View previous topic :: View next topic |
Author |
Message |
southsider Guru
Joined: 05 Jul 2004 Posts: 358
|
Posted: Wed Feb 16, 2005 4:15 pm Post subject: How to distinguish human users from system users |
|
|
I see GNOME's "Users and Groups" configuration utility simply relies on UID to decide whether a user is human or not. Isn't this a little messy? I added a user called "icecast" and GNOME now think's it's a human user. If I change it's UID down to one below 1000 then the files it owns will be disowned.
How about adding all human users to the "human" group? This could be a purely superficial group or if you have any need you could use it for more than that?
I realise most UNIXy people don't like dumbing down, but please try and refrain from flaming, and let me know if it's an idea worth submitting somewhere.
Does freedesktop have any guidelines? *Takes a look.* |
|
Back to top |
|
|
psychomunky Guru
Joined: 02 Nov 2004 Posts: 337 Location: Canada
|
Posted: Wed Feb 16, 2005 7:13 pm Post subject: |
|
|
maybe it would be better to do things like check to see if the user has a home directory or not. Or perhaps it could differentiate between whether the account is allowed to login or not. This way Sys admins can continue to do things as they always have (a good sys admin will lock the system accounts so the only way to use them is to su to them).
There should be other ways to tell if a user is "System" or "Human" in other ways besides the userID anyways....
I did read somewhere that traditionally the userids were setup in the way that the gnome application expects for exactly this reason...which means that if it is a POSIX standard, you should be creating your icecast user according to that...not the other way around |
|
Back to top |
|
|
southsider Guru
Joined: 05 Jul 2004 Posts: 358
|
Posted: Wed Feb 16, 2005 7:15 pm Post subject: |
|
|
A lot of system accounts do have home directories still.
Thanks for the info though, will hunt around before I go rambling on at various bugzillas. |
|
Back to top |
|
|
psychomunky Guru
Joined: 02 Nov 2004 Posts: 337 Location: Canada
|
Posted: Wed Feb 16, 2005 8:04 pm Post subject: |
|
|
Yeah I know, I was thinking about this more after I posted and remembered a few of my experiences when I was using a system user and it did have a home directory....this seems to be quite prevalent in the larger corporations I have been at. However, most of the system accounts were locked for security so that the only way to gain access was through a privileged user account.
I am hoping that a few of the more experienced Linux users will pick up this thread and voice their knowledge about such differentiations. |
|
Back to top |
|
|
davey_freeman@yahoo.com n00b
Joined: 16 Jan 2005 Posts: 34
|
Posted: Wed Feb 16, 2005 8:57 pm Post subject: |
|
|
On my system I use an OpenBSD like naming scheme.
All system accounts start with a "_" prefix (except portmap which is used by some binary apps so I didn't touch that).
Other systems put a special string in the comment field of the passwd file to identify system users. |
|
Back to top |
|
|
southsider Guru
Joined: 05 Jul 2004 Posts: 358
|
Posted: Fri Feb 18, 2005 12:59 am Post subject: |
|
|
I don't wanna sound like a kid on a mission, but does using a "human" group sound like a bad idea to anyone?
It would make sysadmin'ing a little more clear for Joe GNOME-User Bloggs (rather than having to rely on UID), and it might be worth spreading around as an idea for freedesktop. |
|
Back to top |
|
|
gkmac Guru
Joined: 19 Jan 2003 Posts: 333 Location: West Sussex, UK
|
Posted: Fri Feb 18, 2005 10:52 pm Post subject: |
|
|
southsider wrote: | I don't wanna sound like a kid on a mission, but does using a "human" group sound like a bad idea to anyone? | Well, there's the "users" group that Gentoo already seems to have in /etc/group |
|
Back to top |
|
|
southsider Guru
Joined: 05 Jul 2004 Posts: 358
|
Posted: Sat Feb 19, 2005 8:20 pm Post subject: |
|
|
That's a good point. What is the purpose of this group? |
|
Back to top |
|
|
|