Underscores in some directory user, group names (Postfix MacPort example)

Jordan K. Hubbard jkh at apple.com
Mon Jan 14 00:55:41 PST 2008 

I'm sorry, Tabitha, but I've read this message twice and I still have  
no idea just what question it is you're actually asking here. :-)

- Jordan

On Jan 13, 2008, at 9:17 PM, Tabitha McNerney wrote:

> Hello Jordan, et al:
>
> Today I was reading my documentation for running a separate OpenLDAP  
> daemon on an Xserve running Leopard Server. I installed the openldap  
> MacPort (which is based on OpenLDAP version 2.3.35) and I was  
> somewhat surprised that the installation created a user with short  
> name "ldap" and a UID of 500 (with a group short name of "ldap" and  
> a gid of 502). The reason this surprised me is that Apple ships with  
> Leopard Server a compilation instance of OpenLDAP 2.3.27 which is of  
> course the basis for OpenDirectory, and which slapd daemon is run by  
> root apparently at boot time (I presume there is a launchd plist for  
> this but I haven't looked yet).
>
> Now, therefore, considering the logic of using underscores as  
> prefixes to avoid namespace collisions since the founders of Unix  
> didn't consider this to be a problem in the 1970s / 1980s, and  
> considering the examples of uids and gids whose corresponding short  
> names that reside in the local domain directory that Apple ships  
> with Leopard Server are, in examples:
>
> _postfix
> _postdrop
> _guest
> _xgridagent
> _spotlight
> _mysql
> _svn
> _www
> _jabber
> _sshd
>
> and the list goes on ...
>
> Why oh why do I not see (when I search the local directory domain of  
> my Leopard Server 10.5.1 instance using WorkgGroup Manager to search  
> on names with underscores in them):
>
> _ldap ???
>
> Am I out of my mind that the ommission of "_ldap" is illogical and  
> without basis and is inconsistent with the namespace issue that has  
> been raised herein this discussoin thread thus far? Would it not be  
> possible, for example, for a person to accidentally choose a short  
> user name of "ldap" just as they might also accidentally do so with  
> a name such as "postfix"? Why does life have to be so complicated --  
> meaning, why do humans create their own unnecessary complexity? We  
> have too many rules we have to remember. Where oh where is my  
> missing friend in Leopard's local directory domain named, "_ldap"?  
> Thus as a result, the openldap MacPort created a separate user  
> account named "ldap". Ugh!
>
> Thanks,
>
> T.M.
>
> On 1/5/08, Tabitha McNerney <tabithamc at gmail.com> wrote:
>
>
> On 1/4/08, Jordan K. Hubbard < jkh at apple.com> wrote:
> This is because the original designers of Unix neglected to take into
> account the notion of user namespaces - the namespace is flat.  That
> means that system or role specific names can conflict with names that
> users would like to use for themselves ( c.f. "admin" or "operator")
> unless you adopt a convention for keeping them separate.  That
> convention is the prefix underscore.
>
> - Jordan
>
> Jordan,
>
> Thank you very much. Makes perfect sense. Its hard to find fault  
> with the original designers of Unix (they probably never would have  
> guessed, decades later, that individuals in the comfort of their own  
> homes would run Unix on a machine that sits in their lap)!
>
> Best,
>
> T.M.
>
> On Jan 4, 2008, at 5:29 PM, Tabitha McNerney wrote:
>
> > Hello all --
> >
> > I just installed the current version of the Postfix port (version
> > 2.4.6) on a Leopard Server system.
> >
> > After the install, I noticed a username and group name of "_postfix"
> > and "_postdrop" respectively, as in:
> > drwx--x---  2 _postfix  _postdrop  102 Jan  4 23:06 public/
> > drwx-wx---  2 _postfix  _postdrop  102 Jan  4 23:06 maildrop/
> > This differs from previous Postfix port installations (UID 27 was
> > "postfix" not "_postfix"). This isn't really a MacPorts specific
> > issue but I'm wondering if anyone knows why Apple changed their
> > naming schema on Leopard, for short names such as:
> >
> > from "postfix" to "_postfix"
> >
> > ?
> >
> > I wonder if this has something to do with becoming fully UNIX
> > compliant? POSIX?
> >
> > Mr. Jordan Hubbard, can you offer some wisdom and perspective on
> > this subject?
> >
> > Thank you,
> >
> > T.M.
> >
>
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/macports-users/attachments/20080114/8e5e5466/attachment-0001.html

More information about the macports-users mailing list