MacPorts is hijacking account on MacOSXServer
Rainer Müller
raimue at macports.org
Mon Jul 25 14:09:41 PDT 2011
On 2011-07-25 21:44 , Rodolfo Aramayo wrote:
> The latest installation of MacPorts is taking over mobile accounts on
> MacOSXServer
AFAIK mobile account means they have a home exported over the network?
I am not sure if it is NIS/yp, but is this a similar solution?
> Obviously the installer does not determine the presence of 'mobile'
> accounts and finds the next available UniqueID number available and
> assigns it to the 'macports:staff'
The same method has been used for years now to create new system users
for Portfiles. So if you installed anything which required a new user,
you would have run into this problem before, for example the messagebus
user for dbus, polkituser for policykit or mysql for mysql4/mysql5.
If this method is really a problem, you already that before 2.0.0.
> The problem this creates is obvious, mobile users using that
> particular UniqueID lose control over their directories and files
>
> While the problem can be easily fixed by reverting the usernames to
> their old ones, it is not clear to me what implications this will have
> on the macports user. Please advice here
>
> Also I do not understand why the '/opt' directory is not now owned by
> the 'macports:staff' user
As Ryan pointed out, it's /opt/local.
Why should it be owned by macports:staff?
The macports user is being used to drop privileges while building. It is
not meant to own any files on your system as that would defeat its purpose.
Rainer
More information about the macports-dev
mailing list