>>>>> On Wed, 05 Jun 2019, Michael Orlitzky wrote: > Should we require a mailing list review for new user/group packages? > It's difficult to modify a user once you've settled on a UID, home > directory, and shell; so it pays to get things right the first time.
> The need is more apparent with fixed UIDs: if a popular package "steals" > a UID that some other package needs, then that other package is going to > be difficult or impossible to install (especially if it ultimately > depends on the popular package). > A mailing list review could elicit a "hey, my package NEEDS that UID, > and yours doesn't care" before it's too late. Policy requires such a review since a long time, at least for hardcoded user and group IDs: https://devmanual.gentoo.org/ebuild-writing/users-and-groups/
signature.asc
Description: PGP signature
