On Friday 23 October 2009 17:51:19 Helmut Jarausch wrote: > Hi, > > after hunting around for some weeks now, I've finally found the culprit > to my permission problems with fcron[tab] > > First, > some Gentoo package must have changed the UID of several executables > and directories of the sys-process/fcron package to 'stunnel' > instead of 'fcron'. > I've found and fixed these long ago but still it didn't work. > Now, I've found out, that in > /etc/passwd > the user 'fcron' had a GID which wasn't in /etc/group any longer. > Probably, when sys-process/fcron is reinstalled, portage does not > seem to change the entry in /etc/passwd (which it has created > itself some time ago)
Without looking through the ebuilds, I'd guess the ebuild runs useradd -r <daemon_name> which will always lead to your problem sooner or later. IMNSHO, /etc/{passwd,shadow,group} really should be part of the base install with all daemon users pre-defined. Use the range 1-99 for this, it will take a very long time to accumulate more than 99 daemon UIDs and one can confidently know what UID a given system user required by an ebuild ought to be. The implementation is obviously more complex than dropping a file on the file system, so a simple API is required. Nonetheless, the idea is still sound. The alternate is to expect users to know to run find / -nouser -o -nogroup at the magic points where it will be useful. Which is ludicrous. -- alan dot mckinnon at gmail dot com