> > And now you're changing the subject. You've just claimed that *your* > user's group ownership will be overwritten and when challenged you > present the case of *system* user's group ownership being overwritten.
Actually, he showed the rewrite of **system** user (that was modified locally). And, as it already mentioned above, this behaviour violates Gentoo Philosophy of not pretending to be smarter than user and don't dictate them a way to go. So, if the problem is only in the existance of the bug, I can create it tomorrow morning. But it would be great to know that it wont be closed in a minute after with "WONTFIX, works as expected". Also, as already stated, changing the stuff that was modified by user is **prohibited**. P.S. I don't care about your relations with whissi, but let's back to the topic: [big red letters] We should **NEVER** ever rewrite any system configuration made by local system administrator (call it "user" or whatever). Dixi. [/big red letters] Modification of system users and groups are also covered by that user. So, we, actually don't need any changes to disable acct-* things at all and make users to manage all the things by themselves. We need a change that will prevent any changes over **already existing** user. I think we should make it in a manner like: 1) when we install acct-pkg for a first time - CONFIG_PROTECT changes, and let user to review. 2) when we **reinstall** same package - do **nothing**. Although, I'm not sure here: on the one hand, why should we bother users by merging changes they already did before, on the other hand, it can be useful way to reset to defaults in case if "all this stuff is screwed up". 3) when we upgrade acct-package (assuming there was changes) - only allow "positive" changes (group additions), but not negative (dropiing groups), and anyway CONFIG_PROTECT all the changes. Well, there is also "kludgy way": does not globally reimplement anything, but: 1) force CFGPROTECT 2) perform a "light" modification to only perform "positive" modifications (see above) on users/groups, but no "negatives". It will anyway fix the both issues Whissi and OP had. -- Best regards, mva
signature.asc
Description: This is a digitally signed message part.
