in ``acct-user`` category. Each user package= > +defines the properties of the particular user, and must be named after= > +the user it creates. It must depend at build and run time on the grou= ps > +the user belongs to. > + > +Group packages are placed in ``acct-group`` category. Each group > +package defines the properties of the particular group, and must be > +named after the group it creates. > + > +All user and group packages must define preferred fixed UIDs/GIDs, > +and they must be unique within the repository. The packages should > +indicate whether the value needs to be strictly enforced, or whether > +another UID/GID is acceptable when the user exists already or requeste= d > +UID/GID is taken. > + > +Packages needing a specific user or group use dependencies to pull > +the required user/group packages. If the user is needed at build time= , > +a build time dependency (``DEPEND``) must be used. If the user is > +needed at install and/or run time, a run time dependency (``RDEPEND``)= > +must be used. Sounds like extra upgrade dependency time in an already crowded resolution tree. > + > +Rationale > +=3D=3D=3D=3D=3D=3D=3D=3D=3D > + > +Requiring mailing list RFC > +-------------------------- > + > +The policy explicitly requires RFC-es for new users and groups, as the= y > +have global scopes and effects of mistakes while adding them are hard > +to fix. Wider review should decrease the risk of major design mistake= s. > + > +To provide one example, right now we have two different packages > +creating ``git`` user and requiring a different home directory for > +the user. As a result, the first package being installed defines > +the actual home directory, and both technically can not be installed > +at the same time. This section should go away. It is a complete waste of time. > + > + > +Satisfied goals > +--------------- > + > +Tracking of user/group usage is done through dependencies. As long > +as any installed package depends on a specific user/group package, > +the respective user/group is assumed to be used. If no package > +requiring the specific user/group is left, the package manager > +automatically prunes the package clearly indicating it is no longer > +used. You cannot know when a name is "no longer used". An administrator could have adopted a username for other purposes. > + > +Each user and group has a single respective package creating it. > +If multiple packages need it, they depend on the same package. This > +ensures that all properties are kept in a single location, and do not > +need to be synced. > + > +Having a single location with all predefined user/group ranges makes i= t > +possible to maintain fixed UID/GID definitions. This GLEP makes > +allocating them obligatory. While this isn't enforced for existing > +users, it provides a way forward for new installations. > + > +Local overrides can be trivially implemented via local repository, > +through overriding the respective user/group ebuilds. The proposal al= so > +respects direct sysadmin modifications. > + > +Avoiding unnecessary user/group creation at build time is implemented > +via correct dependency types. While this was possible with the status= > +quo, the dependency model should be more natural to developers and cau= se > +less mistakes. > + > + --lr8HNfApnJZXPCFy26Cvvezr8I7dvChCy-- --SKnoVos9uFwb7lIXfzm8FEAi3oVj8LaBO Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) iQIcBAEBAgAGBQJdC4/7AAoJENH3ge/59KO2muAP/Axnv2FkNduKp+QxFUswkeMj vFGxxx5m5uguRx+V801F4SNxemoivTS7NRN0FIfl660AXNiGacE6F3bbDfrUxU3k REic5Tx//jgiw8+FpQUYn/9QdqoGx/Yb210U60uhSUvWDWj9DSq8xAQ1f7m1LVpY Urm836tJn4X9OIfITGMuZUzXuU4or/VVVXvErgkXKwvm7mx1kR0/n+XwMGbHqYfr MqWgaFv8AygOtg7wvUqCAVNCmJP+HU1pLovDdhJzG79iS4rBddUBxNky8EFaxxrJ GDGM9lKBplEvyjGxDfQfRuZozA6KPRtY5RGPGzB5LOybh7wdDkv9tDS6Lkm2ztDA HgzXje72iEUds0TARdqIK+fVRnumlR4iOt7+/ueeZS8Qvub9fJLaLrATPANTlsNN 9FA4N+n6gn/mFYLqkUF27Obb4xqXcftb2g8QSMLDmHl8jeMAK6yhKRhW6LKXmU0o q3qIhHGDinwXORNS4hNEANODJFuCNii+Uzolq2FzdjEEH4SJB0nPaydoKDn52r39 VEw426z8p3/j22uupQC5XZFJwzzwKHQZuIMU1xfyccngklKkmuKpCZsyfaN/1sEO JIy5fkQRse2XnoH/iOw0YNjPAuIv8S2HZKMJChISwdhNXnEFu/sRISft04m7p+Mo z7OxzqJqNXW2fCoEu28O =k6PP -----END PGP SIGNATURE----- --SKnoVos9uFwb7lIXfzm8FEAi3oVj8LaBO--