Hi, On 2019/11/10 20:21, Michael Orlitzky wrote: > On 11/10/19 12:36 PM, Jaco Kroon wrote: >> What's the motivation for trying to match the UID and GID values from >> other distributions? >> >> I previously tried to motivate a "purely dynamic" allocation with -1, >> I'm showing this as an example where such an implementation would once >> more be beneficial. >> > When sharing resources between multiple systems, you need some sort of > centralized identity management. You can put the users in LDAP, for > example, and then force everything to authenticate against that. But, > doing that right is complicated, and is overkill if you just want to > share some files between two machines. > > Having fixed UIDs and GIDs on all Gentoo systems gives you an easy way > to centralize that identity management: in portage, where the IDs are > hard-coded. Once GLEP81 has been implemented tree-wide, users can trust > that (on new installs, at least), every system user and group will have > the same ID. That gives you a simple way to e.g. mount shared apache > resources without having to learn LDAP. > > If our IDs agree with other distributions, then to the extent possible, > the same thing works cross-distro. > > We don't allow dynamic UIDs because it defeats this whole concept. You > might not care what the ID is, but some of your users will.
Happy. That makes sense. May I proceed to use UID+GID 242 then for asterisk? Seeing that 42 is apparently off limits by the above argument, and 142 could theoretically also end up being problematic. Kind Regards, Jaco
