- Tools/scripts: Add checkuids.sh, a script to find unreferenced usernames in the UIDs file
- UIDs,GIDs: Cleanup unreferenced entries
Details
Details
- Reviewers
- None
- Group Reviewers
portmgr
I'm going to request an exp-run for this change once it is approved
Diff Detail
Diff Detail
- Repository
- R11 FreeBSD ports repository
- Lint
No Lint Coverage - Unit
No Test Coverage - Build Status
Buildable 72447 Build 69330: arc lint + arc unit
Event Timeline
Comment Actions
I don't think removing entries without checking how long they have been unused is a good idea,
If you mark an entry as free, it means it can be used again, which will most probably lead to conflicts or double entries in /etc/passwd or /etc/groups.
We don't seem to be running out of free uids and gids, a quick grep tells me we have more than 300 free in each.
Comment Actions
I don't think removing entries without checking how long they have been unused is a good idea,
And how long an entry should be unused to make viable for deletion? I doubt we have a policy for that.
If you mark an entry as free, it means it can be used again, which will most probably lead to conflicts or double entries in /etc/passwd or /etc/groups.
I checked how users/groups are created in there is indeed no check for both name and UGID.
I think the solution here would be to check both name and UGID and fail package's installation if the user/group with specified UID exists, but names do not match.
Then let the administrator clean up old entries.
We don't seem to be running out of free uids and gids, a quick grep tells me we have more than 300 free in each.
We'll have to do this sooner or later and here I am to do that. Why wait for free entries to exhaust?
Comment Actions
I'd say at least 10-15 years before an entry can be recycled.
We don't seem to be running out of free uids and gids, a quick grep tells me we have more than 300 free in each.
We'll have to do this sooner or later and here I am to do that. Why wait for free entries to exhaust?
I'm not convinced this solves a real problem.
I don't see this coming up as a problem in practice.
Given the existing backlog of actual framework and ports issues, I'd rather see effort directed there
Comment Actions
Given the existing backlog of actual framework and ports issues, I'd rather see effort directed there
As do I. I'd love other people to work on problems I deem important, but we're all volunteers here. What I don't do, however, is turning down contributions I personally find uninteresting.
Anyways, we can at least get the script in and maybe some UGIDs that I find to be removed 10 years ago?