Hi! On Sat, 2019-02-09 at 13:10:27 +0100, Philipp Kern wrote: > at work we have a large fleet of Debian machines, but also more than 200k > user accounts with no reuse and somewhat painful rename experiences. > Obviously an increasing number of accounts leads to a much increased risk of > collisions with system users as created by Debian packages.
Yes. :( > Of course it is easy to precompile a basic list to ban users from taking > names like postfix, bind, or sshd. But it will never be exhaustive, packages > are still free to come up with random names and users are free to install > them and see things break. > > Some core packages recently adding system users resorted to names like > systemd-$daemon and _apt, which both address my concerns - as you can come > up with simple rules like "no user might include [-_] in their username". On > the other hand I know that Debian-* was painful and annoying for exim, but I > suspect mostly because of the length of the username and tools dealing > poorly with >8 character usernames. I think FreeBSD (among others?) picked > the underscore at the front of the username. Intuitively that feels like a > somewhat clean proposal that is also friendly to derivatives. This has been discussed in the past (several times I think), the last incarnation (AFAIR) started at: <https://lists.debian.org/debian-devel/2016/10/msg00546.html> IMO the only sensible option is to use the underscore prefix convention. Because it is: - vendor neutral, so less unnatural on say downstreams/forks - has precedent on other systems, so less surprising - short, so does cause less display/truncation issues - less ugly To that effect I sent a patch to adduser to allow these in #521883, but it seems that's stuck. :/ > How do others deal with this problem? Could someone think of a viable > approach on how to approach this from a policy side? Unfortunately, last time it looked like there was some push bach, due to there not being a clear winner in "current" practice at the time AFAIR. I think a way forward would be to get that adduser patch merged, then keep promoting the underscore usage, and possibly try to switch existing users to use that. Thanks, Guillem
