On Sun, Aug 29, 2021 at 11:30:41PM +0100, Colin Watson wrote: > case) it seems mostly like the sort of user that could be anonymous > outside of the lifetime of an apt process, analogous to systemd's > DynamicUser.
The _apt user started as 'nobody', but quickly people complained that they didn't want to punch holes in their firewalls for nobody. As Julian notes most cases in which _apt creates/owns files are things to fix eventually, some of which were indeed already, but that is gonna be hard work and probably not achievable in the short term. Especially if other lower hanging fruits are still in reach. We are labouring on _apt for more than seven years now after all. So, while for some/most usecases something akin to DynamicUser would be enough, for others a more stable user would be preferred and then there are also cases were it would be beneficial if the user had the same UID across all systems. > But I guess there's no way to do something like that > outside of systemd, much less on systems that don't run systemd at all. The problem with systemd in this context is that apt kinda needs to be its own systemd --user instance as apt is not a system service, but a service manager of its own. I doubt the systemd ecosystem offers that functionality, especially considering that these parts would need to be platform agnostic and reasonably light given they would be involved in (cross)bootstrap and all the other situations apt operates in. I would be happy to be wrong through as it isn't exactly my dream to make apt a decent service manager even through apt starts a lot of processes, so a lot of management could and should be done hereā¦ Best regards David Kalnischkies
signature.asc
Description: PGP signature
