MacPorts is hijacking account on MacOSXServer
Jeff Johnson
n3npq at mac.com
Mon Jul 25 16:04:16 PDT 2011
On Jul 25, 2011, at 6:26 PM, David L Ballenger wrote:
>
> On my laptop, which is connected to my Open Directory domain, my personal
> account is set up as a mobile accoun, which means I have an account int the
> local domain with a UID of 1025 and macports got an ID of 1026. That meant
> that the Open Directory user with that ID (my wife) could no longer log into
> her network account using my laptop. I manually changed the macports UniqueID
> to an unused ID in the 500's and she could log in via my laptop again.
>
> Maybe a solution is to have macports look for an unused ID below 1000. Of course
> that might not work it a system has 500 local accounts.
>
FWIW, I've seen some awkwardness with Lion <-> MacPorts assigning uid/gid
numbers, and not just from mobile accounts (thank you for the nice write up!)
I was building and using various add-on monitoring services like
nagios while also trying to set up OD masters/replicas, and MacPorts
started assigning uid/gid numbers non-locally (not in range 500-1000)
while exploring the mysteries of OD.
I think you can find some reproducers also with non-mobile accounts,
and the right answer afaik would be to limit the choice to 500-100.
Any system with >500 local users likely has a competent sysadmin staff
whole will plan out a larger deployment methodically.
JMHO, not a complaint at all: MacPorts and Lion are spiffy, and if all that
is FUBAR is re-arranging some uid/gid assignments … that isn't too hard to do
after the fact.
The mobile accounts uid/gid collision is a harder issue to solve, yes.
73 de Jeff
More information about the macports-dev
mailing list