UID/GID dynamic allocation in net/isc-dhcp3-server: why?
Sergey Skvortsov
skv at FreeBSD.org
Mon Nov 13 07:14:21 PST 2006
On 11.11.2006 23:37, Simon L. Nielsen wrote:
>
>> I don't like the current behaviour of the net/isc-dhcp3-server port
>> of creating 'dhcpd' user and group using dynamic allocation instead of
>> having static one (as specified in /usr/ports/{U,G}IDs). I like the idea
>> of [ug]id ranges, and dynamic allocation doesn't keep within this idea
>> (ids of users and daemons get mixed). Is there specific reason why there
>> is no static [ug]id for net/isc-dhcp3-server?
>
> Personally I have it precisely the other way around - I find the
> static allocations rather annoying since they are bound to collide
> with existing UID's at some point.
I disagree because static allocation is _very_ useful when you install
many similar applications into several jails on the same host machine.
Otherwise, if you'll use dynamic *ID allocation even simple "top" on
host machine may show very strange and inadequate results if identical
services are running with different UIDs.
Static allocation is simple and robust way to force synchronized *ID
allocation on jails, all other ways seem to be too complicated.
Users should manage their *IDs via "pw" to avoid conflicts.
Moreover I think we need to extend "pw" functionality: check
${PORTSDIR}/[UG]IDs file while creating new account for possible
conflicts - at least show relevant warning message if (user|group)name
mismatch canonical (U|D)ID.
--
Sergey Skvortsov
mailto: skv at FreeBSD.org
More information about the freebsd-ports
mailing list