[OpenAFS] UID conflicts
Brandon Allbery
allbery.b@gmail.com
Tue, 20 Dec 2011 15:17:02 -0500
--f46d0444ef2912179204b48bc076
Content-Type: text/plain; charset=UTF-8
On Tue, Dec 20, 2011 at 14:56, Marcus Watts <mdw@umich.edu> wrote:
> I don't think debian (or ubuntu) make any guarantee uid's will be the
> same even on successive machines - it all depends on the order that
> software is installed.
>
Right. Many software packages have the uids compiled in, but this is
generally considered a bad thing (and the workaround is that distribution
packages with that problem get their uids promoted into the original
password file).
One possible mitigation is that, if you install *all* your machines using
some form of configuration management, you have control over the order in
which packages are installed and therefore some certainty about the order
of uids. But this is only reliable if all systems are installed the same
way, and no packages are added afterward; this is probably not viable.
--
brandon s allbery allbery.b@gmail.com
wandering unix systems administrator (available) (412) 475-9364 vm/sms
--f46d0444ef2912179204b48bc076
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">On Tue, Dec 20, 2011 at 14:56, Marcus Watts <span dir=3D"l=
tr"><<a href=3D"mailto:mdw@umich.edu">mdw@umich.edu</a>></span> wrote=
:<br><div class=3D"gmail_quote"><blockquote class=3D"gmail_quote" style=3D"=
margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div id=3D":3pr">I don't think debian (or ubuntu) make any guarantee ui=
d's will be the<br>
same even on successive machines - it all depends on the order that<br>
software is installed.</div></blockquote></div><br>Right. =C2=A0Many softwa=
re packages have the uids compiled in, but this is generally considered a b=
ad thing (and the workaround is that distribution packages with that proble=
m get their uids promoted into the original password file).<div>
<br></div><div>One possible mitigation is that, if you install *all* your m=
achines using some form of configuration management, you have control over =
the order in which packages are installed and therefore some certainty abou=
t the order of uids. =C2=A0But this is only reliable if all systems are ins=
talled the same way, and no packages are added afterward; this is probably =
not viable.<br clear=3D"all">
<div><br></div>-- <br>brandon s allbery =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0 =C2=A0<a href=3D"mailto:allbery.b@gmail.com" target=3D"_b=
lank">allbery.b@gmail.com</a><br>wandering unix systems administrator (avai=
lable) =C2=A0 =C2=A0 (412) 475-9364 vm/sms<br>
<br>
</div></div>
--f46d0444ef2912179204b48bc076--