who installs LFS root/user
Jesse Tie Ten Quee
highos at highos.com
Tue Oct 10 03:59:05 PDT 2000
First things frist, this is just, In My Humble Opinion and a working
version would be interesting.
On Tue, Oct 10, 2000 at 01:11:24PM +0200, Matthias Benkmann wrote:
> Wouldn't it be useful to create a separate user for every package you
> install? The full name of the user would contain the package name and
> version, the home directory could be the src/ directory for the package
> (or the stow directory if you use stow) and the .plan file could contain
> installation notes like the ftp:// source for the package. That way a
> simple finger can identify every file in the system. All these users would
> be in a group that has write access to bin/, .... but the files in bin/,..
> would be chmod go-w.
> Now if I understand access rights correctly every package would be allowed
Now, like i said, this would be interesting to see...but (IIRC) a group
can only have 32 users (someone correct me if i'm wrong) and adding a
new user for each package..would be having alot of users on my
The trouble of having a setup like that... i would prefer not to have.
It just seems to complicate things more (why do you think i use LFS? to
get away from complicated stuff that distro's do)
> but would not be allowed to delete or overwrite files that belong to other
Overwritting packages are good in most cases... take shadow-utils, you
have to replace alot of programs (passwd, etc).
> For security reasons, those users must be prohibited from logging in
> directly, of course.
Isn't hard todo.
> I was going to try this method when building my LFS system, so I'd
> appreciate comments, especially security-related. Until now I've only
> worked with a prefab distribution so I'm not very experienced as a
prefab...*shudders and grins*
> Ambition is a poor excuse for not having enough sense to be lazy.
Ahh..the makings of a Perl Programmer.
Jesse Tie Ten Quee - highos at highos dot com
Unsubscribe: send email to lfs-discuss-request at linuxfromscratch.org
and put unsubscribe in the subject header of the message
More information about the lfs-dev