On Friday 23 October 2009 17:51:19 Helmut Jarausch wrote:
> Hi,
>
> after hunting around for some weeks now, I've finally found the culprit
> to my permission problems with fcron[tab]
>
> First,
> some Gentoo package must have changed the UID of several executables
> and directories of the sys-process/fcron package to 'stunnel'
> instead of 'fcron'.
> I've found and fixed these long ago but still it didn't work.
> Now, I've found out, that in
> /etc/passwd
> the user 'fcron' had a GID which wasn't in /etc/group any longer.
> Probably, when sys-process/fcron is reinstalled, portage does not
> seem to change the entry in /etc/passwd (which it has created
> itself some time ago)
Without looking through the ebuilds, I'd guess the ebuild runs
useradd -r <daemon_name>
which will always lead to your problem sooner or later.
IMNSHO, /etc/{passwd,shadow,group} really should be part of the base install
with all daemon users pre-defined. Use the range 1-99 for this, it will take a
very long time to accumulate more than 99 daemon UIDs and one can confidently
know what UID a given system user required by an ebuild ought to be.
The implementation is obviously more complex than dropping a file on the file
system, so a simple API is required. Nonetheless, the idea is still sound.
The alternate is to expect users to know to run
find / -nouser -o -nogroup
at the magic points where it will be useful. Which is ludicrous.
--
alan dot mckinnon at gmail dot com
