Re: [gentoo-dev] Requirements for UID/GID management

[Rich Freeman <rich0@gentoo.org>]

On Sat, Jan 28, 2017 at 2:32 PM, James Le Cuirot <chewi@gentoo.org> wrote:
> On Sat, 28 Jan 2017 12:13:53 -0600
> "A. Wilcox" <awilfox@adelielinux.org> wrote:
>
>> Having a file that user.eclass would use to map new users/groups to
>> IDs would be extremely beneficial to me.  I was thinking about diving
>> in to that some time later, after the GLEP 70 work I'm doing, but if
>> someone else wants to take it - please!  That would greatly ease the
>> pain of not only NFS, but swapping data disks around between different /
>> .
>>
>> Consider, for example, one of my use cases for this:  I have a
>> LibreSSL / that I use solely for testing ebuilds against it, and my
>> regular / with OpenSSL.  I share /home and /srv between these two, but
>> the apache, nginx, and charybdis users have different UIDs between
>> them.  Therefore I have to chown -R each time I test LibreSSL.
>>
>> I could use a different /home and /srv, or make two copies, but it's
>> much easier for me to test these apps having my entire normal
>> environment available to me.
>
> As mentioned in my other post, why are you not using idmapd? It's
> trivial to set up on top of NFSv4.

As far as I can tell there is no Gentoo-specific documentation for
doing this, and from what I have read setting up NFSv4 is a PITA
(perhaps that has changed in recent years).  There are also use cases
that don't involve NFS, such as containers.  From the docs I have
found on idmapd there wasn't actually a lot of detail, it wasn't clear
if it "just works" without any specific configuration, perhaps it
does.

In any case, would it be that hard to set reasonable defaults?

-- 
Rich